{"id":233882,"date":"2020-02-20T06:00:24","date_gmt":"2020-02-20T14:00:24","guid":{"rendered":"https:\/\/www.microsoft.com\/en-us\/?p=233882"},"modified":"2022-06-28T12:14:20","modified_gmt":"2022-06-28T19:14:20","slug":"leverage-ai-machine-learning-address-insider-risks","status":"publish","type":"post","link":"https:\/\/www.microsoft.com\/en-us\/microsoft-365\/blog\/2020\/02\/20\/leverage-ai-machine-learning-address-insider-risks\/","title":{"rendered":"Leverage AI and machine learning to address insider risks"},"content":{"rendered":"

The proliferation of data is expanding exponentially every day, creating challenges of privacy, security, and risk. Only the scale and intelligence of AI and machine learning\u2014coupled with the power of human insight\u2014can help organizations to take on the biggest challenges they face.<\/p>\n

We\u2019ve been working closely with our customers\u2014and learning from our own experience as a large organization\u2014to address these challenges. From protecting and governing data to identifying and mitigating external and internal risks, we\u2019ve been investing in cloud-first technology to apply insights at scale to solve these problems together.<\/p>\n

Today, I am excited to announce the general availability of Microsoft Insider Risk Management<\/a> and Communication Compliance<\/a> in Microsoft 365, new solutions to help organizations to address internal risks, such as IP theft or code of conduct policy violations.<\/p>\n

Announcing the general availability of Microsoft Insider Risk Management<\/h3>\n

Chief Information Security Officers (CISOs) face many cybersecurity threats every day, but increasingly, the biggest challenge they confront is insider risk. From IP theft to data leaks to many other scenarios, protecting the data within the organization from inadvertent or malicious actions is paramount for any organization.<\/p>\n

Today, we\u2019re happy to announce the general availability of the new Microsoft Insider Risk Management<\/strong> solution, which helps to quickly identify, detect, and act on insider threats. The solution leverages the Microsoft Graph<\/a> and security services to analyze real-time native signals such as file activity, communications sentiment, and abnormal user behaviors.<\/p>\n

Additional third-party signals from human resources (HR) systems\u2014such as SAP SuccessFactors and Workday\u2014can be integrated via connectors. Then a comprehensive view provides a curated summary of individual risks within your organization and includes a historical timeline of relevant activities and trends associated with each identified user.<\/p>\n

We designed for privacy, so display names for risky users can be anonymized by default to maintain confidentiality and prevent conflicts of interest. End-to-end integrated workflows ensure that the right people across security, HR, and legal and compliance are involved in investigating and acting upon risks quickly.<\/p>\n

Since announcing the solution in November<\/a>, we worked closely with our customers and our internal Microsoft CISO\u2019s team to deliver a solution that addresses the biggest concerns. We heard that one of the biggest features of this born-in-the-cloud solution is the ability to quickly get started\u2014no agents to deploy or manage and no audit data events to configure.\u00a0We also have three new policy templates available\u2014Departing Employee Data Theft, Data Leaks, Offensive Language in Email\u2014which use machine learning and intelligence to correlate signals to identify hidden patterns and risks that manual methods might miss to specifically help you to address these risk scenarios.<\/p>\n

\u201cThe Microsoft Insider Risk Management solution has helped us receive a 9.6 out 10 score from security audits conducted by our clients and their third-party cybersecurity companies.\u00a0Due to the confidential nature of our business and privileged documents stored in our systems, we need to ensure our clients that both inside and outside threats are addressed proactively. It is our ethical duty to preserve and protect client data. With Insider Risk Management, we can now intelligently evaluate relevant insider activities and set up actions to filter and report based on risk associated with the data store\u2014for example, when large volumes of confidential data are copied to external drives or transferred via file sharing products.\u00a0These suspicious activities can now be intelligently identified and escalated to relevant parties, as well as used in our client audits.\u201d
\n\u2014Chad Ergun, Chief Information Officer, Davis Graham & Stubbs LLC<\/p><\/blockquote>\n

Curious about how we addressed the insider risk challenge ourselves? You can hear from Microsoft CISO Bret Arsenault and the team behind the new Insider Risk Management solution on the Microsoft AI blog<\/a>.<\/p>\n

Insider Risk Management will start rolling out to customer\u2019s tenants in the coming days. To learn more, read the Tech Community blog post<\/a> or get started today with a trial of Microsoft 365 E5<\/a>. If you already have Microsoft 365 E5, simply visit your Microsoft 365 compliance center<\/a> to get started.<\/p>\n

Address code of conduct violations with Communication Compliance, now generally available<\/h3>\n

Today, we\u2019re also excited to announce the general availability of Communication Compliance in Microsoft 365<\/strong>, which leverages machine learning to quickly identify and help you act on code of conduct policy violations in company communications channels, while also helping regulated organizations meet specific supervisory compliance requirements.<\/p>\n

Feedback from customers during the preview has been key in helping to shape this product and ensure we were helping them to address the right scenarios in the right ways.<\/p>\n

Here\u2019s what they liked the most:<\/p>\n