RM496149 - Microsoft Purview compliance portal: Insider Risk Management - Personal email triggers

Summary

In this update, we are adding the recently added email indicators in Insider Risk Management as triggers. 1. Sending email with attachments to free public domains - Users will be brought into scope of a policy when business-sensitive data is potentially leaked from a work email account to a free public domain email, potentially leading to a data security incident. 2. Sending email with attachments to self - Users will be brought into scope of a policy when business-sensitive data is potentially leaked from a work email account to user's personal email account or emailing self, potentially leading to a data security incident.

Description

In this update, we are adding the recently added email indicators in Insider Risk Management as triggers. 1. Sending email with attachments to free public domains - Users will be brought into scope of a policy when business-sensitive data is potentially leaked from a work email account to a free public domain email, potentially leading to a data security incident. 2. Sending email with attachments to self - Users will be brought into scope of a policy when business-sensitive data is potentially leaked from a work email account to user's personal email account or emailing self, potentially leading to a data security incident.

Admins with appropriate permissions can enable these indicators from the settings page and use these triggers in the data leaks or data leaks by priority users template.

GA date: November CY2025

Preview date: July CY2025

RM496149Microsoft Purview compliance portal: Insider Risk Management - Personal email triggers

Summary

Description