Microsoft Purview Insider Risk Management is introducing the ability to preview content directly within Insider Risk Management alerts, eliminating the need to create a case before reviewing referenced files. Administrators with appropriate permissions will be able to preview relevant content directly within Activity Explorer as part of the alert investigation workflow. This enhancement reduces investigative friction, accelerates triage, and keeps review processes contained within governed security tooling. The feature is currently in development with expected availability beginning June 2026 for GCC High and DoD environments.

Microsoft SharePoint is introducing an admin policy that allows organizations to automatically expire “People in your organization” sharing links after a defined period. Administrators can set organization-wide expiration timeframes—such as 30 days, 90 days, or a custom duration—to prevent internal links from remaining active indefinitely. This update strengthens internal data governance by reducing persistent access to shared content and supporting tighter control over information lifecycle management in regulated environments. The feature is currently in development with expected rollout beginning June 2026 for GCC High and DoD tenants.

Microsoft Purview Insider Risk Management is introducing user analytics to provide deeper visibility into potentially risky behavior across the tenant. These insights surface insider risk context directly within DLP investigations, Communication Compliance alerts, Microsoft Defender XDR user entity pages, and advanced hunting, helping security teams correlate activity across tools more effectively. User analytics can be enabled or disabled at the tenant level and are built with privacy by design, including pseudonymization, role-based access controls, and auditing to support compliance requirements. This update is rolling out beginning January 2026 for GCC High and DoD environments.

Microsoft is extending Insider Risk Management in GCC High to detect risky AI usage in highly regulated environments, giving administrators deeper visibility into how generative AI interacts with sensitive data. New detections focus on prompts and AI-generated responses that include sensitive information or draw from protected files or sites, helping identify potential insider risk tied to automated activity. Coverage spans Microsoft Copilots and third-party AI tools, with built-in privacy controls such as pseudonymization, role-based access, and auditing to support compliance requirements in GCC High and DoD tenants. The update begins rolling out in January 2026.

Microsoft Teams is introducing a new policy setting that requires explicit user consent before recording or transcription can begin in calls. With this update, administrators can enforce consent through Teams Calling policies, ensuring that recordings and transcripts do not start until all participants have agreed. When recording or transcription is initiated, the other participant is automatically muted with camera and content sharing disabled until consent is provided, strengthening privacy protections for sensitive conversations. This feature is rolling out in January 2026 for GCC High and DoD environments.

Tracking permissions is getting easier for Microsoft SharePoint admins. A new report is coming to SharePoint Admin Center which will provide admins with a list of SharePoint sites where a user has permissions, both direct and indirect.

Tracking permissions is getting easier for Microsoft SharePoint admins. A new report is coming to SharePoint Admin Center which will provide admins with a list of SharePoint sites where a user has permissions, both direct and indirect.

Tracking permissions is getting easier for Microsoft SharePoint admins. A new report is coming to SharePoint Admin Center which will provide admins with a list of SharePoint sites where a user has permissions, both direct and indirect.