Microsoft Purview Insider Risk Management

Quickly identify and take action on insider risks with an integrated end-to-end approach.

See plan and pricing

A person using a large touchscreen desktop monitor.

Take action on insider risks

Intelligently identify, investigate, and take quick action on insider risks.

Built-in privacy

Manage data risks with pseudonymization and strong controls.

Rich insights

Identify hidden risks with customizable machine learning templates requiring no endpoint agents.

Collaborate on investigations

Work with teams across security, human resources, and legal departments with integrated investigation workflows.

Learn more about Insider Risk Management

Discover how to get started and identify potential risks across a broad range of user activities with this guided video.

Addressing insider risks is a challenge

93%

of organizations are concerned about insider risks¹.

25%

of all data breaches are due to insider activity².

77 days

average time to contain an insider incident³.

Key features of Microsoft Purview Insider Risk Management

Potential data leak activities in Microsoft 365 compliance.

Analytics

Conduct an evaluation of potential insider risks in your organization without configuring any insider risk policies.

Learn more

Policy template creation in Microsoft 365 compliance.

Machine learning playbooks

Quickly create a policy with customizable machine learning templates that require no scripting or endpoint agents to deploy.

Learn more

An Insider risk management overview in Microsoft 365 compliance.

Guided experience

Get step-by-step guidance when you onboard to Insider Risk Management.

Learn more

Suspicious access alerts being displayed in Microsoft 365 compliance.

Healthcare playbook

Identify patient data misuse risks with built-in indicators and detectors that use data from electronic medical record systems.

Learn more

A confidentiality obligation alert in Microsoft 365 compliance.

Contextual alert review

Easily understand the context of an alert to help focus your investigation on the riskiest activities.

Learn more

Updates in a potential IP theft case in Microsoft 365 compliance.

Case management

Deeply investigate and act on issues generated by risk indicators defined in your policies.

Learn more

Analytics

Conduct an evaluation of potential insider risks in your organization without configuring any insider risk policies.

Learn more

Machine learning playbooks

Quickly create a policy with customizable machine learning templates that require no scripting or endpoint agents to deploy.

Learn more

Guided experience

Get step-by-step guidance when you onboard to Insider Risk Management.

Learn more

Healthcare playbook

Identify patient data misuse risks with built-in indicators and detectors that use data from electronic medical record systems.

Learn more

Contextual alert review

Easily understand the context of an alert to help focus your investigation on the riskiest activities.

Learn more

Case management

Deeply investigate and act on issues generated by risk indicators defined in your policies.

Learn more

See what our customers are saying

Additional resources

Accelerate time to action

Read the blog for the latest news and updates about Insider Risk Management.

Learn more

Get started

Explore detailed information to help you get started with Insider Risk Management.

Learn more

Interactive guide

Quickly become familiar with Insider Risk Management capabilities.

Visit the guide

Video series

Learn how Insider Risk Management can help you quickly identify and take action on potential insider risks.

Watch the series

Get started with Microsoft Security

See plan and pricing

Try for free

^{1. 93% of organizations are concerned about insider risks (Insider Risk Management, Microsoft Market Research, January 2021)

2. 25% of all data breaches are due to insider activity (Communication Compliance, Microsoft Market Research, May 2021)

3. 77 days average time to contain an insider incident (2020 Cost of Insider Threats: Global Report, The Poneman Institute.)}