Microsoft Purview compliance portal: New email indicators to alert on exfiltration of business sensitive data to free public

In this update, we are adding two new email indicators to Insider Risk Management. 1. Sending email with attachments to free public domains: This alerts when business-sensitive data is potentially leaked from a work email account to a free public domain email, potentially leading to a data security incident. 2. Sending email with attachments to self: This alerts when business-sensitive data is potentially leaked from a work email account to user's personal email account or emailing self, potentially leading to a data security incident. Admins with appropriate permissions can enable these indicators from the settings page and use these new indicators in the data leaks or data theft policy template. Microsoft Purview Insider Risk Management correlates various signals to identify potential malicious or inadvertent insider risks, such as IP theft, data leakage, and security violations. Insider Risk Management enables customers to create policies based on their own internal policies, governance, and organizational requirements. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to help ensure user-level privacy.

June CY2025
Preview date: March CY2025