Insider risk management in Microsoft 365

Increasingly, employees have more access to create, manage, and share data across a broad spectrum of platforms and services. In most cases, organizations have limited resources and tools to identify and mitigate organization-wide risks while also meeting compliance requirements and employee privacy standards. These risks may include data theft by departing employees and data leaks of information outside your organization by accidental oversharing or malicious intent.

Insider risk management in Microsoft 365 uses the full breadth of service and 3rd-party indicators to help you quickly identify, triage, and act on risky user activity. By using logs from Microsoft 365 and Microsoft Graph, insider risk management allows you to define specific policies to identify risk indicators and to take action to mitigate these risks.

Configure insider risk management for Microsoft 365

Use the following steps to configure insider risk management for your organization:

Insider risk solution insider risk management steps

  1. Learn about insider risk management in Microsoft 365
  2. Plan for insider risk management and verify licensing
  3. Configure insider risk management settings
  4. Configure permissions and policy prerequisites & connectors
  5. Create and configure insider risk management policies

More information about insider risk management