The net closes in more tightly on employees

I draw your attention to the following new AI monitoring and reporting capability soon to be included in the 365 suite. All users activity monitored & reported on. The short version is that web access, file / resource access and even content of messages ( including OCR of handwriting and images will be scanned for potentially risky behaviour & reports automatically generated. via an AI engine. Whilst enhancing organizational security and reducing risk of data breach this tech is a woke tyrant’s wet dream.

The system is no  customisable yet years of experience (IT in the workplace as senior technologist ) tells me most of the settings will end up as the Microsoft defaults thus Redmond will largely be setting the bar, framework and standards for all encompassing monitoring of the workplace. Each individual will have their own intelligence file generated. This provides the HR dept with hitherto only dreamt of capabilities for example weeding out whistleblowers, firing those no longer in favour. or victims of personal vendetta.

A vast database of individual profiles will be created..  Given the close collaborative relationship of MS to governments and spooks one wonders who might and up with visibility or interference capability as a result. Seemingly much of MS development work is undertaken in the only delightful democracy in the middle east.

Another issue that springs to mind is that unqualified HR staff will be provided with complex profile data hitherto only available to professional trained investigators or the very few that comprehend complex IT systems. I shudder to think what the amateur investigators of the average HR dept or local govt might conclude and action from this wealth of empowering data.

Of course once this framework is in place on a huge well tested customer base it may be tempting for a rogue state to impose a variation to prevent online harm and keep its citizens safe at their own expense for their own good of course.

By insider risk they mean employees  / the workforce.

By passwordless access they mean biometrics or wearables.

All sounds rather totalitarian.

A taster is below

regards Ade



Microsoft 365 compliance center: Insider risk management – Increased visibility on browsers

Landing page

Main Headings

What is risk management?

Learn about insider risk management in Microsoft 365

  • 02/11/2021
  • 11 minutes to read
    • Insider risk management is a compliance solution in Microsoft 365 that helps minimize internal risks by enabling you to detect, investigate, and act on malicious and inadvertent activities in your organization. Insider risk policies allow you to define the types of risks to identify and detect in your organization, including acting on cases and escalating cases to Microsoft Advanced eDiscovery if needed. Risk analysts in your organization can quickly take appropriate actions to make sure users are compliant with your organization’s compliance standards.

Watch the videos below to learn how insider risk management can help your organization prevent, detect, and contain risks while prioritizing your organization values, culture, and user experience:

For the latest Ignite presentations for communication compliance, see the following videos:

For a quick overview of communication compliance, see the Detect workplace harassment and respond with Communication Compliance in Microsoft 365 video on the Microsoft Mechanics channel.

Check out how TD Securities is using communication compliance to address their regulatory obligations and meet their security and stability needs.

Scenarios for communication compliance

Communication compliance policies can assist with reviewing messages in your organization in several important compliance areas:

  • Corporate policies

    Users must comply with acceptable use, ethical standards, and other corporate policies in all their business-related communications. Communication compliance policies can detect policy matches and help you take corrective actions to help mitigate these types of incidents. For example, you could scan user communications in your organization for potential human resources concerns such as harassment or the use of inappropriate or offensive language.

  • Risk management

    Organizations are responsible to all communications distributed throughout their infrastructure and corporate network systems. Using communication compliance policies to help identify and manage potential legal exposure and risk can help minimize risks before they can damage corporate operations. For example, you could scan messages in your organization for unauthorized communications and conflicts of interest about confidential projects such as upcoming acquisitions, mergers, earnings disclosures, reorganizations, or leadership team changes.

  • Regulatory compliance

    Most organizations must comply with some type of regulatory compliance standards as part of their normal operating procedures. These regulations often require organizations to implement some type of supervisory or oversight process for messaging that is appropriate for their industry. The Financial Industry Regulatory Authority (FINRA) Rule 3110 is a good example of a requirement for organizations to have supervisory procedures in place to scan user communications and the types of businesses in which it engages. Another example may be a need to review broker-dealer communications in your organization to safeguard against potential money laundering, insider trading, collusion, or bribery activities. Communication compliance policies can help your organization meet these requirements by providing a process to both scan and report on corporate communications. For more information on support for financial organizations, see Key compliance and security considerations for US banking and capital markets.

Key feature areas

Communication compliance in Microsoft 365 offers several important features to help address compliance concerns on your messaging platforms:

  • Intelligent customizable templates
  • Flexible remediation workflows
  • Actionable insights

Communication compliance home page.

Intelligent customizable templates

Intelligent customizable templates in communication compliance allow you to apply machine learning to intelligently detect communication violations in your organization.

  • Customizable pre-configured templates: Policy templates help address the most common communications risks. Initial policy creation and follow-on updating are now quicker with pre-defined inappropriate content, sensitive information, conflict of interest, and regulatory compliance templates.
  • New machine learning support: Built-in discrimination, threat, harassment, profanity, and image classifiers help reduce misclassified content in scanned messages, saving reviewers time during the investigation and remediation process.
  • Improved condition builder: Configuring policy conditions is now streamlined into a single, integrated experience in the policy wizard, reducing confusion in how conditions are applied for policies.

Flexible remediation workflows

Built-in remediation workflows allow you to quickly identify and take action on messages with policy matches in your organization. The following new features increase efficiency for investigation and remediation activities:

  • Flexible remediation workflow: New remediation workflow helps you quickly take action on policy matches, including new options to escalate messages to other reviewers and to send email notifications to users with policy matches.
  • Conversation policy matching: Messages in conversations are grouped by policy matches to give you more visibility about how conversations relate to your communication policies. For example, conversation policy matching in the Pending Alerts view will automatically show all messages in a Teams channel that have matches for your Inappropriate Content policy. Other messages in the conversation that don’t match the Inappropriate Content policy would not be displayed.
  • Keyword highlighting: Terms matching policy conditions are highlighted in the message text view to help reviewers quickly locate and remediate policy alerts.
  • Exact and near duplicate detection: In addition to scanning for exact terms matching communication compliance policies, near duplicate detection groups textually similar terms and messages together to help speed up your review process.
  • Optical character recognition (OCR) (preview): Scan, detect, and investigate printed and handwritten text within images embedded or attached to email or Microsoft Teams chat messages.
  • New filters: Investigate and remediate policy alerts faster with message filters for several fields, including sender, recipient, date, domains, and many more.
  • Improved message views: Investigation and remediation actions are now quicker with new message source, text, and annotation views. Message attachments are now viewable to provide complete context when taking remediation actions.
  • User history: Historical view of all user message remediation activities, such as past notifications and escalations for policy matches, now provides reviewers with more context during the remediation workflow process. First-time or repeat instances of policy matches for users are now archived and easily viewable.
  • Pattern detected notification: Many harassing and bullying actions take place over time and involve reoccurring instances of the same behavior by a user. The new pattern detected notification displayed in alert details helps raise attention to these alerts and this type of behavior.
  • Translation: Quickly investigate message details in eight languages using translate support in the remediation workflow. Messages in other languages are automatically converted to the display language of the reviewer.
  • Attachment detection: Scan, detect, and investigate linked content (Modern attachments) from OneDrive and Microsoft Teams that match policy classifiers and conditions for Microsoft Teams messages. Attachment content is automatically extracted to a text file for detailed review and action.

Actionable insights

New interactive dashboards for alerts, policy matches, actions, and trends help you quickly view the status of pending and resolved alerts in your organization.

  • Proactive intelligent alerts: Alerts for policy matches requiring immediate attention include new dashboards for pending items sorted by severity and new automatic email notifications sent to designated reviewers.
  • Interactive dashboards: New dashboards display policy matches, pending and resolved actions, and trends by users and policy.
  • Auditing support: A full log of policy and review activities is easily exported from the Microsoft 365 compliance center to help support audit review requests.

Integration with Microsoft 365 services

Communication compliance policies scan and capture messages across several communication channels to help you quickly review and remediate compliance issues:

  • Microsoft Teams: Chat communications for public and private Microsoft Teams channels and individual chats are supported in communication compliance as a standalone channel source or with other Microsoft 365 services. You’ll need to manually add individual users, distribution groups, or specific Microsoft Teams channels when you select users and groups to supervise in a communication compliance policy.
  • Exchange Online: All mailboxes hosted on Exchange Online in your Microsoft 365 organization are eligible for scanning. Emails and attachments matching communication compliance policy conditions are instantly available for monitoring and in compliance reports. Exchange Online is now an optional source channel and is no longer required in communication compliance policies.
  • Yammer: Private messages and public community conversations in Yammer are supported in communication compliance policies. Yammer is an optional channel and must be in native mode to support scanning of messages and attachments.
  • Skype for Business Online: Communication compliance policies support scanning chat communications and associated attachments in Skype for Business Online.
  • Third-party sources: You can scan messages from third-party sources for data imported into mailboxes in your Microsoft 365 organization. Communication compliance supports connections to several popular platforms, including Instant Bloomberg and others.

To learn more about messaging channel support in communication compliance policies, see Detect channel signals with communication compliance.


Communication compliance helps you address common pain points associated with complying with internal policies and regulatory compliance requirements. With focused policy templates and a flexible workflow, you can use actionable insights to quickly resolve detected compliance issues.

Identifying and resolving compliance issues with communication compliance in Microsoft 365 uses the following workflow:

Communication compliance workflow.


In this workflow step, you identify your compliance requirements and configure applicable communication compliance policies. Policy templates are a great way to not only quickly configure a new compliance policy, but to also quickly modify and update policies as your requirements change. For example, you may want to quickly test a policy for inappropriate content on communications for a small group of users before configuring a policy for all users in your organization.


By default, Global Administrators do not have access to communication compliance features. To enable permissions for communication compliance features, see Make communication compliance available in your organization.

You can choose from the following policy templates in the Microsoft 365 compliance center:

  • Monitor for inappropriate content: Use this template to quickly create a policy that uses built-in classifiers to automatically detect content that may be considered inappropriate, abusive, or offensive.
  • Monitor for sensitive information: Use this template to quickly create a policy to scan communications containing defined sensitive information types or keywords to help make sure that important data isn’t shared with people that shouldn’t have access.
  • Monitor for financial regulatory compliance: Use this template to quickly create a policy to scan communications for references to standard financial terms associated with regulatory standards.
  • Monitor for conflict of interest: Use this template to quickly create a policy to monitor communications between two groups or two users to help avoid conflicts of interest.
  • Custom policy: Use this template to configure specific communication channels, individual detection conditions, and the amount of content to monitor and review in your organization.


Use recommended actions to help you determine if you need a sensitive information type policy or if you need to update existing inappropriate content policies.


In this step, you look deeper into the issues detected as matching your communication compliance policies. This step includes the following actions available in the Microsoft 365 compliance center:

  • Alerts: When a message matches a policy condition, an alert is automatically generated. For each alert, you can see the status, the severity, the time detected, and if an Advanced eDiscovery case is assigned and its status. New alerts are displayed on the communication compliance home page and the Alerts page and are listed in order of severity.
  • Issue management: For each alert, you can take investigative actions to help remediate the issue detected in the message.


Get the latest Tap posts emailed to you daily