Microsoft Purview Data Governance Reviews

We use Microsoft Purview to protect and govern our information.

It is important for Microsoft Purview to provide data protection across multi-cloud and multi-platform environments, including AWS and GCP. I have been a consultant for a year and a half, advising mostly European enterprise customers. All customers, from mid-sized to larger, have diverse storage solutions. Therefore, it is important for Microsoft Purview to be flexible enough to be applied to various environments, such as multi-cloud. Although the product is not yet there, it is important to many business customers.

The enterprise IT landscape is diverse, with various devices, SaaS applications, and multi-cloud solutions. Protecting and governing information is a need that spans all of these touchpoints and Microsoft Purview helps us do that.

Purview's native integration with Azure Dynamics 365 and Office 365 is essential because many organizations use these Microsoft products. This native integration is unmatched by other solutions.

Purview DataOps Protection does a great job of remediating policy violations. It has a comprehensive reporting and fine-tuning integration that allows us to track policy violations effectively. Overall, I think it does a great job of protecting data.

Purview recently improved in the area of DLP. These tips are now available across different platforms, such as Office and Outlook, and they are getting better. This is helpful in educating users about policies. 

Microsoft Purview helped us control the growth of data, reduce dark data, and better protect against the filtration of data.

Purview increased our visibility into our other Microsoft solutions.

We use AI and automation sparingly. This is not part of Purview directly, but an AI tool that helps us determine if data is redundant or has business value before we move it to Azure or Microsoft 365. We use the AI tool in a very limited way, such as trainable classifiers. We also have the option to use another product called Syntex in collaboration with Purview, but this has not been explored much.

Technically Purview can enable us to show our compliance in real-time.

Purview reduced the time it takes us to act on insider threats by almost 90 percent. Previously, many violations were not reported or took months to be reported. Now, we can act on violations almost instantly, or within days.

Microsoft Purview partially helps organizations stay on top of compliance. The platform provides a number of technical features that can be used to manage compliance, but it is up to organizations to implement these features and take the necessary steps to ensure compliance.

Microsoft Information Protection uses sensitivity labels to classify and protect sensitive information. MIP works together with Data Loss Prevention to prevent sensitive information from being leaked outside of the organization. MIP also helps to mitigate insider risk by preventing unauthorized users from accessing sensitive information.

Purview's data connectivity platform has a good set of connectors for ingesting data from non-Microsoft data sources. However, it still falls short in terms of coverage of other systems. It is mostly integrated with the Microsoft stack, but there are connectors to other systems and sources of information. Overall, Purview is not a one-stop shop for protecting company information.

I am not sure that Purview was built with compliance guidelines in mind. It does have a component called Compliance Manager, which allows us to track our adherence to different standards, such as security and privacy standards around the globe. However, this is more of an add-on. I think there is still a significant gap between the technical capabilities of Purview and the ability to drive compliance or prove compliance through its use. I think this is a major gap that Microsoft does not adequately address. Purview is not a GRC tool. It is a set of security features, labeling features, and lifecycle features that do not come close to GRC tooling in terms of functionality. Additionally, there is no strong integration with the compliance framework, either in terms of rolling it out or proving our adherence to it.

I would like to see improvements to the compliance manager, such as making it easier to start small and grow over time. This is not possible at this time.

The current event-based retention management is very poor. This is an area that needs improvement. We need to be able to more natively or near natively label content for retention and sensitivity across other lines of business systems like Workday and ServiceNow. This would allow us to extend labeling to those applications and make it native. This would be of great benefit to our clients.

Purview's DLP protection has some downsides. One downside is that the tips only appear in native applications. This means that users will not see them in other applications, such as web browsers. Another downside is that the tips only cover a subset of all the information. This means that users may still need to seek out additional information elsewhere.

The technical support has room for improvement.

I have been using Microsoft Purview for a year and a half.

Microsoft Purview is extremely stable.

Microsoft Purview is highly scalable.

The first level of support is not very knowledgeable and it is hard to get proper support because of the procedures in place.

Neutral

The initial deployment was complex, but not because of technical difficulties. The main challenge was engaging end users and getting them to adopt the new system. This was because the system required them to think about information in a new way. The deployment took around 12 months and required five to ten people working two days a week.

The implementation was completed in-house.

The return on investment is very good for what Purview offers, but it does lack some of the features that other solutions have. For example, if we're replacing something that already exists, we could do something cheaper or quicker. However, the value of this solution is in its ability to mitigate risk. If we don't have any type of classification and security in place, we're always opening ourselves up to risks. The cost of this solution is high, but the cost of not having it could be much higher. The return on investment is around 200 percent.

Some people find the tier licensing system complicated, but it offers a lot of value for money if we use the features. In fact, many clients who use the E5 licenses find that they can get a better return on investment on those licenses. Once they do, they find that the tier licensing system is very fairly priced.

I give Microsoft Purview an eight out of ten.

Time to value is quite long, especially when it impacts end users and requires new skills and knowledge. This is especially true in IT departments and on the business side. However, once the value is realized, the return on investment can be very good.

This type of solution is deployed across the entire Microsoft 365 tenant. It also has an Azure side, which is two things across that tenant as well. There is no area where it is used more or less. However, there is more interest in the areas of security and privacy. Therefore, legal, HR and IT are the most likely places to deploy this solution. Finance and merger and acquisition are also areas where people have more interest in deploying Purview. However, it is normally deployed across the entire organization.

We have around 30 clients consisting of anywhere between 20,000 and 50,000 users.

The maintenance is overseen by a full-time compliance technical person and a compliance business person.

I would advise assessing the maturity of the people and processes before using these types of tools. The technical side of things is not too complicated but we need to have the people and processes in place to classify all of our information and to ensure that our policies are being triggered. This can be a challenge for many organizations, as most have dark data, especially on structured clients. Ultimately, it is the people and the processes that make the success of these tools, not the technology itself.

We utilize Microsoft Purview to manage our data classifications, identify sensitive information in our documents for certification protection and data loss prevention, and we anticipate employing insider risk management. While we haven't yet implemented insider risk management, it is part of our strategic plan and compliance assessment.

From an access management standpoint, we have users accessing our data from various mobile devices, including Android, iOS, and iPad, as well as Windows and MacBook computers. Therefore, it is crucial to implement consistent policies and safeguards across all platforms, regardless of the operating system or device type.

We are a heavily Microsoft shop so all Microsoft platforms are important to us and Purview's natively integrated compliance is great.

It is important and useful for us that Purview was built taking into account critical regulations from around the world.

We report on all of our DLP policy violations. We have alerts set up to notify our security team to take action when violations occur.

Microsoft Purview Data Loss Prevention is an effective tool for educating users on how to best handle sensitive data. It can detect and identify various types of sensitive data, although we have observed that not all of the built-in detection mechanisms function flawlessly. Consequently, we have had to modify some of the detection modules. Additionally, certain detection rules specific to New Zealand have not performed as expected. Despite these limitations, the ability to detect sensitive data and utilize prompts to guide users in correctly classifying documents is quite valuable. We intend to expand our use of these features as we progressively deploy Purview across our organization.

We have several Mac OS users in our business, so it is important that Purview can and does extend policies regardless of the platform being used.

Since implementing Purview, the compliance assessment process has been effective. The expansion of country-specific regulations has been a crucial development. In New Zealand, we've utilized built-in privacy act laws and regulations, which have been beneficial. However, I believe the integration of the Copilot tool and advancements in AI will likely bring about continuous changes to the compliance landscape.

With Purview, we can continue using native Microsoft products for scalability, eliminating the need to rely on external vendors. This approach reduces the number of vendors in our environment.

The visibility Purview provides into our estate is useful. We have had a privacy campaign running for the last year and using Purview to essentially see where our data and sensor data are.

Purview enables us to show our compliance in real-time. We would use it to help demonstrate our compliance to regulators.

Purview enables us to save approximately 30 percent of our security team's time by providing visibility into previously obscured areas of our environment. Moreover, Purview is seamlessly integrated into our existing Microsoft licenses, eliminating any additional costs.

Purview helps us stay on top of compliance.

Data authentication enables us to classify documents based on whether they should be restricted for internal consumption or permitted for external sharing. This classification allows us to apply appropriate policies to each document type.

The DLP is also a valuable feature that we use.

The reporting is limited and has room for improvement.

Privacy features should be integrated into the core product rather than offered as optional add-ons, as privacy is not a luxury but a fundamental requirement.

I have been using Microsoft Purview for six months.

I would rate the stability of Purview a nine out of ten.

Purview can meet our scalability needs.

The technical support used to be more reliable and consistently good. Now, while it's still possible to get assistance from a knowledgeable representative, the overall quality of support has declined.

Neutral

We previously used Azure Information Protection and Symantec DLP. We switched to Microsoft Purview because of the cost savings.

Initial deployment is straightforward as we are a Microsoft shop, facilitating seamless integration with the native platform.

The deployment of Purview involved three individuals: one primary engineer and one architect. The initial deployment phase spanned six weeks, followed by an ongoing tuning process to maintain Purview's up-to-date status.

We have seen a return on investment, but it is too early to quantify the exact savings.

Purview is included in our Microsoft E5 licensing. There is no additional cost, but it does require us to maintain an E5 license to continue using Purview.

To fully justify the cost of Purview, it is important to leverage all of its capabilities.

I would rate Microsoft Purview a seven out of ten. While Purview is gradually improving, its reporting capabilities remain subpar. As we introduce additional products like Copilot and others, there will likely be a need for more robust integration plans that outline how these products will interact and the benefits they will provide.

We only use Microsoft Purview in our Microsoft 365 workload environment.

We are currently evaluating AI products like Copilot and several chatGPT-style tools for potential implementation within our organization. However, we are proceeding cautiously until we have fully implemented Purview to address our concerns regarding potential data loss associated with AI product usage. Once we are satisfied with Purview's effectiveness in mitigating these risks, we will accelerate our evaluation and adoption of AI products.

We have 5,000 users who were using Purview for the software, and we have a two-person support team. Every corporate user in our organization has a license to use the solution.

Purview requires regular maintenance because there is an ongoing need to review components like DLP rules and data classification. This ongoing maintenance ensures that the system continues to function effectively and accurately. Additionally, ongoing tuning helps to minimize false positives and false negatives, ensuring that the system accurately detects potential issues.

Ensure clear communication regarding the desired grouping of data classifications and the functioning of the data loss prevention policy. Understanding these aspects is crucial for effective product utilization. User training and communication are essential around the implementation of the data loss prevention policy as it impacts user behavior. Senior leadership should take the lead in championing this initiative, possibly as part of a broader privacy or border protection campaign. Our involvement in this process can be minimal.

To ensure compliance with numerous regulations for our data governance initiative, we employ Microsoft Purview for data classification.

In our specific case, we only have on-premises servers and the same Microsoft cloud platform, Azure. I have not used Microsoft Purview with any other cloud providers like AWS or anything like that. However, it appears that Purview can be used to protect data across multiple clouds and platforms.

In the future, it could be important for us that Purview can connect to iOS, Mac, and Android devices. We will be onboarding data that requires updating some of the tables, descriptions, and other aspects. In that case, it would be beneficial for users to be able to access it from different devices. However, in my case and for the people in IT, we will always be using computers.

Microsoft Purview's native integration with Azure Dynamics and Office compliance is good. We have utilized it with Synapse Analytics and Data Factory, both Microsoft products. The integration is seamless and efficient. However, in the context of Synapse Analytics, its value proposition is less evident. While it is a nice feature, I cannot fully grasp its significance.

It is crucial that Purview was built with consideration for critical regulations from around the world. This is an integral part of the classification rules and it simplifies our work. However, I haven't seen specific references to regulations such as GDPR or PII. There are numerous laws in different states, as well as preferences here in Canada, but I haven't come across specific examples. Nevertheless, the classifications encompass a wide range of government information, sensitive data like financial information, and personal information based on various formats that we can even adjust or create our own. So, it's a positive aspect.

Purview has assisted us in creating an updated catalog that is more realistic. It has also enabled us to quickly classify our data. Additionally, we aim to enrich the data catalog with more metadata, both now and in the future. While this process is primarily manual, we are exploring ways to involve business users to streamline it.

It has improved the visibility into our estate.

Purview allows us to demonstrate our compliance on a near real-time basis. While executing a single scan will provide updated information, it doesn't provide true real-time visibility. To achieve the closest to real-time compliance monitoring, we can execute data extraction processes every four hours.

We have saved around 40 hours per month on some of our projects, which also leads to cost savings.

The ability to classify data quickly and effortlessly is arguably Microsoft Purview's most valuable feature. It can scan all tables and columns, identifying those that contain personal names, date builds, or other sensitive information.

I am interested in exploring the process of data scanning to identify data lines that do not contain stored procedures. This would allow us to detect potential black boxes within our data, where we are unable to trace the flow of information and identify all instances of stored procedures. Additionally, we would like to expand the reporting capabilities beyond Power BI to encompass other visualization tools such as Tableau, Looker, and others.

Reflecting organizational changes within Purview is impractical. Any such changes necessitate discarding existing data and starting anew, which increases both the cost and time required for maintenance. Therefore, I believe that enhancing Purview's maintainability is crucial.

I have been using Microsoft Purview for one year.

I would rate the stability of Purview a nine out of ten.

Purview is easily scalable in the cloud.

The technical support team was readily available for a Zoom call and was able to view my screen and provide assistance. The only downside was that I ultimately resolved the issue myself, which suggests that the local Microsoft support may not be as knowledgeable.

Positive

I have used other solutions other than Purview but it doesn't encompass the entire data management lifecycle. For example, Tableau has a data management suite, but it's primarily focused on analyzing reports, enforcing visualization governance, and managing data within Tableau itself. It doesn't extend to data sources or beyond that. Other data management tools in development offer similar functionality, but they may not have specific classifications for personal information.

The initial deployment was straightforward. The cloud administrator handled the subscription and all the necessary paperwork, while I proceeded with the setup.

The price is reasonable considering its value.

I would rate Microsoft Purview nine out of ten. Purview is a good product but still has some areas to improve.

Thus far, we haven't had any comprehensive maintenance for Purview. While there is maintenance required for scanning new servers, that's essentially the extent of our maintenance efforts. We may need to make significant changes to Purview's structure to enhance its usability. Purview's current structure resembles that of an organizational department. For instance, if a marketing application is mistakenly scanned under HR, I cannot simply move it to the correct location. Instead, I must discard all existing data and start from scratch.

Our goal was to provide insights into the latest data entries, implement governance measures, identify and classify sensitive data, and address specific business use cases. The primary use cases revolved around establishing a comprehensive data lineage, accompanied by pertinent metadata. This was primarily aimed at providing a business-centric dashboard, enabling stakeholders to visualize how data moves from one point to another and ultimately reaches the target. 

In my experience, I've utilized it on Windows machines with Blackfish without encountering any issues.

The dashboard offers insights into the nature of the data, and the transformations occurring between different columns, and allows for traceability to identify any issues that may arise. These use cases have proven highly beneficial not only for business analysis but also for support activities. For instance, it aids support personnel in quickly identifying issues such as missing data or anomalies, streamlining the troubleshooting process for efficient problem resolution.

Purview facilitates data management across diverse cloud and platform environments, encompassing AWS and GCP. However, my experience has been exclusively with Azure. Given that my ecosystem operates within Azure, both the source and target activities are conducted seamlessly within the Azure framework. The integration is smooth since Microsoft Purview is inherently designed for Microsoft components, making it effortless to establish connections and retrieve the required data. I haven't employed it for other sources or alternative cloud systems.

The importance of Purview lies in its careful consideration of critical global regulations. As a data governance solution, it plays a crucial role in business development processes. Given the potentially sensitive nature of incoming data, proper classification is essential to ensure specialized treatment. This facilitates easy access for subsequent activities such as metadata modifications or updates, providing sufficient information for comprehension by business personnel. The tool proves beneficial for data quality officers, enabling them to monitor data and detect any discrepancies, empowering them to take necessary actions. In the realm of the cloud, Purview emerges as a highly valuable data governance solution.

The integration of Microsoft Purview has significantly reduced the need for multiple solutions to interact within our company. This reduction not only streamlines processes but also saves time. For example, when a problem arises, understanding, identifying, and resolving it becomes much easier compared to the traditional approach of tracing through multiple systems for the root cause. With Microsoft Purview, the identification process is simplified, leading to potential savings in support efforts. Business stakeholders also benefit by gaining more visibility into how data flows through the system and understanding the metadata information without relying heavily on support or technical personnel. This autonomy enhances their ability to assess and comprehend the situation independently.

I haven't implemented it to enhance response time for insider threats by applying security measures. However, the tool does provide visibility into the movement of data, allowing the data control officer to monitor and classify alarms promptly. In the event of an alert, appropriate actions can be taken accordingly.

Efforts have significantly diminished, and this reduction is directly proportional to cost savings. As a technical person involved in both solution development and support processes, I've observed a reduction of more than fifty percent. The turnaround time for issue resolution has notably decreased. Previously, it took others a considerable amount of time to identify the root cause, but with Microsoft Purview, pinpointing issues and finding solutions has become much more efficient.

It has had a significant impact on our capacity to maintain compliance. As a data governance solution, it offers features essential for ensuring that compliance requirements are thoroughly met, and data processing aligns with regulatory standards.

The user interface is highly intuitive and user-friendly.

I appreciate it because it provides a unified solution. Everything can be managed in one place, from scanning sources to making assets available. The access includes comprehensive metadata information, presented in a non-technical manner for easy comprehension of the asset's nature. The visualization it offers is quite clear. Additionally, it creates a lineage based on data processing, allowing for workflow authorization and control over metadata modifications or other activities. 

It caters to the entire micro-ecosystem, providing connectivity and seamless data flow. It allows for scanning, asset discovery, and data coverage. While there are some existing limitations, it's important to note that the tool is continuously evolving. I believe it holds great potential and will become an excellent resource for development in the future.

Purview's data connector platform is designed to facilitate ingestion from non-Microsoft data sources. I've personally applied this feature to one of our sources, an Oracle database. Specifically, we utilized ADA for data permissions and seamlessly integrated it with the Azure Data Factory pipeline. This automated the connection to Oracle, enabling the setup of data extraction and loading processes. Overall, it proved to be a valuable and effective feature.

Enhancing the tool's capability to connect to multiple sources would be valuable. Also, when data is transformed in other systems, the tool should capture the relevant metadata and generate lineage for those systems as well. Thirdly, addressing limitations, such as relying on Apache Atlas for mitigation, should be handled within the Microsoft tool itself rather than external dependencies like Apache Atlas.

I have been using it for approximately six months.

The stability is satisfactory, and I would give it a rating of eight out of ten.

I have utilized it in a cloud environment, and scalability is assured.

I am content with technical support, but for various inquiries, the responses often indicate that the feature is either not available or still in a previous state. I would rate it eight out of ten.

Positive

The initial setup was straightforward. Even individuals with less technical expertise can do it.

Deployment spanned a week and involved six different individuals.

Maintenance becomes necessary when leveraging external APIs and tools, especially concerning access management. However, once the initial setup using MS Purview is complete, ongoing maintenance is minimal. Automation takes over with continuous scanning, automatic data classification, and sensitivity labeling. Workflows can be established and utilized for an extended period, reducing the need for frequent maintenance.

I consider it cost-efficient because of the metrics it provides. With each scan being incremental, avoiding redundant scans of the same object, the tool offers a way to manage costs effectively.

We didn't extensively evaluate other options because Microsoft Purview successfully met the requirements for the specific tasks at hand. However, during implementation, I became aware of more mature tools available in the market that might offer greater capabilities. It seems that Microsoft Purview is still evolving compared to these more established alternatives.

In my scenario, I encountered difficulty connecting to a file system database, especially when it was located on a different server. Additionally, when working with an in-house solution like Azure Data Factory, while Microsoft Purview can successfully bring metrics to tables as assets, it faces limitations in identifying the leading use of those assets. For instance, a database solution handling ETL activities may not seamlessly provide insights into the transformations, sources, immediate obligations, and final targets associated with a specific asset, making it challenging to track its usage directly within Microsoft Purview.

I would strongly recommend Microsoft Purview when utilizing solutions within the Microsoft ecosystem, such as Data Factory, various applications, and databases.

Overall, I would rate it a seven out of ten because several features are still in a preliminary state. Given that it is in preview, it may not be as stable or fully functional yet. Also, the absence of data quality and data profiling mechanisms contributes to this rating.

In both my previous and current organizations, I've worked with Microsoft Purview. While my previous company had a premium license for all services, my current one doesn't. At my previous company, I used Purview to design communication compliance policies, likely leveraging some pre-built policies from Microsoft security. Initially, we lacked a specific goal, but my exploration of the platform led me to pursue a cybersecurity certification to optimize its use. This helped me design DLP policies more effectively and implement signing for communication compliance policies. Recently, I discovered eDiscovery and its value for exporting large datasets for specific employees based on their protection level. Lastly, I found its activity tracking feature particularly useful for monitoring employee movements in our large, partially remote workforce of nearly 100 employees, with less than half in the main office. This tracking proved valuable for detecting potential data leaks during employee departures. I briefly explored Insight Risk Management during a one-month license trial.

Purview's multi-platform capabilities, supporting iOS, Mac, and Android, have been invaluable to me. As a beginner in device management software, the prospect of using another option with a large web portal felt daunting. Purview's ability to manage devices across different operating systems saved me significant time.

At my previous company, all internal data lived in Azure, but client data resided in Salesforce. This siloed structure made comprehensive data control impractical without a tool like Purview that seamlessly supports ingestion from non-Microsoft data sources.

Purview's natively integrated compliance across Azure Dynamics 365 and Office 365 is even stronger than its ability to integrate with third-party solutions.

It's crucial that Purview was built with critical regulations from around the world in mind, especially for those of us in the European Union where EU regulations apply. This is a key consideration for everyone involved in data governance. While some frameworks offer vast data capabilities, the sheer volume of work required for a medium-sized business to ensure compliance with regulations across all these frameworks would be insurmountable.

I initially found the DLP system overwhelming due to its capabilities exceeding the needs of our small organization, where I implemented simpler policies. However, it proved valuable for ensuring compliance with GDPR, and PCI DSS and provided visibility into sensitive data sharing.

Purview has saved our organization a huge amount of money and time.

Through Purview, we were able to streamline our technology stack by consolidating the number of solutions we relied on. This prompted us to re-evaluate our vendor landscape, ultimately leading us to migrate everything to Microsoft and leverage their comprehensive suite of tools. Surprisingly, most of the functionalities we previously paid for were already available within the Microsoft ecosystem. This simplified our IT infrastructure, transitioning us from a predominantly on-premises setup to a cloud-based one, with Microsoft solutions forming the core of our cloud environment.

Purview has improved my ability to stay on top of compliance.

The most valuable feature is the tracking activity and device onboarding.

I have some concerns about the separation of roles in Purview from the Microsoft tenant, as well as how they interact with the security portal and endpoint manager. Certain permission issues or protracted permission updates could arise due to suboptimal configuration, potentially extending the expected timeframe.

I have been using Microsoft Purview for two years.

Microsoft Purview is stable in protection but there are some bugs in the GUI.

Designed for enterprise-level organizations, Microsoft Purview scales effortlessly.

The initial deployment was straightforward. I was able to do the entire deployment with the help of one other person.

We used a Microsoft partner when we started working with the tenant before starting to use Purview.

While Purview's standard pricing might not be accessible to most small businesses, we were fortunate to benefit from the educational pricing which made it a financially viable option for our needs.

I would rate Microsoft Purview a nine out of ten.

Maintaining Purview is essential, as some internal problems, like endpoints disconnecting within the organization, can develop over time.

To fully leverage Microsoft Purview's capabilities, it is recommended that one first familiarize themselves with the organization's existing infrastructure.

We use Purview for data cataloging and to build the DME (Data Management Environment) for enterprise data. We also use it to understand the insights of how data is flowing across systems, from ERP systems to our data warehouse and the installation layer. This helps us to look at data classifications and where exactly sensor data is being used. It gives us a bird-eye view. 

There are two primary use cases. One is to build the data catalog for our enterprise data, and the other one is to build the lineage. These serve to provide a clearer understanding of the data aspect.

There are two things: I'm more specific about data for Purview. There are two types of tools in Purview, but I have exclusively used data Purview. Purview is basically the one for data governance, and there is for enterprise-level security. I am more involved in the data governance aspect.

Purview has helped to reduce the number of solutions we need to interact with each other. That's the best thing with Purview: we can have a lot of options to get a view to identifying data that not only helps directly have access, but we can still have access to the data catalog and have a view of all the data access across the system. 

We can also look at certified assets. I'll also look at ratings and tags so that we can find the right valuable data or trusted data that we can go for without anyone's help here. Based on the feedback, even from a few of the data supports or the experts, that would definitely help because it stops building the dependency with a specific person, and we can contribute once in the data catalog, and we could use those extensively across the org.

There are multiple aspects that it helps. It's not specific to security, it's not specific to what we call data classification. Another thing is we can have visibility across not specific to one area. We can explore all on-prem systems, cloud, multi-cloud platforms, and data in our data lake, SQL database, and Power BI. We have visibility of everything. We don't need access to the actual sources, but we can have just a view of our enterprise data, which is definitely the best thing I can say in terms of visibility. For example, if any chief data officers want to look at the enterprise data or the data estate completely, it would definitely help a lot in looking at what data is in-house and sensitivity where exactly the sensitivity data is being placed. That's the best thing I can say in terms of giving visibility to data officers and data storage.

There are a few audits we had. We used to track all the sensitive information, and in most cases, I can select Excel or any spreadsheets we have. Purview would help us with a single scan of our data sets, giving me the availability of where exactly the sensitive information is by just adding data classifications at one time. 

Purview has defaulted a lot of our classes already enrolled, but on top of it, we can tweak it based on our custom needs. Then, scan data and get insights, which will definitely be a better way of doing data governance because if we want to perform any audit, it takes a lot of time. But with Purview, once we define our requirement and then scan it, we'll have the data before any audits that we want to perform. It's definitely helpful, especially in terms of data audits. 

Purview will give us the classification of where data sits and then show us how it is being curated, how it is being stored across systems, who the end users are, and how it is being used. It definitely helps a lot in terms of complaints and staying on top of compliance. The important thing to say is that we can predefine and use it and have it ready to use. That's important. It scans the data frequently, so we get the insights updated frequently.

The most valuable features are lineage, data cataloging, glossaries, and the new access delegation feature. This feature will make it quicker to delegate access to all the data with a single request button.

On Azure, it's definitely important that Purview delivers data protection across multi-platform environments. It gives us complete visibility of where our security data resides and what types of data we have. 

This is useful because we store data across multiple platforms, including databases, storage, spreadsheets, Excel, CSS, and caching. Purview helps us to see where exactly our data is stored across the system, especially in Azure. This is a great advantage because it helps us to feel more secure when moving our data to the cloud.

Moreover, Purview's data connector platform is getting valid day-to-day. It has connectivity to major cloud platforms, like GCP and AWS, and also it has a couple of areas. So it supports multi-platform and a couple of on-premise systems. It also connects a few of the heterogeneous databases.

It gives us insights. There are two aspects of it—one is about data governance and one is about security. Since I'm part of data governance, it does not deal much with threats because that's a different tool that will give us more insights about the threats. But in terms of data threats, I'll have visibility on who and how to stop it.

As we are looking at Purview as an enterprise-level tool, there are two areas where I still see that there is something that can be improved.

One is about disaster recovery. Purview has not matured in the way of building the tool without having disaster recovery. We don't have disaster recovery or high availability. If anything goes wrong, like, there are any changes happening, and I want to roll back, there is no way that I can roll back in the existing system.

For example, I have a data source in which one of the users has dropped or deleted the data unknowingly or accidentally. In that case, there is no way to roll back those changes. That's one place where Purview can improve it.  

I have been using this solution for a year. 

I have never experienced a crashing issue so far but lagging happens. It depends on our network traffic from where we are using it. 

Our overall experience is good. I have never seen any issues with Purview.

As it's consumption-based, it's easily scalable because Microsoft takes care of it, and I don't need to look at any hyperscaler for this.

We are good with the scalability but, the cost factor is involved here. Once you scale up, the cost is higher, so we have to be more cautious about it.

The customer service and support are good. The support team was quite helpful in many of cases. For example, when I want to contact any person, like a Microsoft client partner, they help me with one of the requirements, and we had some workshops and a few guidelines given to us. That was very helpful for us. 

Since Purview is a new product, it has multiple features being adopted.

Positive

It was more of manual work that we used to do, like doing the audit and building the data catalogs.

Since we are a Microsoft shop, that's one reason why we are going with Purview. We have other tools like Collibra, but that will be costly and may not. It requires a lot of effort compared to Purview to implement. That's the reason we chose Purview.

The initial setup was straightforward, with minimal dependency on the administrators.

We didn't get help from the integrator, reseller, or consultant.

Purview helped to save time and money. If we are looking for an enterprise-level solution, Purview would be the best tool. 

We have invested around $22k per month. But we have to work more on showing a return on investment because I see only a few users using this because data lineage is one area we are focusing more on, but still, there are a lot of issues in getting it. Down the line, I can say this is going to give us a return on investment but we are not there. Right now, we are trusting that we will get that soon.

Since it's more consumption-based, the pricing looks good, but we should have a few options to limit Purview. 

In terms of usage or size and limit the price. Right now, we don't have control over it because it depends on the volume of data IT stores and the number of users being used concurrently. So those are a few areas we don't have control over because it's completely on the consumption base now.

Overall, I would rate the solution a seven out of ten.  

Data loss prevention is a significant use case for us. I'm not on the security team, so I don't know exactly what kicked it off, but I believe we wanted Purview for the DLP capabilities first, and that led to us taking advantage of the other aspects of the solution. We have Azure, Purview, Defender, and all of the other Microsoft products. We're trying to leverage and use all of them. 

We have Intune for deployments and things like that. We're rolling out the zero-trust model right now. We use Jamf to manage our Macs because I'm not knowledgeable enough to Intune correctly, and it doesn't have the functionality that Jamf does. We can move over to Intune or whatever. So I think they're definitely trying to push me that way.

I don't know if I've gotten much value out of Purview personally, but our security team loves it. Our biggest concern is leakage or theft of our data because we have a lot of PII and stuff that has not been released. We like the insights Purview provides and the way the solution can track and manage things. I'd say that was probably their favorite piece of it so far. From everything the security team has told me, the policy management and DLP features are working spectacularly.

We have had some issues automating our document management with Power Apps. I haven't been super-disappointed with anything except for Power Apps, which kinda drives me nuts. I think it's because I am a coder who can do things properly, and I keep trying to do things there, but it's not working out the way. The security team is pretty quick. I'm kind of a thorn in their side. I always try to get around stuff. They haven't come to me for anything saying, "Hey, I can't find this information." They're pretty good. Maybe, there's a lack of documentation, but that doesn't seem to be an issue for our team. 

Another thing involves SharePoint. We have everything in SharePoint up on the cloud, and we want to ensure it's secure, so we have blocked all external access. You need to have one of our devices and our codes. But the C suite wasn't pleased because it was accessible externally for a while. And we have a penetration company that does testing. They were able to harass one of our users enough that they finally clicked the button that says "Approve this Login," so it just takes one time. 

They find red flags everywhere in organizations. The gut reaction was to cut off external access for now and figure out what we can do down the road after that, but this is a stopgap measure. However, the C suite told us that it wasn't good enough, but there was no way somebody outside could access our systems. You need to be on a trusted IP or our VPN. We have conditional access configured.  

We hired an actual outside consultant company to come in And I've been working with them for close to a year now. We're trying to leverage Purview and Power Apps to automate our document management. We have a ticket open with Microsoft because that's one more thing we're struggling with. It's supposed to go through and look for any PII data, like Social Security numbers, etc. We also have really low retention policies. For example, our emails are retained for only six months maximum. Team conversations are saved for two days. They're they're brutal. Legal discovery can be expensive, so they want to make sure we don't have anything to discover. 

I'm wondering if Purview can do some of the things that we're struggling with, and we're tripping over ourselves because the other thing we did was configure it so you have to be in a special group to even access those files. I might be wrong, but I'm pretty sure that Purview Information Protection has a labeling component. Still, I don't know how much it organizes labeled documents, and I think it also includes labeling after detecting user behavior that the system tracks.  They talked about something similar in one of the keynotes I recently listened to. I'm like, "Why are we not doing that?"  I'm looking at how we're just beating our heads against the wall. Even if we get this in place, it would still be very challenging. 

We like this In terms of usability and security. It will be difficult for our teams to do their jobs with all this other garbage in place. At this point, we've got it almost always set up, but it isn't working the way we need it to on the Power Apps side of things. 

And we've got a ticket open with the Power Apps team to figure out why it isn't working because it's supposed to be on a scheduled thing, but we've let it sit for weeks at a time, and nothing ever happens. It doesn't run. And there's no way to monitor. We don't know if it's doing anything, or we can look at our files to make sure that could be improved. 

We started using Purview in the last six months.

We are a new company. We broke off from a much larger organization three years ago, but we had about 3,000 people in the last organization, and we're down to 300. Before Purview, I don't think we had anything for DLP because there was so much to do. It was all hands on deck for about a year and a half where we were just trying to get that stuff done.

We have dev and production environments in AWS, and we're using native AWS tools to monitor the applications over there. I don't know how effective they are compared to Purview. We outsourced all of that to another company. The guy who owns it used to work with us.

I am not involved in purchasing. My company is willing to throw as much money as needed to be as secure as possible. Security is our priority, so we'd probably pay for it even if it was pretty expensive.

I rate Microsoft Purview eight out of 10. 

As a consultant, I work with clients to sell the idea of data governance. In doing so, we do POCs, proof of concepts, and MVPs, which are minimal, viable products. 

For Microsoft Purview, most of the time, it's also associated with other products -whether it's ADS, Synapse, Key Vault, Databricks, storage accounts, Kubernetes, et cetera. 

I also worked on a project to integrate it with processing. I created a data governance accelerator combined into two products, including Synapse, and we sell that to customers.

The data catalog, the data lineage, the data glossary, and the classification are the key features I appreciate, along with the tight security, and role-based security.

There are two flavors of Purview. There's the compliance, which it does the security and all that. And then there's the Microsoft side, which is the data side. I primarily work on the data side. 

I like that Purview can connect to IOS, Mac, Android, and other SaaS apps.

Its data connector platform for supporting ingestion from non-Microsoft data sources works really well. We can use it either through a self-hosted integration runtime or on a VM. Or it can capture data from just about anywhere. There are about 100+ connectors. It's great.

Its natively integrated compliance across Azure Dynamics is a game changer. Back in the day, we never had anything like that. It provides self-service. It provides easy look-up and glossary terms. It also requires a new role called the data steward which we never had before.

It was built to take into account critical regulations from around the world. Now it's no longer something that's nice to have - it's necessary.

Purview helped to reduce the number of solutions we need to interact with each other. If you were to do this custom, it'd be very difficult. It's so easy to use and stand up and configure. There are some configuration requirements that are not self-explanatory. It takes some research; however, we already figured out all those things.

Purview affected the visibility we have into our estate. Now we have a complete ecosystem of where the data is, and it's a lineage. It's a game-changer.

I've used AI and automation in Purview. That's what the scans are. It uses AI to determine the classification. It's built-in. It's under the hood. People don't see it.

Our speed and accuracy of risk detection are good. From a compliance perspective, it helps identify sensitive information by classification. 

The product has helped us save both time and money. From a time perspective, there's an initial upfront cost to stand it up and configure it. However, once it's running, there's very little to do. So there's a one-time hit up front for the implementation in configuration, yet downstream, there's significant time reduction.

Money-wise, it's the same thing. You're only charged for when you run the scan since the storage is minimal. So there are ways to reduce cost, and that is by running it less frequently. Also, there's a whole bunch of out-of-the-box classifications that aren't required. There are ways to increase your cost reduction. Of course, that is not self-explanatory. You have to work with it for a while to know that.

The one thing it doesn't do is data quality. That's its only pitfall. The problem is people think it does. So either they're not marketing it right, or, eventually, it's on the road map, and they haven't got to that part yet.

In order to get data in and out, you have to use custom code using Python. That's an inconvenience, and almost every customer wants that feature. For example, let's say I run some scans on some data, and then that data goes away. This issue is Purview still shows it. There's no easy way to clean up your orphan data. That's a problem.

I've used the solution since 2015.

The stability is very good. Microsoft is solid on the cloud. 

The scalability is quite nice. 

They just changed their model so that you're only allowed one Purview per tenant. So you either get the free one, which is limited, or you purchase the enterprise one, which costs money. However, you only get one per tenant. That's a change they made within the last two months. You can't have three Purviews in the same tenant anymore. That change required a redesign of how people implement it. That said, they are offering it for free. 

I've worked for Microsoft to help a client who was having difficulty. I documented it. We had a backlog where other people were experiencing the same problems. You can reach out via phone or email. 

I did not previously use a different solution.

I was involved with the initial setup. I also can configure it. There is quite a bit of configuration required as you need it to speak with other resources. 

The initial installation is pretty easy. It is like any install on Azure. You just enter a few parameters, and it builds it. Then, if you want to start adding resources, there's a bit of configuration. It only takes about ten minutes. However, you have to know which settings you have to add. 

Only one person is needed to deploy the solution. 

Once it is up, there is very little maintenance going forward.

The cost is pay-as-you-go. It provides easy ramp-up and very little maintenance down the road. If you want to shut it down, you just delete it. It's easy to use, easy to configure, and the costs aren't that great. 

I could see more and more companies using this going forward if they're already in Azure, and it's so easy to set up. It's a requirement now as well since data is the lifeblood of any organization. If you have bad data or you don't know where it is, or suffer from data silos, this will solve all that.

We're a Microsoft Gold Partner. 

I'd rate the solution nine out of ten.

Using the Microsoft unified cloud-based data governance is going to allow users to gather data across the entire ecosystem, classify it, place a glossary on top, and look at the lineage in addition to a whole bunch more. They have self-service policies and DevOps policies. Microsoft is heavily funding this tool, and it's now a requirement, not nice to have. Just about every Azure customer is going to incorporate Purview into their ecosystem, and it's going to help govern their data, which is an asset that will help companies increase sales, reduce costs, and streamline processes.