Microsoft has recently arranged a roadmap service that entails upcoming updates that may catch the attention of some employees. From the software giant’s Microsoft 365 roadmap webpage, the firm described a so-called insider risk management that claims to implement increased visibility among users’ browsers.
According to a blog post of Microsoft, this roadmap is about an update for additional administrator permissions that can help minimise malicious activities among organisations through enhanced detecting and investigating. Furthermore, the software giant also said that the insider policies allow the administrators to define risk types detected within organisations, including acting on the cases and reporting them to Microsoft Advanced eDiscovery if need be.
Some employees may find the update an “elevated level of surveillance” by their organisations as they do their daily duties using Microsoft 365. In a separate blog post, the software giant has mentioned targeting risky activities that could occur inside companies. The compliance centre post described the update in full detail, which user admins of organisations could use as a reference upon its rollout.
The beginning of the compliance centre post seemed thought-provoking for some researchers because it stated how users frequently use web browsers to investigate sensitive and non-sensitive work files.
In addition, the compliance centre monitoring has also mentioned the cases where risky activities occur among users, such as files being copied to personal cloud storage, files being transferred or copied to a network share, files being printed to local or network devices, and files being copied to USB devices.
Organisations can monitor their staff who use Microsoft 365 daily more aggressively as the insider risk management update rolls out.
According to Microsoft, administrators can also calculate the customers’ acknowledged insights related to a user’s behaviour, performance, or character that is also substantially related to their employment. Therefore, researchers conclude that the update can also examine one’s character.
Researchers mentioned that the purpose of the update is understandable, considering that employees who behave suspiciously are the reason as to why there is a need for enhanced security implementation. People who have access to a vulnerable cyber environment always have the possibility of exploiting them.
Nevertheless, researchers consider this subject to represent a lack of human trust, specifically between organisations and their staff.