Insider risk capabilities in Microsoft 365

https://docs.microsoft.com/en-us/learn/modules/describe-insider-risk-capabilities-microsoft-365/

Insider risk management solution

https://docs.microsoft.com/en-us/learn/modules/describe-insider-risk-capabilities-microsoft-365/2-management-solution

• In Microsoft 365 compliance center
• Enables organizations to detect, investigate, and act on risky or malicious activity

Communication compliance

https://docs.microsoft.com/en-us/learn/modules/describe-insider-risk-capabilities-microsoft-365/3-describe-communication-compliance

• Detect, capture, and take remediation actions for inappropriate messages
• Supports
  • Emails
  • Teams
  • Yammer
  • Third party services

Information barriers

https://docs.microsoft.com/en-us/learn/modules/describe-insider-risk-capabilities-microsoft-365/4-describe-information-barriers

• Restrict communications between groups/users
• Only supports two-way

Privileged access management

https://docs.microsoft.com/en-us/learn/modules/describe-insider-risk-capabilities-microsoft-365/5-describe-privileged-access-management

• Granular access control over privileged admin tasks
• Operate with zero standing access
• user only receives level of access when they need it
• Uses Just-inTime (JIT)

Customer lockbox

https://docs.microsoft.com/en-us/learn/modules/describe-insider-risk-capabilities-microsoft-365/6-describe-customer-lockbox

• Allows Microsoft support to access customer data
• Requires customer approval workflow to be executed
• Supports
  • Exchange
  • OneDrive
  • SharePoint