Mastering Insider Risk In Microsoft Purview: The Ultimate Guide! | Peter Rising MVP
HTML-код
- Опубликовано: 10 июн 2023
- Mastering Insider Risk In Microsoft Purview: The Ultimate Guide!
In this video, I'll be demonstrating how to manage Insider Risk in Microsoft Purview.
This demo will show you how to use Insider Risk Management with:
• Policies
• Alerts
• Cases
• And more!
If you're responsible for managing the risk associated with insider information in your organisation, then you'll want to watch this video!
Useful links:
Create and manage insider risk management policies: learn.microsoft.com/en-gb/mic...
Configure Microsoft 365 HR connector: learn.microsoft.com/en-gb/mic...
Insider risk management: learn.microsoft.com/en-us/mic...
🔔Unlock the full potential of Microsoft technologies! Subscribe for exclusive demos, tips, and guides to take your skills to the next level. Your tech education starts here!
www.youtube.com/@peterrisingM...
🔗 Stay Connected With Me.
👉Linkedin: / peterrising
=============================
✅ Recommended Playlists
👉 Microsoft 365
• Experience The Magic O...
👉 Microsoft Entra / Azure AD
• Unlock The Entra ID Co...
✅ Other Videos You Might Be Interested In Watching:
👉 SC 400 Exam Prep: Demystifying Trainable Classifiers in Microsoft Purview!
• SC-400 Prep Tips: Trai...
👉 🔒 *Microsoft Security Copilot: Everything You Need to Know!* 🔒
• Microsoft Security Cop...
👉 Microsoft Entra Verified ID: A Comprehensive Guide!
• Microsoft Entra Verifi...
👉 SC-400 Exam Success: Deep Dive into Document Fingerprinting!
• SC-400 Exam Success: D...
👉 Mastering Productivity with Microsoft 365 Copilot - with Natalia Denisiuc!
• Boost Productivity Wit...
=============================
✅ About Peter Rising MVP.
Welcome to my RUclips channel. My name is Peter Rising. I am a Microsoft MVP and have worked with Microsoft technologies for over 30 years.
This channel aims to share my knowledge with the community. The content will be mostly technical, including demos, deep dives, tips and tricks, and exam guides. I want to help people learn Microsoft 365 and Azure Active Directory from the beginning or improve their existing skills.
Please hit the subscribe button and the notifications bell, and if you like my videos, please hit that like button and leave a comment.
Thank you so much for your support.
🔔Elevate your Microsoft skills with Peter Rising! Subscribe for expert demos, deep dives, and essential Microsoft 365 and Azure tips. Start mastering tech today!
www.youtube.com/@peterrisingM...
=================================
#microsoft365 #m365 #activedirectory #azuread #security #azure
⚠️Disclaimer: I do not accept any liability for any loss or damage incurred from you acting or not acting as a result of watching any of my publications. You acknowledge that you use the information I provide at your own risk. Do your research.
Copyright Notice: This video and my RUclips channel contain dialogue, music, and images that are the property of Peter Rising MVP. You are authorised to share the video link and channel and embed this video in your website or others as long as a link back to my RUclips channel is provided.
© Peter Rising MVP Наука
It's a great video.lot of information can be achieved from here.
Question:if the user activities are set anonymous how will we check which user performed the activity which caused the alert?
Thank you so much. You know, that is a good question. I presume an admin could turn off anonymisation and then see, and then turn it back on again. 🤷🏻♂️
Sorry for the video quality on this one. I messed up. Hope it's not too distracting.
I didn't think it was bad and I was watching on my mobile. I believe the warning you had in your policy was simply that it hadn't been triggered in a while which could indicate and error in configuration. It's probably fine, it just hasn't triggered
@@1980telboy Thank you mate. Maybe you only see it if you know it's there. Yeah, that could be the error maybe. It was all fine when I created it.
Great demo. I have a question regarding Policy Indicators. Would having more Policy Indicators enabled than are needed have a negative effect on an Insider Risk policy? Or is it the more the better scenario? Could extra potentially generate false positives?
Hi, thank you for becoming a member of the channel. I appreciate your support.
As far as policy indicators are concerned, I'm not aware of any drawbacks to having more enabled. I would think the more the better really. But as with anything else, it may be a matter of trial and error.
Having too many enabled can significantly affect the amount of results you get. Alert fatigue is a real problem with Insider Risk Management. It's good to have a clear idea from the off what data is going to be useful. As with most things Purview it is not set and forget, it requires an iterative process.
How does the licensing work for this? Does each user require an E3/E5 license?
E5 licence is required for all.
Good video but would be good on your video to explain more, or give demos of the settings instead of just reading them and saying you can toggle this 'on'. This adds no context to the implications of turning the settings on/off
I do plan to revisit this topic. Thanks for your thoughts.
@@peterrisingM365 agreed this is a big gap across Microsoft Purviews documentation for IRM. A lot of overviews from but not much impact analysis.
Are we all going to ignore that he asked if anyone knew what the warning he is getting on the policies? 🤔🤔🤔😏😏😏😏
This vid was a while back now. What did I say? I really don’t remember. I’d have to check it out. 😆
@@peterrisingM365 Hi Peter, thanks for replying. So theres this thing about Policy warnings at 28:20 you kinda asked for input from everyone