Microsoft Purview is a data governance solution that organizations can use to ensure that any internal or external communication meets their compliance standards and regulations. The services is closely integrated with Microsoft 365 services such as Teams, Yammer, Outlook, and more. Essentially, organizations can define policies to perform automated scanning of communication to manage insider risk and detect inappropriate messages. If any piece of communication matches a configured policy, it is forwarded to designated reviewer for further investigation. The solution is primarily powered by machine learning classifiers and it seems that Microsoft is looking to add even more classifiers to Purview.
In a recent update to the Microsoft 365 Roadmap, the Redmond tech giant has added a bunch of classifiers that are currently in development. We have summarized the classifiers with some excerpts below:
- Leavers classifier: Detects messages that explicitly express intent to leave the organization, which is an early signal that may put the organization at risk of malicious or inadvertent data exfiltration upon departure.
- Sexual harassment classifier: Detects explicit instances of sexual harassment as may be outlined in your organization's policies and code of conduct, such as sexual advances, sexual comments and sexual favors.
- Corporate sabotage classifier: Detects messages that explicitly mention acts to deliberately destroy, damage, or destruct corporate assets or property.
- Gifts and entertainment classifier: Detects messages that contain language around exchanging of gifts or entertainment in return for service, which may violate corporate policy.
- Money laundering classifier: Detects signs of money laundering or engagement in acts design to conceal or disguise the origin or destination of proceeds. This classifier expands Communication Compliance's scope of intelligently detected patterns to regulated customers such as banking or financial services who have specific regulatory compliance obligations to detect for money laundering in their organization.
- Stock manipulation classifier: Detects signs of stock manipulation, such as recommendations to buy, sell, or hold stocks in order to manipulate the stock price. This classifier expands Communication Compliance's scope of intelligently detected patterns to regulated customers such as banking or financial services who have specific regulatory compliance obligations to detect for stock manipulation in their organization.
- Workplace collusion classifier: Detects signs of employee collusion, such as price fixing, sharing of trade secrets, or coordinating buying strategies. This classifier expands Communication Compliance's scope of intelligently detected patterns to regulated customers such as banking, healthcare, or energy who have specific regulatory compliance obligations to detect for collusion in their organization.
- Unauthorized disclosure classifier: Detects sharing of information containing content that is explicitly designated as confidential or internal to certain roles or individuals in an organization.
All of these classifiers will be available for all organizations who use Microsoft Purview. They will hit preview status in June and are scheduled to become generally available by September. Another capability the firm is working on is integrating Purview more tightly with Teams so that it can also detect policy matches in cross-tenant channels.
Microsoft has emphasized in the description of each classifier that Purview is built through privacy by design so usernames are pseudonymized by default, role-based access control (RBAC) is backed into the software, and reviewers who will further investigate policy matches need to be explicitly opted in and designated as such by admins.