Insider Risk Management
Insider risk management is a compliance solution in Microsoft 365 that helps minimize internal risks by enabling you to detect, investigate, and act on malicious and inadvertent activities in your organization.
Increasingly, employees have more access to create, manage, and share data across a broad spectrum of platforms and services. In most cases, organizations have limited resources and tools to identify and mitigate organization-wide risks while also meeting compliance requirements and employee privacy standards. These risks may include data theft by departing employees and data leaks of information outside your organization by accidental oversharing or malicious intent.
Insider risk policies allow you to define the types of risks to identify and detect in your organization, including acting on cases and escalating cases to Microsoft Advanced eDiscovery if needed. Risk analysts in your organization can quickly take appropriate actions to make sure users are compliant with your organization's compliance standards.
Insider risk management is centered around the following principles:
-
Transparency: Balance user privacy versus organization risk with privacy-by-design architecture.
-
Configurable: Configurable policies based on industry, geographical, and business groups.
-
Integrated: Integrated workflow across Microsoft 365 compliance solutions.
-
Actionable: Provides insights to enable reviewer notifications, data investigations, and user investigations.