MC937158 - Microsoft Purview | Insider Risk Management: New scenario-based policy templates

Updated April 3, 2025: We have updated the rollout timeline below. Thank you for your patience.

Coming soon to Microsoft Purview | Insider Risk Management: Two new preconfigured quick policy templates for Crown jewel protection and Email exfiltration. These templates are for admins who want to deploy scenario-specific policy templates with less configuration, to get started faster. The existing quick policies for Data leak and Data theft will continue to be available. You can find all four scenario-based quick policies in Insider Risk Management at Policies > Create Policies. Admins can expect additional turning after deploying these policies to meet individual alert volume needs.

This message is associated with Microsoft 365 Roadmap ID 409966.

When this will happen:

Public Preview: We will begin rolling out late November 2024 and expect to complete by mid-December 2024.

General Availability (Worldwide, GCC, GCC High, DoD): We will begin rolling out late February 2025 (previously early February) and expect to complete by early April 2025 (previously late March).

How this will affect your organization:

Sign in to Insider Risk Management with the admin role permissions
Go to the Policies page at https://purview.microsoft.com/insiderriskmgmt/policiespage
Select Create policy
Select Quick policies
Select either the Crown jewel protection policy or the Email exfiltration policy
Configure policy as applicable (add users to scope, optional priority content, and so on)

The new policies will be on by default.

What you need to do to prepare:

This rollout will happen automatically by the specified date with no admin action required before the rollout. Review your current configuration to determine the impact for your organization. You may want to notify your users about this change and update any relevant documentation.

Learn more: The Quick Policies section in Create and manage insider risk management policies | Microsoft Learn

Updated April 3, 2025: We have updated the rollout timeline below. Thank you for your patience.

This message is associated with Microsoft 365 Roadmap ID 409966.

When this will happen:

Public Preview: We will begin rolling out late November 2024 and expect to complete by mid-December 2024.

General Availability (Worldwide, GCC, GCC High, DoD): We will begin rolling out late February 2025 (previously early February) and expect to complete by early April 2025 (previously late March).

How this will affect your organization:

Sign in to Insider Risk Management with the admin role permissions
Go to the Policies page at https://purview.microsoft.com/insiderriskmgmt/policiespage
Select Create policy
Select Quick policies
Select either the Crown jewel protection policy or the Email exfiltration policy
Configure policy as applicable (add users to scope, optional priority content, and so on)

The new policies will be on by default.

What you need to do to prepare:

Learn more: The Quick Policies section in Create and manage insider risk management policies | Microsoft Learn

Microsoft Purview | Insider Risk Management: New scenario-based policy templates

Message ID

Roadmap ID

Services

Affected Platforms

Summary

Details