Microsoft Purview Data Governance Reviews

We have implemented Microsoft Purview as a comprehensive DLP solution for our clients across Europe, Africa, and the Middle East to protect their data and help them classify, identify, and investigate who and how the data is being accessed.

Microsoft is aiming to build favorable relationships with other cloud solution providers. On our end, if we have both AWS solutions and Microsoft's cloud solution, implementing the Microsoft Purview dashboard can be a good way to collect and classify our data across both platforms. This could be a strong selling point for Microsoft to explore partnerships with AWS and other public cloud players, allowing them to combine and leverage their global development, sales, and services.

Implementing Purview's integrated compliance across Azure Dynamics 365 and Office 365 is relatively straightforward thanks to available connectors and Microsoft's improved user interface.

Microsoft Purview includes a compliance manager, which simplifies meeting various standards and regulations through integration with companies like ISO, ISCE, and other risk solutions. This feature is an add-on for E5 and E3 licenses. It allows us to create assessments that generate reports with specific recommendations for implementing and configuring ISO 27001 or other standards within our Microsoft 365 environment. This makes compliance significantly easier and, according to Microsoft, can reduce the cost of implementing such measures by approximately 40 percent compared to using other solutions for ISO compliance or other critical regulations.

Given my role as a cybersecurity consultant, I previously created a DLP policy based on the client's needs. Since then, I haven't had further contact with the client. However, I'm now working on a new project for them next year. This project involves developing and implementing a DLP solution with a focus on information protection. My responsibilities include monitoring all user activity and reporting on it in a few months. Based on my observations, there's a significant amount of activity requiring governance. This includes areas like DLP policy enforcement, USB blocking, printer control, copy prevention, file transfer via secure FTP, and external user access restrictions. Purview's data loss protection is helpful for remediating policy violations.

I'm developing a short training guide, about four pages or more, on enabling information protection labeling and related topics. Some clients have suggested automation, but I believe the best approach is to guide users through manual labeling. For instance, we could have a "Sensitive" label for data like personal information, ID numbers, passports, names, passwords, and so on. Information protection can be implemented either by defining detection rules beforehand or by using the system's automated detection capabilities. If sensitive information is detected, the system can then recommend applying the "Non-Confidential" label or whichever equivalent label we prefer.

Microsoft has developed and launched Microsoft Defender for Endpoint for Mac. This agent for macOS is the same agent used for data loss prevention in Endpoint. However, if we don't require DLP for Endpoint, we can simply synchronize our Macs with Microsoft Intune. Intune, a combination of Microsoft Entra ID and an MDM solution, is not just for mobile devices; it's a device management platform for all company devices, including PCs, Macs, mobile devices, and servers. It allows us to synchronize settings and policies across all our devices, manage software deployments, and utilize various other features. Therefore, we have two options: either synchronize our Macs with Intune or install the Microsoft Defender for Endpoint agent to implement DLP for Endpoint. DLP for Endpoint is mandatory if we need to detect and control USB devices, printers, and other data transfer peripherals.

Microsoft Purview's primary benefit lies in safeguarding sensitive and confidential data, thereby mitigating the risk of internal data exfiltration.

Purview does help our customers reduce the number of solutions they interact with. From a cybersecurity engineer and information security expert perspective, consolidating and streamlining technology can be beneficial for IT departments, especially before implementation. Currently, Security Service Edge emerges as a promising solution due to its integration with zero-trust principles and protocols. For example, instead of deploying multiple endpoint detection and response solutions, a single, antivirus-free EDR like CrowdStrike can suffice. Similarly, Microsoft's Defender for Cloud Apps, combined with XDR and other security features, offers a comprehensive solution for Security Operations Centers. My goal is to create a unified MDR solution for clients, allowing for centralized data collection and log analysis. This unified platform, ideally with one or two dashboards, would enable efficient investigation and response, minimizing investigation time and cost. Combining various tools into one interface eliminates the need to jump between dashboards, improving analyst efficiency. Why rely on multiple vendors like CrowdStrike, Proofpoint, Minetest, and MISSP when a single solution can offer comprehensive visibility and data security? Microsoft's Image Security 365, coupled with best practices and anti-phishing strategies, can significantly enhance security. Furthermore, I recommend implementing a DMZ with two firewalls, one internal and one external. This layered security approach, while requiring two vendors, provides redundancy and prevents attackers from exploiting a single firewall and gaining access to the network. However, it's important to remember that cybersecurity solutions are not one-size-fits-all. Each client and scenario requires tailored strategies based on their unique needs and context. Consistency across the industry is crucial, but it's important to acknowledge the lack of standardized approaches in the current landscape.

The Microsoft Purview dashboard is primarily a data security solution, allowing us to implement various layers to safeguard our information. While it can be used for some Endpoint Detection and Response functionalities, its full potential in this area might not be realized without proper configuration and understanding of the underlying processes.

While Purview offers real-time compliance monitoring, it's an add-on feature functioning as a compliance manager. However, due to a lack of clear communication, not all companies fully understand its capabilities. Additionally, it's important to note that while compliance and standards often relate heavily to financial and banking sectors, the scope of regulations has broadened significantly in recent years, extending beyond these specific industries.

Purview helps us stay on top of compliance because Microsoft has tried to build Purview based on the ISC framework.

No single feature stands out as the best because the most effective approach involves combining multiple features. For example, when using information protection, labeling, and classification, a multi-step process is necessary. First, we must classify our data, which requires a thorough understanding of our environment and the nature of the data itself. Once classified, we can apply labels and establish rules governing data sharing through information protection measures. The final step involves implementing and configuring a Data Loss Prevention solution. It's crucial to remember that the goal isn't to find ideal individual features; rather, it's to leverage the synergy of multiple technologies to create a comprehensive and powerful data protection strategy.

I've been working closely with Microsoft support on issues with the Microsoft Purview Information Protection scanner's on-premises services. While it's a solid tool, there's still room for improvement in my opinion. I've submitted numerous recommendations, from solutions to address specific problems to the implementation of new features like bulk scanning across multiple servers, not just individual paths. I've also encountered a high number of false positives in the classifier and made suggestions for resolving them. Microsoft support is currently reviewing my input, and we're collaborating to refine the scanner and minimize false positives. It's important to remember that this is a new technology, and like any newborn business venture, it's prone to growing pains. Errors and mistakes are inevitable along the way, but they're also valuable learning opportunities.

Frequent daily updates from Microsoft can cause interface elements like buttons to appear and disappear, making navigation unpredictable. Additionally, Microsoft also generates new licenses that require investigation to identify each new license.

I have been using Microsoft Purview for one and a half years.

Microsoft Purview is scalable.

Sometimes we have a communication gap or delay but most of the time the technical support is good.

One person can deploy Microsoft Purview.

We implement Purview for our clients.

We are a Microsoft Gold Partner and are currently satisfied with our existing solutions. Therefore, we do not prioritize evaluating other vendors at this time.

I would rate Microsoft Purview a seven out of ten. Purview is a good solution but it takes time to master.

We use Microsoft Purview to protect and govern our information.

It is important for Microsoft Purview to provide data protection across multi-cloud and multi-platform environments, including AWS and GCP. I have been a consultant for a year and a half, advising mostly European enterprise customers. All customers, from mid-sized to larger, have diverse storage solutions. Therefore, it is important for Microsoft Purview to be flexible enough to be applied to various environments, such as multi-cloud. Although the product is not yet there, it is important to many business customers.

The enterprise IT landscape is diverse, with various devices, SaaS applications, and multi-cloud solutions. Protecting and governing information is a need that spans all of these touchpoints and Microsoft Purview helps us do that.

Purview's native integration with Azure Dynamics 365 and Office 365 is essential because many organizations use these Microsoft products. This native integration is unmatched by other solutions.

Purview DataOps Protection does a great job of remediating policy violations. It has a comprehensive reporting and fine-tuning integration that allows us to track policy violations effectively. Overall, I think it does a great job of protecting data.

Purview recently improved in the area of DLP. These tips are now available across different platforms, such as Office and Outlook, and they are getting better. This is helpful in educating users about policies. 

Microsoft Purview helped us control the growth of data, reduce dark data, and better protect against the filtration of data.

Purview increased our visibility into our other Microsoft solutions.

We use AI and automation sparingly. This is not part of Purview directly, but an AI tool that helps us determine if data is redundant or has business value before we move it to Azure or Microsoft 365. We use the AI tool in a very limited way, such as trainable classifiers. We also have the option to use another product called Syntex in collaboration with Purview, but this has not been explored much.

Technically Purview can enable us to show our compliance in real-time.

Purview reduced the time it takes us to act on insider threats by almost 90 percent. Previously, many violations were not reported or took months to be reported. Now, we can act on violations almost instantly, or within days.

Microsoft Purview partially helps organizations stay on top of compliance. The platform provides a number of technical features that can be used to manage compliance, but it is up to organizations to implement these features and take the necessary steps to ensure compliance.

Microsoft Information Protection uses sensitivity labels to classify and protect sensitive information. MIP works together with Data Loss Prevention to prevent sensitive information from being leaked outside of the organization. MIP also helps to mitigate insider risk by preventing unauthorized users from accessing sensitive information.

Purview's data connectivity platform has a good set of connectors for ingesting data from non-Microsoft data sources. However, it still falls short in terms of coverage of other systems. It is mostly integrated with the Microsoft stack, but there are connectors to other systems and sources of information. Overall, Purview is not a one-stop shop for protecting company information.

I am not sure that Purview was built with compliance guidelines in mind. It does have a component called Compliance Manager, which allows us to track our adherence to different standards, such as security and privacy standards around the globe. However, this is more of an add-on. I think there is still a significant gap between the technical capabilities of Purview and the ability to drive compliance or prove compliance through its use. I think this is a major gap that Microsoft does not adequately address. Purview is not a GRC tool. It is a set of security features, labeling features, and lifecycle features that do not come close to GRC tooling in terms of functionality. Additionally, there is no strong integration with the compliance framework, either in terms of rolling it out or proving our adherence to it.

I would like to see improvements to the compliance manager, such as making it easier to start small and grow over time. This is not possible at this time.

The current event-based retention management is very poor. This is an area that needs improvement. We need to be able to more natively or near natively label content for retention and sensitivity across other lines of business systems like Workday and ServiceNow. This would allow us to extend labeling to those applications and make it native. This would be of great benefit to our clients.

Purview's DLP protection has some downsides. One downside is that the tips only appear in native applications. This means that users will not see them in other applications, such as web browsers. Another downside is that the tips only cover a subset of all the information. This means that users may still need to seek out additional information elsewhere.

The technical support has room for improvement.

I have been using Microsoft Purview for a year and a half.

Microsoft Purview is extremely stable.

Microsoft Purview is highly scalable.

The first level of support is not very knowledgeable and it is hard to get proper support because of the procedures in place.

Neutral

The initial deployment was complex, but not because of technical difficulties. The main challenge was engaging end users and getting them to adopt the new system. This was because the system required them to think about information in a new way. The deployment took around 12 months and required five to ten people working two days a week.

The implementation was completed in-house.

The return on investment is very good for what Purview offers, but it does lack some of the features that other solutions have. For example, if we're replacing something that already exists, we could do something cheaper or quicker. However, the value of this solution is in its ability to mitigate risk. If we don't have any type of classification and security in place, we're always opening ourselves up to risks. The cost of this solution is high, but the cost of not having it could be much higher. The return on investment is around 200 percent.

Some people find the tier licensing system complicated, but it offers a lot of value for money if we use the features. In fact, many clients who use the E5 licenses find that they can get a better return on investment on those licenses. Once they do, they find that the tier licensing system is very fairly priced.

I give Microsoft Purview an eight out of ten.

Time to value is quite long, especially when it impacts end users and requires new skills and knowledge. This is especially true in IT departments and on the business side. However, once the value is realized, the return on investment can be very good.

This type of solution is deployed across the entire Microsoft 365 tenant. It also has an Azure side, which is two things across that tenant as well. There is no area where it is used more or less. However, there is more interest in the areas of security and privacy. Therefore, legal, HR and IT are the most likely places to deploy this solution. Finance and merger and acquisition are also areas where people have more interest in deploying Purview. However, it is normally deployed across the entire organization.

We have around 30 clients consisting of anywhere between 20,000 and 50,000 users.

The maintenance is overseen by a full-time compliance technical person and a compliance business person.

I would advise assessing the maturity of the people and processes before using these types of tools. The technical side of things is not too complicated but we need to have the people and processes in place to classify all of our information and to ensure that our policies are being triggered. This can be a challenge for many organizations, as most have dark data, especially on structured clients. Ultimately, it is the people and the processes that make the success of these tools, not the technology itself.

We use the platform to comply with regulations, and our specific use cases are information protection, information governance, data loss prevention, and insider risk mitigation.

The information protection and data loss prevention functions help our end users be fully aware of the sensitivity of certain information. From a management and CISO perspective, they have insight into where sensitive data is stored and whether we are required by law to delete it after a certain period. That's an invaluable overview of the situation, so our users are more aware, and Purview took our information governance to the next level. It also supports our certifications because it helps us comply with regulations, including ISO/IEC 27001, which are essential to our functioning.

The solution increased visibility into our estate; we had a problem with GDPR-related personal information stored in our environment, which we didn't have any insight into. When we used some of Purview's data governance, data lifecycle management, and content search features, we could rapidly go after that information and resolve compliance issues. The tool also provides management with much better oversight of our stored data.  

Purview enables us to show our compliance in real-time and supports it via the compliance manager and compliance score. The assessment templates within the latter allow us to provide an overview of what we have done within the Microsoft 365 and Dynamics environments to our auditors, which is very handy. We're an ISO-certified company, amongst others. In meetings with compliance regulators, we can show that we're using information protection, DLP, data governance, and data lifecycle management functions to comply with regulations fully. The solution dramatically speeds up the process of talking with external auditors. 

Purview saves us time and money. We're an information-intensive organization; seeing where our sensitive information is stored is a significant time-saver. In addition, showing we're safeguarding that data also saves us a great deal of time. From an efficiency standpoint, AI and auto-classification of information is another big time-saver, as the staff members working for our clients don't want to spend time considering how long data needs to be stored, whether it should be archived, how sensitive it is and so on. I can't quantify exactly how much, but all of the above reasons save us a significant amount of time and money.

The data classification part of the solution is excellent, especially as it gives us an insight into our sensitive data within Microsoft 365. 

Data loss prevention is an extremely useful feature. 

The built-in information protection function is another that stands out. 

Purview delivering data protection across multi-cloud and multi-platform environments, including AWS and GCP, is becoming increasingly important. It's a relatively new functionality, and I see the importance of it growing even more over the coming years. This kind of functionality is highly appreciated for organizations operating a multi-cloud environment. 

It's very important to us that Purview can connect to iOS, Mac, and Android devices and data in other SaaS apps. From information protection and data loss prevention perspectives, information is accessed using many different devices, and extending that protection to iOS and Android is a must-have for any platform.   

The product's natively integrated compliance across Azure, Dynamics 365, and Office 365 is essential. The ability to classify information across workloads, and have a holistic view over our entire data estate where sensitive information is stored and handled, is excellent, especially from a CISO perspective. This is a capability we didn't previously have. Having that overview of where data is stored, plus the multi-platform/multi-cloud approach is the future for data classification and information protection. Wherever our data is stored, we have an overview of which is sensitive and which isn't. 

I greatly appreciate that Purview was built considering critical regulations worldwide, especially the international standards within the compliance manager. There are ISO and NIST standards, ideal for larger countries such as the USA and extensive international organizations.  

We use Purview for data loss prevention (DLP), and we're confident that we can detect and remediate policy violations. Microsoft improved its solution with recent additions, including advanced conditions, and the product is coming of age. The DLP is reaching a maturity level where we can confidently compare it with competitors like Symantec. It goes beyond DLP on emails, documents, on-premise, and endpoints; governmental organizations especially need to detect if sensitive information is being handled on devices. In this respect, Purview offers comprehensive protection.  

Used correctly, Purview is essential in staying on top of compliance. One of the best features in this regard is the solution's compliance manager, which helps us effectively comply with all the regulations. Many organizations should start using the platform because it will keep them on top of their compliance stances, and Microsoft periodically updates the assessments. We must be aware of updates and changes, as we can miss them if we do not pay attention. We can't just run the solution, walk away, and think we're compliant; it requires some monitoring of the developments from a roadmap perspective.   

Microsoft is doing an excellent job improving the platform, and they have a lot coming out shortly. However, the licensing around compliance could be much more transparent; it isn't clear for many organizations what kind of license they need to use, whether that's E5, E5 compliance, an information protection license, user-based, or platform-based. More information here would be a welcome improvement.

Blueprints and landing zones like we have in Azure would be great to see in Purview. The solution could offer a baseline or blueprint of recommended settings for compliance regulations such as GDPR and ISO, which could be applied with a simple switch in the options. 

Some dashboard centralization, like one overview dashboard instead of many loosely connected ones, could be a good improvement.

We must build our own assessments to comply with Dutch regulations, a mix of international and EU standards, as they aren't native to the solution. Many of our clients in the Netherlands require adherence to Dutch regulations, and as well as Purview covers the international aspect, the Dutch side is covered less than we would like.

There's room for improvement regarding Purview's data loss prevention for educating users on how best to handle sensitive data. Microsoft is working on improving the policy tips. Still, from a user's perspective, I want to see more information in the case of a policy violation, such as context or details on why a specific rule is triggered. There are ways to tweak the DLP options, but a significant improvement would be real-time notifications when working on an email or message within Teams, for example. DLP is only triggered when sending or saving, so real-time notifications would be great. The basic functionality is there, but there's room for improvement. 

We've been using Purview for around a year since Microsoft changed the name, but we've used the functionality within Purview for five to ten years.

We haven't had much experience with customer support as we didn't encounter many problems. However, the response is usually rapid, and the expertise depends on the technical knowledge of the agent we speak to.

Neutral

We didn't use different solutions, but some of our clients did and still do, mostly DLP and data classification platforms. The trend is that more have been moving to Purview because many are already paying for it within their licenses and not using it. We're an IT company focusing on Microsoft technology, so we went straight for Purview.

My colleague carried out the initial setup, and I'm primarily involved in deploying the solution's functions to our clients. Setup requires some planning, a discussion with the stakeholders, and a good sense of the data, but it's mostly very straightforward from an admin's perspective.

Our use case is mainly to do with GDPR-related data, and being able to get an overview of that information and act on it led to a speedy return on investment for us. Other organizations in the Netherlands bound by specific government regulations will also see a quick return on their investment when they discover they can classify their information and comply with regulations.

Aside from the complexity of the pricing model, the price itself is realistic. Features like AI components and automatic classification require additional licenses. Still, anyone can start using Purview with a basic E3 license if they're using Microsoft 365 and grow with additional licenses as needed. Overall, we're satisfied with the price.

With the way information is being used and the growth of data, the need for additional licenses for auto-classification etc., will become more and more apparent. I wouldn't be surprised if Microsoft incorporated those into the basic license in the future.

I rate the solution eight out of ten. 

Regarding Purview's data connector platform for supporting ingestion from non-Microsoft data sources, I have yet to work with it much. In highly regulated environments such as government organizations, it's very relevant, but I have yet to see it used much. The main reason is that the data connector platform is a relatively unknown component within the solution. It has its merits, but the use cases are limited.

If this were a year ago, I would have said the solution is getting there but hasn't reached maturity. However, Purview is now a very comprehensive solution; with all the enhancements, it's one of the best products available.

As Purview reached a maturity level where it could compete with third-party DLP solutions, some of our clients were able to move away from specific endpoint DLP products like Symantec DLP. Going with Purview also allowed these clients to fully leverage their existing licenses within Microsoft 365 and simplify their data governance. It provides a holistic view of the data estate, enables Defender for Cloud in Azure, and offers an integrated overview in one pane of glass.

Regarding automation, we use some limited functions using the solution's trainable classifiers and auto-classification of information. This notifies the user when working with certain kinds of sensitive data, GDPR and otherwise, so we use some basic AI functions within the platform.  

We're not currently using the product for insider risk management. Still, we are in the process of looking into implementing those features and how we could leverage them within our environment.

We utilize Microsoft Purview to manage our data classifications, identify sensitive information in our documents for certification protection and data loss prevention, and we anticipate employing insider risk management. While we haven't yet implemented insider risk management, it is part of our strategic plan and compliance assessment.

From an access management standpoint, we have users accessing our data from various mobile devices, including Android, iOS, and iPad, as well as Windows and MacBook computers. Therefore, it is crucial to implement consistent policies and safeguards across all platforms, regardless of the operating system or device type.

We are a heavily Microsoft shop so all Microsoft platforms are important to us and Purview's natively integrated compliance is great.

It is important and useful for us that Purview was built taking into account critical regulations from around the world.

We report on all of our DLP policy violations. We have alerts set up to notify our security team to take action when violations occur.

Microsoft Purview Data Loss Prevention is an effective tool for educating users on how to best handle sensitive data. It can detect and identify various types of sensitive data, although we have observed that not all of the built-in detection mechanisms function flawlessly. Consequently, we have had to modify some of the detection modules. Additionally, certain detection rules specific to New Zealand have not performed as expected. Despite these limitations, the ability to detect sensitive data and utilize prompts to guide users in correctly classifying documents is quite valuable. We intend to expand our use of these features as we progressively deploy Purview across our organization.

We have several Mac OS users in our business, so it is important that Purview can and does extend policies regardless of the platform being used.

Since implementing Purview, the compliance assessment process has been effective. The expansion of country-specific regulations has been a crucial development. In New Zealand, we've utilized built-in privacy act laws and regulations, which have been beneficial. However, I believe the integration of the Copilot tool and advancements in AI will likely bring about continuous changes to the compliance landscape.

With Purview, we can continue using native Microsoft products for scalability, eliminating the need to rely on external vendors. This approach reduces the number of vendors in our environment.

The visibility Purview provides into our estate is useful. We have had a privacy campaign running for the last year and using Purview to essentially see where our data and sensor data are.

Purview enables us to show our compliance in real-time. We would use it to help demonstrate our compliance to regulators.

Purview enables us to save approximately 30 percent of our security team's time by providing visibility into previously obscured areas of our environment. Moreover, Purview is seamlessly integrated into our existing Microsoft licenses, eliminating any additional costs.

Purview helps us stay on top of compliance.

Data authentication enables us to classify documents based on whether they should be restricted for internal consumption or permitted for external sharing. This classification allows us to apply appropriate policies to each document type.

The DLP is also a valuable feature that we use.

The reporting is limited and has room for improvement.

Privacy features should be integrated into the core product rather than offered as optional add-ons, as privacy is not a luxury but a fundamental requirement.

I have been using Microsoft Purview for six months.

I would rate the stability of Purview a nine out of ten.

Purview can meet our scalability needs.

The technical support used to be more reliable and consistently good. Now, while it's still possible to get assistance from a knowledgeable representative, the overall quality of support has declined.

Neutral

We previously used Azure Information Protection and Symantec DLP. We switched to Microsoft Purview because of the cost savings.

Initial deployment is straightforward as we are a Microsoft shop, facilitating seamless integration with the native platform.

The deployment of Purview involved three individuals: one primary engineer and one architect. The initial deployment phase spanned six weeks, followed by an ongoing tuning process to maintain Purview's up-to-date status.

We have seen a return on investment, but it is too early to quantify the exact savings.

Purview is included in our Microsoft E5 licensing. There is no additional cost, but it does require us to maintain an E5 license to continue using Purview.

To fully justify the cost of Purview, it is important to leverage all of its capabilities.

I would rate Microsoft Purview a seven out of ten. While Purview is gradually improving, its reporting capabilities remain subpar. As we introduce additional products like Copilot and others, there will likely be a need for more robust integration plans that outline how these products will interact and the benefits they will provide.

We only use Microsoft Purview in our Microsoft 365 workload environment.

We are currently evaluating AI products like Copilot and several chatGPT-style tools for potential implementation within our organization. However, we are proceeding cautiously until we have fully implemented Purview to address our concerns regarding potential data loss associated with AI product usage. Once we are satisfied with Purview's effectiveness in mitigating these risks, we will accelerate our evaluation and adoption of AI products.

We have 5,000 users who were using Purview for the software, and we have a two-person support team. Every corporate user in our organization has a license to use the solution.

Purview requires regular maintenance because there is an ongoing need to review components like DLP rules and data classification. This ongoing maintenance ensures that the system continues to function effectively and accurately. Additionally, ongoing tuning helps to minimize false positives and false negatives, ensuring that the system accurately detects potential issues.

Ensure clear communication regarding the desired grouping of data classifications and the functioning of the data loss prevention policy. Understanding these aspects is crucial for effective product utilization. User training and communication are essential around the implementation of the data loss prevention policy as it impacts user behavior. Senior leadership should take the lead in championing this initiative, possibly as part of a broader privacy or border protection campaign. Our involvement in this process can be minimal.

We are integrating Purview with Copilot. We are creating prompts in Copilot for whatever we require from Purview. There are multiple scenarios where we create something in Purview: eDiscovery, auditing, labels, and data loss protection alerts. It is something like the parent application for the data loss alerts.

The major benefit is the workflow inside Purview. While creating policies, we can add an organization's security groups and, for those particular users, we can control the user data or exfiltration. We can control the workflow of those users. If we want to exclude a particular channel that they use to communicate about sensitive data, we don't need to monitor it. We can just exclude it. That means we can include or exclude every individual step in their workflow. Based on our customers' requirements, because there are a lot of features in Purview, we can easily include, exclude, enable, or disable things. That is the major advantage of Purview.

Also, it has reduced false-positive alerts for data loss protection. Why? Because the policies or detection patterns are based on the normal or generic concepts that apply within each organization. Each will have its own set of policies. And that generates fewer alerts. An organization can have particular data monitored, and that can be changed from organization to organization. As a result, there is a lower chance of false-positive scenarios.

My favorite features are eDiscovery and insider risk management, because these are the major threats to an organization that can't be easily traced.

Also, there are multiple rules within Purview related to cloud applications. Purview's major focus is on Microsoft Azure and its Microsoft cloud-related applications, such as Exchange, OneDrive, SharePoint, et cetera. They have created a set of rules and added workflows to the policies as well. That means we can directly add those particular cloud workflows to the policies. Alerts can be triggered and workflows implemented based on the rules that we set while creating a policy inside Purview.

We also use Copilot, the next generation of ChatGPT. If you ask it: "According to Purview, what were the DLP alerts that were generating today?" it will take just five seconds to generate the data—whatever is available in the backend of Purview. Copilot is integrated with Purview. If a person is using Purview but doesn't have any idea how to operate it—meaning they don't know how to search for alerts—they can easily ask Copilot. They can create a prompt. That way, a non-technical person can get the data.

Also, all the required security products are integrated with Purview, including endpoint DLP.

I would like to see them simplify advanced hunting. There are differences when looking at an incident in the M365 portal versus Purview, and the main one is the advanced hunting. In the M365 portal, you can write KQL queries and fetch data. If that was available in Purview, it would be very good.

Another issue is that for incidents, only DLP alerts are available in Purview, not the incidents themselves. An incident consists of multiple categories of alerts belonging to multiple products. But in Purview, we can only see DLP alerts, yet those alerts could be part of an incident in the incident portal. We are not able to see if a particular alert ID is part of a given incident.

For example, if an exfiltration happens, the exfiltration-related alert will only be triggered inside of Purview. But it's possible that before the exfiltration, there was a kill chain there, such as initial access, privilege escalation, a user being compromised, or a brute-force attack. Those types of alerts are not available inside Purview. They are covered in other Microsoft products. All those products' alerts will combine into one case and generate an incident as a single story. But in Purview, the incident is not available.

I have been using Microsoft Purview since it was introduced. I am part of our Purview team.

With Purview itself, I have not faced any issues, but there have been some with Copilot.

The scalability of Purview is eight to nine out of 10.

The price is a little bit high, but it's worth the money because it has a lot of features. And there will be more features in the future.

My advice is that you need to understand the architecture of Purview first. Play with it and go through the data loss policies. Whoever is using Purview should have some idea about data loss protection policies. If you have these things, you can easily do things in Purview, such as labeling and IRM.

There is no maintenance. As a user, you just see the alerts, while the protection is taken care of by the Microsoft team.

To ensure compliance with numerous regulations for our data governance initiative, we employ Microsoft Purview for data classification.

In our specific case, we only have on-premises servers and the same Microsoft cloud platform, Azure. I have not used Microsoft Purview with any other cloud providers like AWS or anything like that. However, it appears that Purview can be used to protect data across multiple clouds and platforms.

In the future, it could be important for us that Purview can connect to iOS, Mac, and Android devices. We will be onboarding data that requires updating some of the tables, descriptions, and other aspects. In that case, it would be beneficial for users to be able to access it from different devices. However, in my case and for the people in IT, we will always be using computers.

Microsoft Purview's native integration with Azure Dynamics and Office compliance is good. We have utilized it with Synapse Analytics and Data Factory, both Microsoft products. The integration is seamless and efficient. However, in the context of Synapse Analytics, its value proposition is less evident. While it is a nice feature, I cannot fully grasp its significance.

It is crucial that Purview was built with consideration for critical regulations from around the world. This is an integral part of the classification rules and it simplifies our work. However, I haven't seen specific references to regulations such as GDPR or PII. There are numerous laws in different states, as well as preferences here in Canada, but I haven't come across specific examples. Nevertheless, the classifications encompass a wide range of government information, sensitive data like financial information, and personal information based on various formats that we can even adjust or create our own. So, it's a positive aspect.

Purview has assisted us in creating an updated catalog that is more realistic. It has also enabled us to quickly classify our data. Additionally, we aim to enrich the data catalog with more metadata, both now and in the future. While this process is primarily manual, we are exploring ways to involve business users to streamline it.

It has improved the visibility into our estate.

Purview allows us to demonstrate our compliance on a near real-time basis. While executing a single scan will provide updated information, it doesn't provide true real-time visibility. To achieve the closest to real-time compliance monitoring, we can execute data extraction processes every four hours.

We have saved around 40 hours per month on some of our projects, which also leads to cost savings.

The ability to classify data quickly and effortlessly is arguably Microsoft Purview's most valuable feature. It can scan all tables and columns, identifying those that contain personal names, date builds, or other sensitive information.

I am interested in exploring the process of data scanning to identify data lines that do not contain stored procedures. This would allow us to detect potential black boxes within our data, where we are unable to trace the flow of information and identify all instances of stored procedures. Additionally, we would like to expand the reporting capabilities beyond Power BI to encompass other visualization tools such as Tableau, Looker, and others.

Reflecting organizational changes within Purview is impractical. Any such changes necessitate discarding existing data and starting anew, which increases both the cost and time required for maintenance. Therefore, I believe that enhancing Purview's maintainability is crucial.

I have been using Microsoft Purview for one year.

I would rate the stability of Purview a nine out of ten.

Purview is easily scalable in the cloud.

The technical support team was readily available for a Zoom call and was able to view my screen and provide assistance. The only downside was that I ultimately resolved the issue myself, which suggests that the local Microsoft support may not be as knowledgeable.

Positive

I have used other solutions other than Purview but it doesn't encompass the entire data management lifecycle. For example, Tableau has a data management suite, but it's primarily focused on analyzing reports, enforcing visualization governance, and managing data within Tableau itself. It doesn't extend to data sources or beyond that. Other data management tools in development offer similar functionality, but they may not have specific classifications for personal information.

The initial deployment was straightforward. The cloud administrator handled the subscription and all the necessary paperwork, while I proceeded with the setup.

The price is reasonable considering its value.

I would rate Microsoft Purview nine out of ten. Purview is a good product but still has some areas to improve.

Thus far, we haven't had any comprehensive maintenance for Purview. While there is maintenance required for scanning new servers, that's essentially the extent of our maintenance efforts. We may need to make significant changes to Purview's structure to enhance its usability. Purview's current structure resembles that of an organizational department. For instance, if a marketing application is mistakenly scanned under HR, I cannot simply move it to the correct location. Instead, I must discard all existing data and start from scratch.

Our goal was to provide insights into the latest data entries, implement governance measures, identify and classify sensitive data, and address specific business use cases. The primary use cases revolved around establishing a comprehensive data lineage, accompanied by pertinent metadata. This was primarily aimed at providing a business-centric dashboard, enabling stakeholders to visualize how data moves from one point to another and ultimately reaches the target. 

In my experience, I've utilized it on Windows machines with Blackfish without encountering any issues.

The dashboard offers insights into the nature of the data, and the transformations occurring between different columns, and allows for traceability to identify any issues that may arise. These use cases have proven highly beneficial not only for business analysis but also for support activities. For instance, it aids support personnel in quickly identifying issues such as missing data or anomalies, streamlining the troubleshooting process for efficient problem resolution.

Purview facilitates data management across diverse cloud and platform environments, encompassing AWS and GCP. However, my experience has been exclusively with Azure. Given that my ecosystem operates within Azure, both the source and target activities are conducted seamlessly within the Azure framework. The integration is smooth since Microsoft Purview is inherently designed for Microsoft components, making it effortless to establish connections and retrieve the required data. I haven't employed it for other sources or alternative cloud systems.

The importance of Purview lies in its careful consideration of critical global regulations. As a data governance solution, it plays a crucial role in business development processes. Given the potentially sensitive nature of incoming data, proper classification is essential to ensure specialized treatment. This facilitates easy access for subsequent activities such as metadata modifications or updates, providing sufficient information for comprehension by business personnel. The tool proves beneficial for data quality officers, enabling them to monitor data and detect any discrepancies, empowering them to take necessary actions. In the realm of the cloud, Purview emerges as a highly valuable data governance solution.

The integration of Microsoft Purview has significantly reduced the need for multiple solutions to interact within our company. This reduction not only streamlines processes but also saves time. For example, when a problem arises, understanding, identifying, and resolving it becomes much easier compared to the traditional approach of tracing through multiple systems for the root cause. With Microsoft Purview, the identification process is simplified, leading to potential savings in support efforts. Business stakeholders also benefit by gaining more visibility into how data flows through the system and understanding the metadata information without relying heavily on support or technical personnel. This autonomy enhances their ability to assess and comprehend the situation independently.

I haven't implemented it to enhance response time for insider threats by applying security measures. However, the tool does provide visibility into the movement of data, allowing the data control officer to monitor and classify alarms promptly. In the event of an alert, appropriate actions can be taken accordingly.

Efforts have significantly diminished, and this reduction is directly proportional to cost savings. As a technical person involved in both solution development and support processes, I've observed a reduction of more than fifty percent. The turnaround time for issue resolution has notably decreased. Previously, it took others a considerable amount of time to identify the root cause, but with Microsoft Purview, pinpointing issues and finding solutions has become much more efficient.

It has had a significant impact on our capacity to maintain compliance. As a data governance solution, it offers features essential for ensuring that compliance requirements are thoroughly met, and data processing aligns with regulatory standards.

The user interface is highly intuitive and user-friendly.

I appreciate it because it provides a unified solution. Everything can be managed in one place, from scanning sources to making assets available. The access includes comprehensive metadata information, presented in a non-technical manner for easy comprehension of the asset's nature. The visualization it offers is quite clear. Additionally, it creates a lineage based on data processing, allowing for workflow authorization and control over metadata modifications or other activities. 

It caters to the entire micro-ecosystem, providing connectivity and seamless data flow. It allows for scanning, asset discovery, and data coverage. While there are some existing limitations, it's important to note that the tool is continuously evolving. I believe it holds great potential and will become an excellent resource for development in the future.

Purview's data connector platform is designed to facilitate ingestion from non-Microsoft data sources. I've personally applied this feature to one of our sources, an Oracle database. Specifically, we utilized ADA for data permissions and seamlessly integrated it with the Azure Data Factory pipeline. This automated the connection to Oracle, enabling the setup of data extraction and loading processes. Overall, it proved to be a valuable and effective feature.

Enhancing the tool's capability to connect to multiple sources would be valuable. Also, when data is transformed in other systems, the tool should capture the relevant metadata and generate lineage for those systems as well. Thirdly, addressing limitations, such as relying on Apache Atlas for mitigation, should be handled within the Microsoft tool itself rather than external dependencies like Apache Atlas.

I have been using it for approximately six months.

The stability is satisfactory, and I would give it a rating of eight out of ten.

I have utilized it in a cloud environment, and scalability is assured.

I am content with technical support, but for various inquiries, the responses often indicate that the feature is either not available or still in a previous state. I would rate it eight out of ten.

Positive

The initial setup was straightforward. Even individuals with less technical expertise can do it.

Deployment spanned a week and involved six different individuals.

Maintenance becomes necessary when leveraging external APIs and tools, especially concerning access management. However, once the initial setup using MS Purview is complete, ongoing maintenance is minimal. Automation takes over with continuous scanning, automatic data classification, and sensitivity labeling. Workflows can be established and utilized for an extended period, reducing the need for frequent maintenance.

I consider it cost-efficient because of the metrics it provides. With each scan being incremental, avoiding redundant scans of the same object, the tool offers a way to manage costs effectively.

We didn't extensively evaluate other options because Microsoft Purview successfully met the requirements for the specific tasks at hand. However, during implementation, I became aware of more mature tools available in the market that might offer greater capabilities. It seems that Microsoft Purview is still evolving compared to these more established alternatives.

In my scenario, I encountered difficulty connecting to a file system database, especially when it was located on a different server. Additionally, when working with an in-house solution like Azure Data Factory, while Microsoft Purview can successfully bring metrics to tables as assets, it faces limitations in identifying the leading use of those assets. For instance, a database solution handling ETL activities may not seamlessly provide insights into the transformations, sources, immediate obligations, and final targets associated with a specific asset, making it challenging to track its usage directly within Microsoft Purview.

I would strongly recommend Microsoft Purview when utilizing solutions within the Microsoft ecosystem, such as Data Factory, various applications, and databases.

Overall, I would rate it a seven out of ten because several features are still in a preliminary state. Given that it is in preview, it may not be as stable or fully functional yet. Also, the absence of data quality and data profiling mechanisms contributes to this rating.

In both my previous and current organizations, I've worked with Microsoft Purview. While my previous company had a premium license for all services, my current one doesn't. At my previous company, I used Purview to design communication compliance policies, likely leveraging some pre-built policies from Microsoft security. Initially, we lacked a specific goal, but my exploration of the platform led me to pursue a cybersecurity certification to optimize its use. This helped me design DLP policies more effectively and implement signing for communication compliance policies. Recently, I discovered eDiscovery and its value for exporting large datasets for specific employees based on their protection level. Lastly, I found its activity tracking feature particularly useful for monitoring employee movements in our large, partially remote workforce of nearly 100 employees, with less than half in the main office. This tracking proved valuable for detecting potential data leaks during employee departures. I briefly explored Insight Risk Management during a one-month license trial.

Purview's multi-platform capabilities, supporting iOS, Mac, and Android, have been invaluable to me. As a beginner in device management software, the prospect of using another option with a large web portal felt daunting. Purview's ability to manage devices across different operating systems saved me significant time.

At my previous company, all internal data lived in Azure, but client data resided in Salesforce. This siloed structure made comprehensive data control impractical without a tool like Purview that seamlessly supports ingestion from non-Microsoft data sources.

Purview's natively integrated compliance across Azure Dynamics 365 and Office 365 is even stronger than its ability to integrate with third-party solutions.

It's crucial that Purview was built with critical regulations from around the world in mind, especially for those of us in the European Union where EU regulations apply. This is a key consideration for everyone involved in data governance. While some frameworks offer vast data capabilities, the sheer volume of work required for a medium-sized business to ensure compliance with regulations across all these frameworks would be insurmountable.

I initially found the DLP system overwhelming due to its capabilities exceeding the needs of our small organization, where I implemented simpler policies. However, it proved valuable for ensuring compliance with GDPR, and PCI DSS and provided visibility into sensitive data sharing.

Purview has saved our organization a huge amount of money and time.

Through Purview, we were able to streamline our technology stack by consolidating the number of solutions we relied on. This prompted us to re-evaluate our vendor landscape, ultimately leading us to migrate everything to Microsoft and leverage their comprehensive suite of tools. Surprisingly, most of the functionalities we previously paid for were already available within the Microsoft ecosystem. This simplified our IT infrastructure, transitioning us from a predominantly on-premises setup to a cloud-based one, with Microsoft solutions forming the core of our cloud environment.

Purview has improved my ability to stay on top of compliance.

The most valuable feature is the tracking activity and device onboarding.

I have some concerns about the separation of roles in Purview from the Microsoft tenant, as well as how they interact with the security portal and endpoint manager. Certain permission issues or protracted permission updates could arise due to suboptimal configuration, potentially extending the expected timeframe.

I have been using Microsoft Purview for two years.

Microsoft Purview is stable in protection but there are some bugs in the GUI.

Designed for enterprise-level organizations, Microsoft Purview scales effortlessly.

The initial deployment was straightforward. I was able to do the entire deployment with the help of one other person.

We used a Microsoft partner when we started working with the tenant before starting to use Purview.

While Purview's standard pricing might not be accessible to most small businesses, we were fortunate to benefit from the educational pricing which made it a financially viable option for our needs.

I would rate Microsoft Purview a nine out of ten.

Maintaining Purview is essential, as some internal problems, like endpoints disconnecting within the organization, can develop over time.

To fully leverage Microsoft Purview's capabilities, it is recommended that one first familiarize themselves with the organization's existing infrastructure.