Insider risk management


Microsoft Purview Insider Risk Management correlates various signals to identify potential malicious or inadvertent insider risks, such as IP theft, data leakage and security violations. Insider risk management enables customers to create policies to manage security and compliance. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to help ensure user-level privacy.

Employees now have more access to create, manage, and share data across a broad spectrum of platforms and services. In most cases, organizations have limited resources and tools to identify and mitigate organization-wide risks while also meeting compliance requirements and employee privacy standards. These risks include potential data theft by departing employees and risk of data leaks of information outside your organization by accidental oversharing or malicious intent.

Microsoft Purview Insider Risk Management uses the full breadth of service and 3rd-party indicators to help you quickly identify, triage, and act on potentially risky activity. By using logs from Microsoft 365 and Microsoft Graph, insider risk management allows you to define specific policies to identify risk indicators. After identifying the risks, you can take action to mitigate these risks, and if necessary open investigation cases and take appropriate legal action.

Watch the videos below to learn how insider risk management can help your organization prevent, detect, and contain risks:

Insider risk management solution & development:

Insider risk management workflow:


If you're not an E5 customer, use the 90-day Microsoft Purview solutions trial to explore how additional Purview capabilities can help your organization manage data security and compliance needs. Start now at the Microsoft Purview compliance portal trials hub. Learn details about signing up and trial terms.

Configure insider risk management

Use the following steps to configure insider risk management for your organization:

Insider risk solution insider risk management steps

  1. Learn about insider risk management
  2. Plan for insider risk management and verify licensing
  3. Configure insider risk management settings
  4. Configure permissions and policy prerequisites & connectors
  5. Create and configure insider risk management policies

More information about insider risk management