Adaptive Protection in Microsoft Purview works alongside Microsoft Purview Insider Risk Management to automatically adjust data loss prevention (DLP) policies based on user behavior. This adaptive approach ensures that data protection evolves as risk levels associated with specific users change.
When Insider Risk Management identifies risky behaviors, Adaptive Protection assigns users to a risk level, Minor, Moderate, or Elevated. Based on these assignments, DLP policies dynamically apply stricter controls for higher-risk users, such as blocking data transfers, while more lenient policies are applied for lower-risk users. As risk levels shift, policies update accordingly.
How Adaptive Protection works
- Dynamic risk levels: Users are assigned a risk level based on their behavior, which updates automatically as new information about their actions emerges.
- DLP policy integration: Adaptive Protection adds the Insider risk level for Adaptive Protection is condition to DLP policies. This allows DLP rules to apply different protections for users based on their risk level in services such as Exchange Online, Teams, and Devices.
Configure Adaptive Protection policies
Before you can create DLP policies using Adaptive Protection, you must enable it within Insider Risk Management. This integration ensures DLP policies can adapt dynamically to changing user risk levels.
Leave a Reply