一键导入
purview-insider-risk-management
Guidance for Microsoft Purview Insider Risk Management (IRM) — detect, investigate, and act on risky user activity (data theft by departing employees, intellectual property leaks, security policy violations) using signals from M365, Entra, Defender, Windows endpoints, HR systems, and Adaptive Protection. Covers policy templates (data theft by departing users, data leaks, security policy violations), HRIS connector setup, indicator selection, sequence detection, anomaly detection, alerts triage, case investigation with content explorer, integration with eDiscovery and Communication Compliance, Adaptive Protection's automatic DLP policy adjustment, privacy controls (pseudonymization), role separation, and tenant-allow-list. WHEN: insider risk management, IRM policy, data theft departing user, IP leak detection, HRIS connector Purview, Adaptive Protection, insider risk indicators, sequence detection Purview, IRM case investigation, IRM privacy controls, IRM pseudonymization, insider risk Sentinel. DO NOT USE for
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。