Microsoft Purview Data Governance Reviews

We migrated everything to the Azure cloud. Microsoft Purview was coming up at the time, and we also started looking into their other products such as Microsoft Power Platform, particularly Power BI. We wanted to see how these particular tools can go head to head and how they would be useful. This is when we started with Microsoft Purview. The POC itself took more than a year because it was not easy. The tool was growing. It took a long time to get their product support help to fix some of the issues and features. 

In the last year, we started using it for a few things. One is mainly data protection. We mainly targeted the scenarios where when someone is sending a document in an email or labeling a document as confidential, what the person receiving the document can do. 

We are trying to cover Microsoft 365-related products. We are trying to use it for the data discovery process. That is the end goal. Across the organization, we want people to be able to find the data easily. There is a kind of data marketplace, and we started to use it for data discovery.

Data discovery is one of the beautiful things of Microsoft Purview. We mostly have Microsoft products, so it has been helpful, but we are continuously growing. We are still in the learning stage with this product. We are trying to onboard only a small amount of data, and then we will see how we can curate the data so that it is meaningful. Slowly, and probably after a year, we will come to know how efficiently we are using Microsoft Purview as a part of the data discovery phase.

Microsoft Purview is a cloud-native app. So far, we have only used it with Windows with Chrome or Edge browser, and it works seamlessly. It is not a problem. We have not used it with other OSs, but it should work with them.

Microsoft Purview was built taking into account critical regulations from around the world. Data classification is one of the beautiful features. It works seamlessly.

Microsoft Purview's natively integrated compliance across Azure, Dynamics 365, and Office 365 is perfect.

Microsoft Purview enables you to show your compliance in real time. There is the Insights dashboard, which is particularly for security officers. They can always go and have a look. If there are any compliance issues with the portal, they can always go and check anytime.

Microsoft Purview has helped to reduce the time to action on insider threats, but I do not have the metrics. We are in the discovery phase. After a year, we should be able to provide exact metrics. As of now, we just look into the issue and take action. It is helping to reduce the errors. In terms of percentage, there are about 20% savings.

Microsoft Purview will save us time and overall product delivery costs. Product data discovery should be easy, which will reduce the overall product delivery time. This is something that we are working on. There should be at least 10% savings on the project delivery time.

There are several features. Their data labeling or data classification is particularly valuable because we want to categorize all of our data into confidential, public, or internal. Microsoft Purview works seamlessly with the Microsoft product suite, including Office 365, to schematize the data assets, so data labeling and classification have been helpful.

Microsoft Purview can connect with all of our security-related things across Office 365. It easily connects with Microsoft Defender. The integration with Microsoft Defender is good.

It works well for schematized data assets for lineage tracking. Overall, it works well if someone is using mostly Microsoft products.

It is still growing. It does not meet all the requirements from the security point of view. It supports only a limited number of tools and technologies that pertain to Microsoft products. If you want to leverage other solutions such as Workday or Oracle Fusion, features will be coming up, but as of now, it is for the Microsoft suite. 

It is still growing as a data connector platform for supporting ingestion from non-Microsoft data sources, so not all the products are supported as of now. 

As a data catalog tool, it needs to have a connection with all the sources. This improvement is definitely needed because they are supporting only Microsoft-related products but not third-party products.

We started to explore Microsoft Purview when they launched it. It was the end of 2021.

It is a stable product, and continuous improvements are always coming in. After a year, it probably will be a complete tool for all sorts of uses. I would rate it an eight out of ten for stability.

It is unlimited. I would rate it a ten out of ten in terms of scalability.

We currently have 10 to 20 people using the tool. It is deployed as part of information technology from the IT management, and we try to circulate it by onboarding various sets of users from various departments.

Last week, I raised an issue with technical support. It issue was a priority for us. Within a couple of hours, they got back. They were efficient with this particular product. I would rate them a nine out of ten.

Positive

We used some of the manual processes. We built a data catalog using Vast data services.

It is deployed on the cloud. The deployment time is much less, but because it is a data cataloging tool, curating the data takes time. Spinning of the environment and starting it can be done in a couple of hours.

It definitely requires maintenance from the data security and data scanning point of view.

We have a data governance team. 

It is cheap. It is based on consumption. If somebody wants to start using it, the price is definitely cheaper than a tool like Collibra.

I would definitely recommend Microsoft Purview. However, it is not good for data quality. If you are not looking for data quality and you only want a complete security and data cataloging tool, it is perfect.

It is still maturing. At this time, I would rate Microsoft Purview a six out of ten.

We use it to integrate the audit log with Power Platform to extract all the relevant information and explore to what extent we can enforce certain retention and sensitivity levels. We need to enforce those levels on data locations like Microsoft Dataverse. We also need to determine how to process SharePoint lists that are being fed by Power Apps or Power Automate flows.

I also work with a lot of legal departments, and we're working on legal matter management, where documents need to be retained for a certain amount of time and then they need to be processed.

On a scale of one to 10, I would have to rate it at least an eight when it comes to protection across multi-cloud and multi-platform environments. If its execution were more perfect, I would even give it a 10. These days, there are too many people with administrative passwords and credentials. Purview relieves a lot of the pressure from having multiple people in the field with knowledge of several topics. We can reduce that by at least 30 percent, if not 60 percent. I'm not a fan of having too many people with the keys to the castle. Purview enables an administrator with a small team to manage a group of 20,000 people.

One of our major clients is in banking and insurance, and we would not be able to deploy a lot of the Microsoft products if not for the exact commitment by Microsoft to take into account critical regulations from around the world. Obviously, since Microsoft is a U.S.-based company, they're going to first launch their products and their infrastructure based on U.S. data centers, which is exactly what we can't have under the GDPR law.

Also, with respect to vulnerability management, a lot of pressure is taken off the administrator when using Microsoft Purview or infusing Purview with information from the Security Center to give you a manageable overview of a lot of numbers.

I really like the entire system for auto-labeling content. It's a very refined system. I use the Keyword Query Language to define refined string-based metadata, and then I can really go deep into the specific data with the specific properties labeled in such and such a way. That's a very good basis for the use cases that I have. That gives me a lot of leeway and a lot of freedom to really enclose a lot of specific use cases.

Another thing I'm very much a fan of is the notion of machine-learning-based labeling. However, as with syntax, which I'm a big user of as well, the automatic machine-learning-based labeling and identification still requires you to do a lot of work to make it work. But you can really fine-tune it, and I love that part.

Beyond the labeling, when talking about the audit log, what I very much like is that it's very well integrated. You can use the audit log to focus and zoom in on your needs. You can use querying and a lot of good filtering on that as well. I use it for a lot of regulatory processes where I need to figure out who accessed what document at what time, after which changes. I really love that. From a single place I can manage pretty much our entire regulatory system. I'm a compliance-focused person. I work a lot with the GDPR law in Europe. Purview allows for a lot of AI-based identification of GDPR-sensitive data. That really helps with organizations such as one of my clients, which is an organization with 20,000 knowledge workers.

As long as we stay within the Microsoft ecosystem, natively integrated compliance is absolute legend. It's a divine ability to have a clear view of what's happening in our tenant. I love every aspect of it. You can set rules and different forms of triggers to implement automated actions based on exports from the audit logs, as well as alerts that you trigger for anything that is happening in your Microsoft ecosystem. That is extremely valuable. That is what enables you to go from needing 10 people to administer an environment to needing three. There's a lot of financial gain there, as well as control over human error.

In addition, when you look at vulnerability management, there are multiple options for a point-based, almost gamification-based system. You just need to tick these boxes and that will get you X points. I want to work towards more than 80 percent compliance and more than 80 percent of the vulnerabilities managed. To get to that point, and to have a clear overview, is very difficult when handling thousands of users and thousands of devices. But turning those numbers into graphics and statistics that even make sense to your management is a capability of Microsoft Purview. If you need to implement changes, there are numbers there that non-IT management and business staff can understand.

My specialty is not in explaining to management what the risks are of having something break or what gain there is in mitigating a vulnerability. However, Microsoft Purview helps you have an overall perspective of your IT landscape.

If you feel that an organization needs to evolve in a certain way, you want to try and explain a vulnerability from a technical perspective. For example, we might need to exchange this key with that key, or move to customer-owned keys. You can't explain to them why they should invest because they don't understand these technical issues. But Purview is very strong at showing you statistics. It shows you that this issue is present in X percent of the users or Y percent of the devices. It then enables you to implement those changes with rules and so that you don't have to manually configure the changes for every user or device. Purview fits perfectly into that approach because it tells you which groups of people have active issues.

I would like to see it connect more. The macOS-related audit logs are extensive for the M365 ecosystem. But when we're talking about managed devices, I'm missing the capabilities that you have with monitoring both Android and Windows-based devices. In a perfect world, if Apple and Microsoft could get along a little better and have more extensive information in that audit for Apple-based products, we would have a perfect machine. I don't see how there would be another best-in-class candidate.

Also, my focus is mainly on SAP, ServiceNow, and Jira connectivity. And for those, we do still employ non-Microsoft solutions. I would love to integrate everything with SIEM into Microsoft Sentinel, but we can't push that through with a large client just yet. While I like the effort that is being put into non-Microsoft data sources, I'm not always happy with the information that is available.

By comparison, the level of detail that I have in our SharePoint environment is perfect visibility of what everyone is doing. When we're talking about Windows devices, I have perfect visibility into what they're doing with their devices. I lose a little bit of that control when we're talking about third-party connectors. Compliance-wise, I would like to see more ability to audit from a user perspective, where I could extrapolate what the user was thinking or trying to do. That would allow me to enforce rules that are less restrictive. I would like to give as much freedom as possible, as long as people are not acting with bad intent.

Purview enables you to let go of—I would not call them "unnecessary staff"; but we always have to downsize where possible. We can now do the work of 10 administrators with only three. We can now manage a 5,000-user environment with just one administrator on Purview. That gives us a lot of leeway in project budget to focus on expanding and improving the network, the setup, and user adoption as well. In a company of 5,000 users, being able to let go of one administrator enables you to set up a "champion" program and educate your users. You can't just block users from doing things that are wrong. You have to teach them how to use the product in the correct way. Microsoft Purview, the way it has been evolving, enables you to do that.

I have been using Microsoft Purview for about a year and a half.

This is a cloud product, so there might be frustration sometimes with certain functionalities not being optimally functional. But specifically with Microsoft Purview, I have yet to encounter a single sign-in log that is not present. I have yet to encounter any activity logs that are not present. I have yet to encounter any missing data when I need to do a checkup.

Would I like the data to be more up-to-date, when management is breathing down my neck, to see what happened in the last five minutes? Yes. It would make my life easier, but I do not feel that is the technology's responsibility. I would never put that on Microsoft Purview.

People often and unjustly say that Microsoft product pricing is not in the scope of reality, that it's just too expensive at times. I do not feel that is the case at all. The difference between an E3 and an E5 license, with regard to how much control you have, is very significant. If I'm able to let go of 30 to 70 percent of my IT administration staff, that makes up for a lot of money. That makes up for a lot more than a monthly subscription. 

The pricing system of Microsoft Purview allows for profit more than it is a financial drain. You have to organize your organization well. You can't just keep the old mentality. You have to change your way of working. You have to rely less on people who can make errors and more on setting up the right configuration and thinking ahead. You need to create a future-proof setup with your configuration and your rules. There is an initial investment attached to it, but within one to two years you get that investment back, so it's very easy money.

For a SIEM solution, we use Splunk at the moment with one of our clients, which is more of an integration system than what Purview is when it comes to monitoring your entire environment. You can set up alerts and automation, as well as automated actions, in Purview. With Splunk, if you use custom connectors and integrate it with an Azure app, sure, you can build an entire custom solution to replace Microsoft Purview. But you would have to manage it, and it's just not worth it. I don't see a reason, when you're inside the Microsoft ecosystem, to not use Microsoft Purview.

Although I have not used Purview for data loss protection, I am part of a team that is working on custom data loss protection solutions. Currently, if you want to check every email going in and out in detail, its data loss prevention capabilities are not ticking all the boxes. However, if you want to have the ability to generally control who can open a file on an unmanaged device, or set up rules such that, if someone cannot log in with their credentials and does not prove that they are part of our tenant, then they cannot open a given file, that's something I love. The watermarking is great because, even within your organization, you're able to prove and show to users that they should know that this is a protected document.You can set up campaigns to educate your users.

In terms of the number of solutions we need to have interact with each other, in the past, we would have to set up different logging solutions. I even had to build custom logging solutions in the Microsoft ecosystem. I used Power Platform to build them. One little flaw right now is that the product could go into a little bit more detail in the audit logging. I was able to pretty much solve my use case for logging regarding a legal regulatory document management system using Power Automate flows.

We use Microsoft Purview to protect sensitive transactional data. We can control organizational policies such as who can monitor the system and how data is shared between managed apps and enrolled devices. We create the data loss prevention policy.

Purview can deliver data protection across multi-cloud and multi-platform environments. For example, we can set up a multitenant environment across different vendors and control Purview through Azure. Our enterprise licensing allows us to extend the connectors and tokens to other vendors. Once the connectors are active, they streamline the same functionalities and policies across the data on the other clouds.

Purview can connect to iOS, Mac, Android devices, and other SaaS apps, provided that we have created enrollment profiles for the other devices in Microsoft Azure. We can then monitor those devices from a central Microsoft location.

Microsoft Purview's natively integrated compliance across Azure Dynamics 365 and Office 365 is important because all escalation auto breaches from Microsoft or our data loss prevention policy will be highlighted to our program manager and portfolio manager. Therefore, we must treat this as a service-level agreement breach. The most important thing is to ensure that we are alerted whenever sensitive data is sent across 18 servers, Microsoft Office 365, or by people using their hybrid environment to connect to Office 365.

It is important that Purview was built taking into account the critical regulations from around the world because one of the accounts I support is a financial institution from the UK with offices in Europe. As a result, we have new regulations to comply with. We had a different region-wide DLP setup for the UK and Europe, but we needed to ensure that it was within the new Purview system and that data could not move out of it. To achieve this, we have people in Europe working on certain governance and risk portfolios that we have created using Microsoft Azure and Purview. We also share this information with our audit team, which comes in from outside to verify it every quarter.

We have an in-house process for handling policy violations. Purview's DLP for remediating policy violations helps us. For certain categories of transactional and social ethics violations, we capture data on any copying of sensitive data. This is because sensitive data should not be shared. We capture this data using our exchange server. It is difficult to share sensitive data, but we can capture it. We then share this data with our ombudsman team. The ombudsman team will review the data, including the timestamps and users involved, and determine what action to take. In rare cases, the person responsible for the violation may be removed from the team or organization.

Awareness of mobile device monitoring must be shared across the organization, especially with end users who may not be aware that their actions are being monitored. Training should be provided to all users of enrolled devices, regardless of whether they use Intune or another endpoint server. There are three sets of training, End-user training, Admin training, and Global provider user training.

Over the past two years, we have improved our relationship with external auditors. In the first year, it was challenging to implement DLP policies. However, in the second and third years, we have had fewer than ten violations. These violations were typically due to users accidentally accessing sensitive data without their knowledge. We have been able to significantly reduce our policy violations in the past three years using Microsoft Purview.

Purview has helped us reduce the number of solutions we need to interact with each other. We used to have a lot of L1 tickets that came in earlier, where there was a policy change or configuration change being done. And then we didn't have a proper change process or control over the data that had been accessed, because it was in a shared model. This led to SharePoint violations. Now that this has been reduced, we have proper version control, and anyone accessing these resources must check IAM. As a result, those L1 tickets, which were more than a thousand in the first year, have been reduced to less than a hundred or so, in terms of SharePoint access violations. So, this is one area where we have seen a significant drop because the IAM and the user's profile now determine whether they have read and write access.

Our visibility into our estate has improved significantly with Purview. We started a pilot project, and the project manager who owns this portfolio is already running the show, even before the policy is set for the organization itself. This level of visibility was tested in a small pilot project, and now the project manager has full visibility.

Microsoft Purview allows us to demonstrate our compliance in real time. On the default dashboard, we can see the number of phones that have violated the DLP policy that we created. We can then determine which standard was breached, such as ISO or BIS. We use Purview for weekly compliance calls with the client as well.

Purview helped streamline our meetings with compliance regulators by making it easier to share data with them.

Microsoft Purview has helped us reduce our time to action on insider threats. Before Purview, we manually managed our insider threat detection process using a weekly Excel report with a macro. This meant that if a breach occurred on Monday, we would not review the report until the following Monday, resulting in a one-week time to action. With Purview, we can now take action as soon as Purview detects the violation.

Purview has saved our admin teams 99 percent of their time spent investigating violations. In terms of cost savings, Purview is included with our E5 license. The savings are significant.

Purview helps us maintain compliance. It gives us full control over our data, and when there is a violation, we can follow our established procedures to decide whether to call the ombudsman or if the process setup is sufficient.

Purview helps mitigate risk and allows us to govern the information being shared among apps and devices. Purview can restrict access from even the smallest threats, such as a mobile device trying to access and manage apps.

I would like to have AI functionality on the dashboard to help me analyze and report on the data that we capture using Purview on a daily basis.

I have been using Microsoft Purview for three years.

Purview is stable and always available because it is a SaaS service, which means we don't have to worry about the infrastructure.

Purview is scalable depending on the number of transactions we want to monitor per day. 

Whenever we had an issue with Purview during the test phase of setting up DLP, we would call Microsoft Premium Support. They responded immediately and assigned a support engineer to our case right away. The support engineer would escalate the issue to their internal product group team, who would update Purview on the backend with a patch. The product group team would then let us know that our feedback on the product had been accepted and that they had worked on a solution, which would be released within the next week or quarter along with other updates. Overall, we were very pleased with their support.

Positive

Before Microsoft Purview, we used a feature in Intune called data analytics to record what users access and the transactions they perform. However, this data was not meaningful, and there was no way to filter it to identify breaches. As a result, we had to manually review all of the transactions for all users in the organization to see if any were violations.

Microsoft Purview is able to capture breaches because we use tags to properly understand the data and identify violations. For example, we can tag all transactions involving credit card numbers. When we run the ETL tool, it uses the tags to identify transactions that may be violations.

Initially, deployment will occur once the data is confirmed by the ETL team and properly ingested. This process typically takes a few weeks, depending on the volume of data. Once the initial deployment is complete, we will design and test the DLP and UAT systems. This process typically takes two weeks to a month.

Once it is deployed to production, any future changes or updates must be approved by a cabinet review board, and we must have a rollback plan in case anything affects production.

We have eight engineers who work at different levels to ensure that the data is furnished correctly, regardless of whether it is structured or unstructured, how it is being populated, or where the data loss prevention process runs daily. We also have a couple of managers and a scrum leader, as well as a portfolio manager.

When we implemented Purview, we were able to reduce our staff by 60 percent. We no longer need compliance officers to manually check spreadsheets for changes or breaches. In addition to the staff reduction, we have SLAs that require us to pay penalties to our clients if there is a violation. With Purview, the number of SLA breaches has been significantly reduced, saving our organization over one million dollars.

Microsoft Purview requires a Microsoft 365 license and is included with an E5 license. The license is expensive, but it is worth the cost because of all the tools it includes.

I would rate Microsoft Purview nine out of ten.

Purview is a cloud-based SaaS product. We keep our sensitive data on-premises, but we export a de-identified version (.NET) to the cloud in order to review reports for violations.

I recommend Microsoft Purview, especially for organizations that are already using Azure. Purview can be used to extend their risk governance capabilities in a seamless manner. There are other solutions available, but Purview is flexible and offers hybrid, cloud, and on-premises options with connectors for other vendors.

Our primary use case of Microsoft Purview is data discovery and scanning data sources.

Microsoft Purview is a cloud-based service on Azure, but the way it scans data sources is hybrid. While Purview itself resides in the cloud, some on-premises servers called integration runtimes are deployed within Purview to scan specific data sources. These on-premises servers are essential for making those sources accessible to Purview for further management and governance. In essence, Purview leverages a hybrid approach for data source scanning, but everything else about the service operates entirely in the cloud.

Microsoft Purview's data connector platform for handling non-Microsoft data sources effectively addresses our data ingestion requirements.

Purview affects the visibility we have into our estate. It is the primary reason why we use the solution.

While Microsoft Purview doesn't directly provide revenue, it saves our business money by improving efficiency. Imagine we're launching a marketing campaign and need customer or product data. Before Purview, we'd have to search for existing reports, unsure if they even exist. Now, Purview lets us see all reports, who created them, and when they were updated. This saves us time by eliminating manual data searches, ultimately reducing costs because people's time is valuable.

Purview's greatest benefit for us is data discovery. Even someone unfamiliar with our data can use Purview's basic keyword search to find relevant data sources. Purview then reveals details like data points, who maintains the source, update frequency, record and data point counts, columns, and data types – all this metadata is instantly available, making Purview our primary tool for data discovery.

While Microsoft Purview currently allows weekly scans for data sources, this limitation hinders the usefulness of the tool for frequently changing data. Ideally, Purview should offer daily scan frequencies to better accommodate these dynamic environments.

Microsoft should provide full access to log details, particularly those related to technical aspects of data source integration. Hiding information from technical users assumes a lack of understanding on their part, which isn't the case. While Microsoft claims Purview is under constant development and some features lack documentation, this shouldn't prevent transparency, especially for established functionalities we rely on.

I have been using Microsoft Purview for nearly one year.

Microsoft Purview is stable.

Microsoft Purview meets our scaling needs.

The error codes displayed by the user interface weren't detailed enough to diagnose a problem we had, so we contacted technical support for help. Even with some internal information, we couldn't properly debug the issue. Microsoft then examined their internal logs to provide more details about the error message, which was all we needed. Once we saw the additional log information, we were able to pinpoint the exact problem and fix it.

Neutral

Since Purview is an Azure service, enabling it for our company was simple for IT. Once activated, I became the collection admin, and data admin, and assumed all the associated Purview roles. Setting up the first data scan for our reports and data sources was surprisingly easy, even without any prior experience, though being technical helped! The process is entirely point-and-click with no coding required.

The week-long deployment involved collaboration with our IT network team to handle resources behind corporate firewalls, while I managed the remaining tasks, bringing the total number involved to three.

While we evaluated various data discovery and analytics solutions, particularly open-source options, we ultimately chose Microsoft Purview due to its seamless integration with our existing Azure Stack environment. Since Purview was already included in some of our corporate Microsoft agreements, it offered a cost-effective and user-friendly starting point for our data discovery needs.

I would rate Microsoft Purview eight out of ten.

While our data platform handles governance and privacy, we use Microsoft Purview specifically for data discovery. It helps us scan existing governed data sources and make them discoverable through various methods like keyword search, research tools, and browsing by data source. Notably, Purview provides valuable metadata, even though we don't currently leverage its compliance features.

No maintenance is required on our end.

Before considering Microsoft Purview, identify your specific data governance needs. Purview is a comprehensive solution, so pinpoint the features you require (data discovery, classification, sharing, etc.) and how they address your challenges. If you only need a few functionalities and paying extra for unused features isn't ideal, a simpler solution might suffice. However, if you plan to leverage Purview's full potential and the cost aligns with your budget, then I would recommend Purview.

I am a system integrator for Microsoft Purview. I have assessed some customers who already have Microsoft Purview because of their E5 license. However, they are not aware of Purview's capabilities. Purview is a relatively new product that provides an end-to-end data security lifecycle solution. It allows us to review our data with a data governance solution, classify it, protect it, and prevent data breaches. I have worked on almost all aspects of Purview.

We have assessed some customers and provided them with use cases such as using Purview to protect confidential data recovery. This allows them to manage their own workflow for vendors on a contractual basis. We have multiple use cases for Purview.

Purview's natively integrated compliance across Azure Dynamics and Office 365 is important. Microsoft has the advantage of being able to connect other solutions in its suite more easily, and this makes Purview a very good choice. With the exception of OCR in Teams, Purview works very smoothly. If we want to protect something in an email, Purview will prompt us immediately if we have configured it to do so. This is very convenient, and Purview does not use more system resources than expected. Another advantage of using Purview is that it is Microsoft's own product, so Microsoft can customize it to its own needs and ensure that it does not impact system performance.

It is important that Purview was built taking into account critical regulations from around the world. Purview is important because businesses are increasingly operating globally, and data is moving between different regions and countries. Purview is up to date with respect to different regional, national, and state privacy laws. I have found Purview to be a great solution, but it is not yet operating as well as it could. Microsoft is working hard to address this issue, and they are publishing new privacy acts to Purview on a regular basis.

How we use Purview data loss protection to educate users on how to handle sensitive data is we deploy Purview in the organization, categorize the data by region or department, perform data flow analysis to understand how the data is used and shared, classify the data as low, medium, or high risk based on the daily digital annual loss, We protect the data using Microsoft DLP, We publish videos on SharePoint to educate users about data classification and labeling, and we enable users to self-educate by providing them with access to documentation and training resources.

Purview is valuable because it is the only end-to-end data lifecycle management solution that provides data governance, classification, and protection.

Purview helps to reduce the number of solutions we need to interact with.

The reduction of the number of solutions we now need to interact with has simplified our data governance. 

I am satisfied with the visibility that Purview provides. Even without configuring anything, we can see many insights, but we do not get the exact details unless we configure Purview accordingly.

It provides a real-time compliance score for all our devices connected with Identity Access Management and Defender.

Purview helps us save time by publishing the policies quickly and collecting information in real time.

Purview helps us stay compliant. I have not encountered another solution that provides end-to-end licensing.

One of the valuable features of Microsoft Purview Information Protection, formerly known as Azure Information Protection or Microsoft Information Protection is data classification and data governance. MIP provides a unified labeling client that allows users to apply sensitivity labels to documents and emails in Microsoft Office files without the need for extra plugins or agents. MIP also provides strong information rights management settings, such as the ability to specify who has access to content and at what time.

Microsoft Purview's ability to deliver data protection across multi-cloud and multi-platform environments is important, but there are some limitations. For example, if we have our own cloud solution, Purview cannot currently protect it. However, we can integrate Purview with other OEMs, such as Forcepoint, McAfee, or Symantec, to provide DLP functionality for our CASB. Additionally, Purview cannot protect cloud platforms that are part of a shared domain, such as our own website, unless they are part of the public domain. Purview needs to add DLP support.

One of the things I would like to recommend is that Purview doesn't have the option to push policies or updates in real-time. Instead, it is based on the last five-bit communication. We cannot make any changes to this. It is based on the device when it is communicating with the server. If I want to do this forcefully from the server, if I want to send a wake-up call to all or selected agents throughout the organization, Purview does not have this capability in the GUI.

The reporting functionality needs to be improved. I have found that the solution is not satisfactory for reporting. We have to use Power BI to generate the overall profit, but this requires a lot of configuration. In another solution, we can easily achieve the same reporting functionality.

Purview does not have OCR functionality or network web. Therefore, OCR functionality is not included. OCR is available for Teams, but it does not work as expected. For example, it does not work well for systems that deliver to the recipient database, which could cause problems if it does not match our rules.

Purview has limitations connecting to Android devices and SaaS devices.

While Purview's data connector platform can ingest information from non-Microsoft data sources, it is slow to do so and the information may become outdated.

I would rate Purview's data loss prevention for remediating violations a six out of ten. The reason is that Purview does not have an option for endpoint discarding. In contrast, Forcepoint and Trellix are more mature DLP solutions that offer endpoint discarding. This allows us to scan endpoints for sensitive data, take a replica of that data, and store it in a safe location. We can also encrypt the data on the endpoint. Microsoft Purview DLP does not offer this functionality. It is only available for Teams and email.

I have been using Microsoft Purview for one and a half years.

Some features of Purview are stable, while others are not. MIP is very stable. DLP is constantly being updated, so some of its options may be unstable. The only stable portion of DLP is the database checking management.

Purview is in the cloud, so it is scalable. However, Microsoft sometimes makes it confusing by adding add-on features that we are forced to add and which will cost us to move. For example, there are options for endpoints four and six, but to use these, we have to add block storage, which will cost more. We should only have the option to configure everything in one console. This is because humans sometimes need to go to the Azure team and ask for access if they do not have Azure. Alternatively, the Azure admin team has to do this on their behalf. This is something that Microsoft can think about.

The customer support is the worst. When we were raising the case, the support was literally asking us how to resolve the issue. So I was really confused about what kind of support this was. We were seeking support, and apparently so were they. One of the customer support people had just provided us with dates but was not working on resolving the issue. I don't know why.

Negative

I have also used McAfee, Symantec, and Forcepoint for our data security. These solutions all offer endpoint discarding, which Purview does not. This gives us the option to replicate and save a copy in another place. Endpoint discarding is granular, and we can save reports in real time and connect to endpoints in real-time. We can also bypass the endpoint, which we cannot do with Purview. McAfee does not have to be built in, while Symantec does. 

The pros of Purview are utilization and performance. It is a lightweight solution that does not impact system utilization. This is important. Microsoft is a one-stop shop for data classification and DLP, so we may not need to worry about integrating with different vendors. We have MIP, and then DLP if we have exposure from DLP. Of course, it is possible to integrate with the help of APIs, but there is a risk that Microsoft may decide not to integrate with Forcepoint or Symantec in the future. This is something customers should think about. In that case, for customers with an E5 license, Purview would be the best choice because they can utilize all the Microsoft products and save costs. This strategy will also improve their security posture.

The initial setup is straightforward. Just plug in our internet credentials. That's it! No need to worry about the server, its utilization, configuration, or architecture. It's very easy to use, and we don't have to worry about disaster recovery or data centers. In a way, it's really helpful and cost-effective. Microsoft is taking care of everything on a pay-as-you-go basis.

The number of people required for deployment depends on the number of end users and departments. For example, an organization with 15,000 end users, 40 departments, and some generic requirements can deploy the solution using one L3, one L2, and two L1 people.

The fact that our organization continues to use Purview indicates that it provides some sort of return on investment.

We pay $15,000 per end user for the E5 license.

I would rate Microsoft Purview seven out of ten.

According to Gartner, Microsoft DLP is one of the top ten DLP solutions, but the top three are Trellix, Symantec, and Forcepoint. I prefer Forcepoint.

The maintenance is easy to complete.

I highly recommend that an organization use an E5 license if they are going with Microsoft because this will give them everything they need, including technical management, governance, and data management.

The use cases for the solution include data governance, metadata management, creating business grocery, doing data lineage out of the data within the entire data stack and technology stack, and, at the same time, creating data stewardship using the policy procedures. We're implementing the policy procedures, and using workflows for automating the task. 

The organization really doesn't have any security solution, however, they want to start their journey. It's an easier way to get started if they are already on the Microsoft side. It allows them to start with basic, common capabilities.

The inheritance feature is very good.

It is user-friendly. It’s cloud native and uses the Azure Stack which makes the deployment easy.

The documentation is very exhaustive. Anyone can go ahead and try different use cases.

Purview delivers data protection across multi-cloud and multi-platform environments, including AWS and GCP. Many organizations have a Windows operating system along with other Microsoft protection capabilities. The integration with risk and compliance is good. Microsoft has been across various areas of product expertise and covered everything under its umbrella.

It is important that Purview can connect to iOS, Mac, and Android devices, and data in other SaaS apps. It makes it easier to integrate everything. You don’t have to be specific to Microsoft products. It makes it more flexible.

It is important to us that Purview has taken into account critical regulations from around the world. They have captured most of the popular ones that are there. Many of the solutions still don't have this entire capability. When it comes to regulation and compliance, they have tried to get the most out of it and it’s included as part of PowerEdge.

We use the solution for data loss protection. For remediation. on a scale of one to five, it comes to around four. The security protection component was anyway there. They are just building on top of that and building above that.

Purview data loss protection is good at educating users on how best to handle sensitive data. There are learning and training modules available, which are helpful. It is still not there among the leaders as there are some organizations that are purely security solutions. Still, they have an edge over human identity governance. While they are not the leaders yet, they are trying to be there by trying to continuously improve and trying to provide the best of their capabilities.

Purview has helped us to reduce the number of solutions we need to interact with to some extent. Basically, it tries to solve some of the common problems raised with respect to governance.

The solution has helped improve visibility. It’s taking us to maturity level three by having the visibility aspects in place.

We haven’t used AI too much. The classification components are primarily being used. Other than that, it does have some features when it comes to text mining and identifying the EMEA site. To some extent, they have those AI capabilities and we'll try to leverage that more. We’ve been able to remove some manual activities. It was able to solve some of the problems based on the parameters and thresholds that had been defined.

It's helped provide us with a more precise, clear understanding of our data. 

Purview enables us to handle our compliance in real time. 

It does have regulation-specific templates that could be directly used to start with the journey of doing assessments identifying the maturity and then closing the gap as part of the gap assessment.

Purview helped to reduce the time to action on insider threats to some extent. We weren’t dependent on it much yet. We’ve used other vendors and technologies for that.

We went for an enterprise module. It helps us to start the journey. With it, we can start leveraging modules as part of the overall architectural stack. It does help with that. I’m not sure how much money has been saved just yet. However, there has been a fair bit of savings of both time and money.

To some extent, it has really helped us stay on top of compliance. Before, we had to do it manually. Having templates helps. It helps management understand whether we are compliant or not and can help work to close the gaps.

Non-Microsoft use cases are not very high. It's limited for now. They are continuously trying to evolve and trying to provide the latest right now. It is mature only on the more popular open source kind of applications or source tools. That is a limitation that it brings in. That said, if you already have a complete Microsoft stack then it will work really well.

They still need more coverage on Microsoft Dynamics 365. It's an area they are still working on. 

The lineage data capabilities could be improved. They need data quality as a solution. They need to have that as part of their suite. 

If I want to drive governance and adoption, when it comes to dashboarding and understanding maturity, it still needs work. There are other better, more competitive tools. 

I've been using the solution for the last five years. 

The solution has been stable. 

The solution is scalable. 

We do have personnel in-house that take care of any technical issues for the most part. Technical support is good when we do need help. There is documentation, FAQs, and chats, et cetera. When we reach out, we get support within 24 to 48 hours. Sometimes to get to the answers takes some time. 

Neutral

I've used other solutions such as Informatica, Collibra, and One Trust, among others. 

We had multiple use cases. Some organizations already had a strategic alignment with Microsoft Azure, and it made sense to go with Purview. Others felt it was a good option since it provides both governance and security. Many wanted to keep Microsoft as a strategic partner as well.

Purview is great in that it supports your stack, is cloud-native, and works directly with the Microsoft suite. Since it supports most options in an organization, it becomes easier to integrate so that we can gain that visibility.

The deployment requires an Azure enterprise account and is taken care of by one person and an Azure administrator. It's very easy. You just need to follow the steps and work with the Azure administrator.

Once it's set up, you get your users set up and define your rules. You need to deploy policies, et cetera, and go through a series of steps to ensure everything is ready and users are onboarded correctly. There are multiple strategies you can take on later - for example, decentralized and piecemeal approaches. 

We have different scenarios including production and development environments. We have different strategies to keep different environments in sync and do quarterly checkups where we identify certain areas and departments to add. 

Maintenance is only needed for larger organizations that are more mature. There is no separate maintenance; it's all under the same license. 

The ROI has been very high and can be measured in many ways. We measure ROI based on the organizational maturity and data-related use cases. 

The cost is completely based on the number of users and the subscriptions that it provides. Also, the technology stack and how much data you have or how many connectors you are using, et cetera. There are a lot of different types of factors to consider when calculating cost. Since we went for more of a pay-as-you-go model, it is based on consumption.

More complex organizations use more data and therefore the pricing will be different from smaller, less complex organizations. 

I have been a partner and implementor, however, right now, I am more of an end-user.

We are working with the SaaS version of the solution. 

I'd advise others to take time and understand both this and competitor solutions. Consider the use case you are solving for. 

I would rate the solution seven out of ten. 

We use the solution to defend endpoint workloads and prevent data loss. We also use it for governance.

One of the biggest benefits of the solution is visibility. Previously, we had a myriad of different solutions for compliance and to look at different workloads. Microsoft Purview brings all those things together in a very similar look and feel.

It also enables access management. We can provide an elevated privilege for a limited time. If the user needs privileged access, they can request it on an ad-hoc basis. We have workflows to provide access depending on different approval models. We can do all such things without elevating the risk posture.

The time to onboard is pretty short. It comes with a whole bunch of recommendations for somebody who has a small crew like me. It gives the ability to onboard the product and have a really good baseline to begin with. All I have to do is three or four clicks, and it's off and running. It is one of the greatest removers of barriers to entry. We have to be generalists, being a small shop. It's important for us to begin from a great place. Some other highlights compared to the competition are

• Unified Data Governance & Compliance
• Comprehensive Data Discovery & Cataloging
• Deep Azure Ecosystem Integration
• Data Loss Prevention (DLP) and Insider Risk Management
• Role-Based Insights and Access Control

The tool's Windows PC offerings are far better compared to the granularity on the Mac side. The product must provide better integrations with OS X and iOS. There must be feature parity. The product must also provide better integrations with other ecosystems. I'd love to see Microsoft integrating with Google Workspace, at least in the EDU K-12 space. Most people in the EDU space use Google Workspace and Microsoft. Extending the capabilities of Purview would be phenomenal. to summarize, 

• Limited functionality on macOS (e.g., sensitivity labels not fully supported in all Office apps)
• Inconsistent feature parity across platforms (Windows vs. macOS vs. web)
• UI complexity and steep learning curve for new users

.

I have been using the solution for five years.

The tool is stable.

The tool is scalable.

The support must be improved. Unfortunately, a lot of times, it's a hit or miss. With the breadth of their customer base, much of it must be diverted to third-party consultants. I almost dread it when I see an email from a third-party vendor. When you're an insider, you have much better access to resources than a consultant.

Positive

We were using Barracuda DLP for email filtering and file sharing. We switched to Microsoft Purview to bring it all under one umbrella.

The initial setup was straightforward.

I have a few friends in the industry who've done this. We did a proof of concept, began small, looked at the pros and cons, and expanded it.

The product saves us time and effort. We can easily access Microsoft Exchange or Microsoft 365 and see the violations. It has easier and fewer workflows. Otherwise, we would have had to go into individual users' file systems and look for violations.

The solution is extremely affordable for the K-12 space.

We evaluated solutions for individual silos, but we did not evaluate a cohesive unit like Microsoft Purview. Microsoft is extremely affordable for the K-12 space. It was a no-brainer to onboard Purview to peer across different workloads.

Barracuda Email Security was pretty good. The problem was that it was a single solution. It doesn't extend across our data estate. Purview has a vast and rich ecosystem.

It is extremely important that Purview delivers data protection across multi-cloud environments. They currently do GCP and AWS, but not necessarily Google Workspace. I'm hoping that it'll be their next natural extension.

It is very important to us that Purview was built taking into account critical regulations from around the world. Since we work in the K-12 space, we deal with minors. It is important to protect their identity and privacy and have their well-being and the nationwide and statewide regulations at the forefront. It's very important for us to be compliant, not just from a compliance perspective, but also to protect the needs of children.

Insider risk is a big challenge. Many people want to share and communicate. There's a balance between communicating and oversharing confidential information. It's reasonable to expect a teacher to know all those nuances. A policy that can oversee and provide guardrails to users is very important. A feedback mechanism for the end user to act on would be very helpful.

We can see across different systems without too much effort. It is very important to us. Purview enables us to show our compliance in real-time. The security score helps me compare myself to other organizations. Being able to identify a gap and fill it is super helpful. As a small organization, our audits are more financial in nature.

More than time and money, the tool has increased accountability within the organization. We can have proactive conversations about data security. The product provides me with a 300% return on investment.

It is critical for us that Purview connects to iOS, Mac, and Android devices. Large organizations can have separate IT sections for different departments. As a smaller organization, our ability to support different needs across different SaaS applications and platforms through Purview is important.

The ability to peer more into heterogeneous environments is an area of growth for the solution. It is a must-have.

Overall, I rate the product a seven out of ten.

We use Microsoft Purview for DLP capabilities and email encryption.

Ensuring data protection across multi-cloud and multi-platform environments through Purview is crucial for us. Currently operating on Azure and AWS, we plan to migrate a portion of our on-premises workloads to the cloud. To achieve this, we will leverage Purview for data loss prevention on our virtual machines and utilize Azure Arc for centralized management of all our platforms.

Purview's ability to connect to a wide range of devices, including iOS, Android, and others, enhances our visibility into BYOD devices deployed across our environments.

As a public organization, we are bound by policies and regulations. To ensure compliance across Azure Dynamics 365 and Office 365, both locally and internationally, we leverage the native compliance capabilities of Purview, which integrates seamlessly with both platforms.

The DLP for remediating policy violations works well. We can easily view the details and conduct investigations from a single dashboard.

We recently started using Purview for DLP on Mac OS devices.

Implementing Purview as our primary data loss prevention solution has yielded significant benefits. Our Microsoft E5 license provides enhanced protection across the organization, offering immense value through its comprehensive features. Consequently, we have been able to streamline our security posture by consolidating third-party solutions and focusing on Purview and other robust Microsoft applications.

Microsoft Purview has streamlined our workflow by consolidating diverse systems into a single, user-friendly dashboard. This one-stop shop simplifies access and management across our organization.

Microsoft Purview enables us to show our compliance in real-time. We are satisfied with the speed at which Purview provides alerts and details to us.

Microsoft Purview has significantly shortened the response time to insider threats by almost 70 percent. It can rapidly block unauthorized user access, leading to a reduction in required manpower.

Microsoft Purview has helped to save money by preventing the loss of data in our environment as well as around 60 percent of our admin user's time.

Purview helps us stay on top of compliance. We no longer have to review incidents manually, improving compliance by 80 percent.

The custom classifications are one of the most valuable features. For instance, if we want to block the transfer of card details, there are many pre-built samples for different countries that we can easily use in Purview, eliminating the need to create our classifications which makes the work easier.

Purview needs to improve its DLP capabilities for removable devices such as external drives and USB devices.

The custom data classification for the African region needs to be improved.

I have been using Microsoft Purview for five years.

Microsoft Purview has been stable, with no incidents involving the Data Loss Prevention functionality. However, there have been a few instances where the admin portal has been unavailable.

Microsoft Purview is extremely scalable.

The support response time can be improved.

Positive

We are currently using Forcepoint and Microsoft Purview, but with our E5 license, we're considering consolidating our security products under one umbrella and one dashboard, potentially phasing out Forcepoint.

The initial deployment took a few hours. Five to six people were involved in the deployment.

I would rate the cost of Microsoft Purview a six out of ten with ten being the most expensive.

I would rate Microsoft Purview an eight out of ten.

We have a complex group-wide tenant that requires us to have different administrative units for each country. We have around 50,000 users worldwide.

Purview does not require any maintenance beyond regular checks in the admin portal to ensure everything is functioning correctly.