Services
Affected Platforms
Summary
Microsoft Purview | Insider Risk Management will allow generative AI app activities to be used as policy triggers, enhancing flexibility and precision. Public preview starts in early July 2025, with general availability in late September 2025. Admins should review and update policies accordingly. More details can be found in the Microsoft 365 Roadmap ID 484083.
Details
We will enhance Microsoft Purview | Insider Risk Management: by allowing generative AI app activities to be used as triggers in Risky AI usage policies. This enables organizations to define specific conditions that bring users into policy scope based on their interactions with generative AI tools. These activities will continue to contribute to risk scoring.
This message is associated with Microsoft 365 Roadmap ID 484083.
When this will happen:
Public Preview: We will begin rolling out early July 2025 and expect to complete by late July 2025.
General Availability (Worldwide): We will begin rolling out late September 2025 and expect to complete by late September 2025.
How this will affect your organization:
With this update, admins can configure policies to use generative AI app activities as triggers, expanding the flexibility and precision of Insider Risk Management. This change may affect which users are brought into policy scope based on their AI usage patterns.
This capability will be available by default but requires admin configuration to take effect. You can configure the feature at Insider risk management > Policies > New insider risk policy > Triggering event > Risky or sensitive content in Microsoft Copilot experiences, Enterprise AI apps and web versions of other AI apps:
What you need to do to prepare:
This rollout will happen automatically by the specified dates with no admin action required before the rollout. Review your current Insider Risk Management policies. Consider editing existing Risky AI usage policies or creating new ones to include generative AI app activities as triggers. You may want to notify your admins and/or users about this change and update internal documentation.
Microsoft Purview Insider Risk Management correlates various signals to identify potential malicious or inadvertent insider risks, such as IP theft, data leakage, and security violations. Insider Risk Management enables customers to create policies based on their own internal policies, governance, and organizational requirements. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to help ensure user-level privacy.
Learn more: The section called Risky AI usage (preview) in Learn about insider risk management policy templates | Microsoft Learn (will be updated before rollout)