Is Microsoft Purview going too far, or not far enough?

security, security concept, eyes-1163108.jpg

Is Microsoft Purview going too far, or not far enough? Many things happen on a day to day basis within an organisation. Employees look for new roles, they reply to emails that could be less than 100% above board, but does this mean that Employers should be using policy to detect things like: Leavers, Corporate Sabotage, Gifts and Entertainment.

Sabotage is self explanatory and I agree, though I would hate for my email talking the about last years Christmas part “That was da’ bomb” and “How everyone around was on fire that night”, being alerted because of key words and Machine Learning determining that I am actually referring to destroying the premises!

Of course who am I kidding, there have been no Christmas parties for two years so Microsoft Purviews Communication Compliance will of course correctly assume the worst.

I feel there is a point where business is going to overstep what is fair and equitable in an Employee / Employer relationship. After all we choose to work with one another and some of these new Classifiers for Microsoft Purview take the employee / employer relationship past something that should be mutually beneficial and onto something akin to a prison sentence.

Is Microsoft Purview going too far, or not far enough?
Vendor gifts are commonplace, when is too much?

The following paragraph is as sent by Microsoft to customers of Microsoft Purview.

The update coming to Microsoft Purview

Coming soon to public preview, we’re rolling out several new classifiers for Communication Compliance to assist you in detecting various types of workplace policy violations.

This message is associated with Microsoft 365 Roadmap ID 93251, 93253, 93254, 93255, 93256, 93257, 93258

When this will happen:

Rollout will begin in late June and is expected to be complete by mid-July.

How this will affect your organization:

The following new classifiers will soon be available in public preview for use with your Communication Compliance policies.

  • Leavers: The leavers classifier detects messages that explicitly express intent to leave the organization, which is an early signal that may put the organization at risk of malicious or inadvertent data exfiltration upon departure.
  • Corporate sabotage: The sabotage classifier detects messages that explicitly mention acts to deliberately destroy, damage, or destruct corporate assets or property.
  • Gifts & entertainment: The gifts and entertainment classifier detect messages that contain language around exchanging of gifts or entertainment in return for service, which may violate corporate policy.

Money laundering: The money laundering classifier detects signs of money laundering or engagement in acts design to conceal or disguise the origin or destination of proceeds. This classifier expands Communication Compliance’s scope of intelligently detected patterns to regulated customers such as banking or financial services who have specific regulatory compliance obligations to detect for money laundering in their organization.

Stock manipulation: The stock manipulation classifier detects signs of stock manipulation, such as recommendations to buy, sell, or hold stocks in order to manipulate the stock price. This classifier expands Communication Compliance’s scope of intelligently detected patterns to regulated customers such as banking or financial services who have specific regulatory compliance obligations to detect for stock manipulation in their organization.

Unauthorized disclosure: The unauthorized disclosure classifier detects sharing of information containing content that is explicitly designated as confidential or internal to certain roles or individuals in an organization.

Workplace collusion: The workplace collusion classifier detects messages referencing secretive actions such as concealing information or covering instances of a private conversation, interaction, or information. This classifier expands Communication Compliance’s scope of intelligently detected patterns to regulated customers such as banking, healthcare, or energy who have specific regulatory compliance obligations to detect for collusion in their organization. 

What you need to do to prepare:

Microsoft Purview Communication Compliance helps organizations detect explicit code of conduct and regulatory compliance violations, such as harassing or threatening language, sharing of adult content, and inappropriate sharing of sensitive information. Built with privacy by design, usernames are pseudonymized by default, role-based access controls are built in, investigators are explicitly opted in by an admin, and audit logs are in place to ensure user-level privacy.

In conclusion, is Microsoft going too far?

Microsoft are a software vendor, Purview communication compliance functionality is not a decision made by Microsoft, it comes from organisational requests who wish to have this detail about their staff.

My advice would be for organisations looking to implement these rules to be very clear in their corporate policies about what is being tracked and recorded and for this policy to be reviewed and signed by employees on a regular basis.

Having your policies made clear ensures that your staff not only know what is appropriate but also think twice before sending that email about the boozy afternoon drinks being offered by vendor x.

Purview a final note

Of course these policies do not need to be enabled at all and there are included as another part to the Microsoft Purview arsenal showing that the Purview product suite has a lot of room to grow into a very comprensive solution for protecting corporate information.

Please let me know in the comments your opinion about Microsoft Purview, or send me an email at: [email protected]

As always please contact me here if I can assist with Microsoft Purview or any other Information protection questions or concerns that you may have.

Leave a Reply

Your email address will not be published.