Microsoft Entra Suite Tech Accelerator
Aug 14 2024, 07:00 AM - 09:30 AM (PDT)
Microsoft Tech Community

New Blog | Protect your data and recover from insider data sabotage

Microsoft

By Erica Toelle

 

Insider risks are a top cause of data breaches. Nearly two-thirds (63%) of data breach incidents originate with insiders, while only 37% stem from external threats like stolen credentials[1]. Some of the risk from Insiders comes from well-meaning employees that make a mistake. Other activities may be malicious, like deliberate sabotage of sensitive and valuable data. Organizations may feel they need to implement stringent controls to protect their data from insider risks, but that approach can have a negative impact on employee productivity. How can organizations find a balance between appropriate oversight and the day to day demands of the business?

 

Today, we are announcing the public preview of Adaptive Protection integration with Adaptive Protection in Microsoft Purview helps you protect your organization’s data by integrating dynamic insider risk levels, as determined by data related activities, with various policy engines to automatically move users in and out of policies as their risk levels change over time.

 

Protect your data from sabotage with Adaptive Protection in Data Lifecycle Management

To explain further, let’s look at an example of how Adaptive Protection in DLM helps you to decrease the impact of an insider data sabotage event and recover more efficiently. In this example, a member of the sales team engages in activity that increases his insider risk level over time. For example, they may have downloaded unusual amounts of files that contain sensitive data or tried to email it to someone outside the organization. Now the person submits their resignation which raises them to the elevated insider risk level.

 

DavidFernandes_0-1715106819219.png

 

Figure 1: How Adaptive Protection in Data Lifecycle Management protects data during a sabotage event.

 

Read the full post here: Protect your data and recover from insider data sabotage

 
0 Replies