Microsoft Purview Data Loss Prevention Reviews

I had different use cases with Microsoft Purview Data Loss Prevention. One of my customers was already working with McAfee DLP, and they migrated from McAfee DLP to Microsoft DLP. I had to do the entire migration and ensure it was working as they expected. They had selected the tool, but I had to ensure it was implemented throughout and tested. It was live in the environment as well.

In this case, I implemented Microsoft DLP for four Microsoft services, including OneDrive, Teams, SharePoint, and Exchange email. An endpoint DLP was implemented for the endpoints.

The solution's most valuable feature is the mature O365 DLP, which works with SharePoint and Teams. It works fine, but we have to make sure that we are doing it right.

My main concern was more about the endpoint side because you should have many different functionalities on the endpoint. Endpoints are not just about the USB or the network share. They deal with many things, and we should be able to understand them.

We should have different settings available on the endpoints about what should be allowed, what should not be allowed, off the network, on the network, etc. The endpoint needs some improvement.

A major improvement is required in the solution's incident handling and alerting. It is a mess, and it cannot handle anything. I don't know what Microsoft is doing. It is really sad. It is a very good endpoint product but does not work as expected.

If an email is detected, I have email evidence because it is going through the exchange. I can download the image, and the operations team can look into the kind of email sent and so on. The evidence is there for forensic purposes.

Microsoft has given functionality for endpoints where anything violating the content on the endpoint should be uploaded to some storage location in Azure Cloud for evidence purposes, which does not work at all. Microsoft has provided it, but their technical team does not know how these things work, which is really sad.

The solution's incident handling is pathetic. They have the compliance portal and security portal. You get alerts on both the compliance portal and the security portal. Having two different alerts on the security and compliance portals does not make sense.

Incidents are not categorized properly. All the incidents are put together, which is really sad. It's not about detecting the data; it's more about handling it once it is detected. I know the data has been detected, but it is useless if I cannot figure it out or work on the incidents. The tool does not make sense to me.

You would face some difficulties on the endpoint side. It is really difficult when you're working on the endpoints. Microsoft is not clear on how they want to portray this product.

For the past four years, I've worked on and off with different tools, including Microsoft Purview Data Loss Prevention. I have at least three years of experience with Microsoft Purview Data Loss Prevention.

The solution’s technical support is pathetic.

Negative

You cannot compare Microsoft with other DLP products because they are very mature products. Microsoft is not a mature product. It gives you the functionalities, and organizations buy it because they need not spend elsewhere for these options.

People should think a lot before choosing Microsoft Endpoint products. Data security is very important, and we cannot just choose a solution because you're getting it for free.

On a scale from one to ten, where one is difficult and ten is easy, I rate the solution's initial setup a seven out of ten.

You get the solution in a bundle if you get the E5 suite. Some additional charges are there for your endpoint DLP because that comes with your endpoint management.

Overall, I rate the solution a seven out of ten.

We use Microsoft Purview Data Loss Prevention for the entire life cycle and not just DLP. That is, we use it for discovery, classification, and DLP.

Earlier, our customers had no control at all over compliance, and confidential documents that were going out were not at all looked into. Microsoft Purview Data Loss Prevention has been a huge benefit to our clients in this regard.

I like the whole value proposition of Microsoft Purview, particularly the DLP and integration with external solutions.

Purview's natively integrated compliance across Azure, Dynamics 365, and Office 365 is important to us because it's all about compliance.

Organizations have various compliance policies including the regulatory policies that are defined within the organization and those for a particular region. Therefore, it is important to our organization that Purview is built taking into account critical regulations from around the world.

This solution enables our clients to show compliance in real time and has helped them in their meetings with compliance regulators.

Purview Data Loss Prevention provides presentations to educate users on how best to handle sensitive data. When the user doesn't know whether a document should be classified under a certain label, Purview will provide suggestions or will auto-classify the particular document. It has automatic labeling capabilities.

It's important that Purview provides data protection for iOS, Android, and data in other SaaS apps because our customers have heterogeneous environments. Purview perfectly fits into the heterogeneous space.

Purview has reduced the number of solutions needed to interact with each other and has coexisted with them. Some customers have completely replaced their solutions with Purview, and others have Purview for classification labeling and a third-party solution for the DLP verdict.

It has helped our clients to reduce the time to action on insider threats because it can be integrated.

I would like Microsoft Purview Data Loss Prevention to be on the source code or SQL databases. It is difficult to do classification and labeling when you have a third-party source code or a third-party Oracle database. It is seamless when it comes to Microsoft documents but is not so with third-party source codes. Microsoft needs to work on it a little bit more.

Everybody wants information protection, but not all of them can afford the M365 license. I would like Purview to be a standalone product or solution.

We've been working with this solution for the past three years.

It is definitely stable.

Our clients are medium to large organizations, and Microsoft Purview Data Loss Prevention has to be a scalable solution for them.

Overall, Microsoft's technical support is good, and I would give them a rating of six out of ten.

Neutral

The initial deployment is straightforward. We can quickly configure the policies, but the classification and labeling take time.

The solution does require monitoring.

Microsoft Purview Data Loss Prevention is part of a bundle and is not sold as a standalone product.

I recommend Microsoft Purview Data Loss Prevention and rate it at nine on a scale from one to ten.

I prefer to use products under Microsoft Office 365. I tell my customers to use Microsoft products.

My customers do not use Microsoft Purview Data Loss Prevention as they prefer to use Forcepoint Data Loss Prevention. My customers have used Microsoft Office 365, but they have not used its features. From next year, they might start using Microsoft Purview Data Loss Prevention.

I use Microsoft Purview Data Loss Prevention to protect information and endpoint or USB device controls. The tool is used for sensitive information protection on mobile devices and other settings.

The tool's most valuable feature is in the area of OCR. For my organization, Microsoft Purview compliance portal, Azure subscriptions and integrations were helpful. The document fingerprinting feature, information protection during integrations, and full cloud integrations are areas in which I am very experienced.

My customer wants the tool's OCR feature improved. The tool's user interface and document fingerprinting have been very poor for my customers because uploading files manually can be problematic.

The product's scalability is an area with certain shortcomings, making it an aspect where improvements are required.

I have been using Microsoft Purview Data Loss Prevention for five years. I work as Microsoft's strategic partners in Istanbul, especially for Microsoft Office 365 products.

Stability-wise, I rate the solution a nine out of ten.

The tool offers medium scalability and not an advanced one. Scalability-wise, I rate the solution a two out of ten.

Around 300 people are using the tool.

I have used the tool in large infrastructures over a period of three to four years.

My company's teams have communicated with the solution's technical support via emails. Based on my customer's experiences, I rate the technical support a five or six out of ten. The tool's support helped my company in areas like information protection, integration support, sensitive info types, custom keywords, and keyword dictionaries. The technical support experts that I communicated with were effective in resolving my issues.

Neutral

I have used Forcepoint Data Loss Prevention, NetSense, McAfee, and Symantec. I started to use Microsoft Purview Data Loss Prevention since I had to work with Microsoft in a collaborative manner.

When it comes to the product's initial setup phase, it is difficult, especially when it comes to the DLP endpoint onboarding of agents. There are some policies that are complex for some of my customers. With all the service integrations, you can work with Microsoft Purview Data Loss Prevention in very complex architectures.

With the tool, creating policies is easy, but its settings may be difficult. If one is difficult, and ten is easy, I rate the tool's installation phase as a three out of ten. When it comes to e-commerce or credit card numbers, there can be some installation issues, which is a problem for my customers.

The solution is deployed using the cloud services offered by Microsoft Azure.

Our company deployed the solution for seven or nine projects, including PoCs and demos. A couple of hours were needed to deploy the tool.

The product's deployment phase involved the creation of policies and the onboarding of users.

The tool's deployment requires around four people, and its maintenance requires a minimum of ten people.

The tool was not very expensive. If one is very cheap and ten is very expensive, I rate the price as one out of ten.

Microsoft Purview Data Loss Prevention has been effective in identifying and mitigating potential data leaks. Microsoft handles the XDR for the endpoints and helps prevent data leaks.

I rate the tool a ten out of ten.

Microsoft Purview Data Loss Prevention is already set up in parallel to Forcepoint. We had some cases where Forcepoint was not able to see the issue, and Purview detected it. With Microsoft Purview Data Loss Prevention, it is much easier to have very good rules. Forcepoint does not have a knowledge of the organization, and you have to set up everything. When you are going to use Microsoft Purview Data Loss Prevention, most of the setup is already done by default as per your needs.

Microsoft is younger than Forcepoint in the DLP game. All the security operations are better defined in Forcepoint, while in Microsoft Purview Data Loss Prevention, you will have to use a specific workflow and then an application to release blocked emails. Out-of-the-box security operations are more adopted by the organization where I am currently working.

I have been using Microsoft Purview Data Loss Prevention since the start of 2024. The tool is used in my customer's company.

I am not satisfied with the technical support of the solution, and it is an issue that has escalated at the moment because we are getting support services from a partner.

Though I am not a specialist, the tool is quite expensive. One of the issues is that Forcepoint is mainly used for DLP, but the license is not an enterprise license, so the cost is quite high. One of the targets of the customer I am working for was to decrease this cost. Microsoft Purview Data Loss Prevention is a tool included in the E5 license plan. You don't have to pay for it directly, or you are paying, but it is inside the bundle, and in it, you also have the compliance tool of Microsoft Purview, which is as important as Microsoft Purview Data Loss Prevention itself, so you see just two parts in Purview. One is related to security and information protection, and the other one is related to compliance. The tool related to security is well integrated with Office 365, so it means you can classify information at the source or close to the source, which is something really important. All the security is based on data classification, and Office 365 is the main security bubble because, in the past, we used perimeter security. Now, we have moved to zero trust, and for zero trust, perimeter security is no longer sufficient, and that is why we moved to Forcepoint. We have Microsoft Purview, which fits our needs very well. Microsoft is moving to NIST Cybersecurity Framework (CSF) 2.0, and Forcepoint was closest to NIST Cybersecurity Framework (CSF) 1.0. Forcepoint's strategy is good, except for the data redundancy part.

It is difficult to identify and mitigate potential data leaks because we are putting the tools in one by one, and it depends on the type of project. The important fact is that we connect the way we handle the traffic on the endpoint. Endpoints are well managed by Microsoft Purview Data Loss Prevention. The tool's integration with the browser is also something important.

The company in charge of implementations for the project is a Microsoft partner. In our company, we had some troubles. It was not related to Microsoft Purview. What is good with Microsoft is that all the documentation is defined. We have a lot of staff and so on. The quality of support documentation is just great. We also have a perfect online community with blogs and documentation, but when you have to go with a specific blog inside the product, it becomes difficult.

The use of AI to enhance data loss prevention is not really our company's main subject, but I can say that it works. The main subject for our company is moving to the cloud and using a zero-trust model, so it is not a pure DLP project. We need to ensure DLP is there but in the cloud.

I recommend Microsoft Purview Data Loss Prevention to others. If you are in a hybrid mode where you have Microsoft, Amazon, or GCP, then it would be different. In cases where I use Microsoft's integration capabilities and I want to keep only one technology and one vendor, then in this case, it's better to have Microsoft Purview.

I rate the tool a seven out of ten.

I use the solution to protect files with personal information.

The product is easy to configure. It protects personal data. The product can connect to servers on-premise.

The solution should provide better integration with other systems.

I have been using the solution for a long time.

The product is very stable. I never had any issues with the product. I rate the stability a nine out of ten.

The solution can be quickly scaled with ease. More than 5000 people are using the solution in our organization.

I contacted support regarding metadata. The support took one to two weeks to resolve my query.

Neutral

We used Security and Compliance Center, but it did not produce accurate results like Microsoft Purview.

The initial setup is very easy. We just had to go through Microsoft’s documents and understand the best practices.

I did the deployment myself without anyone’s help. We have the solution deployed on around 4500 endpoints.

The product has the best price-to-performance ratio. Its pricing is better than other products.

Only people with permission can access the document when we share a document in Microsoft Teams. We need to have good business processes to use the product. It is important to me that Purview can connect to iOS, Mac, and Android devices. If Carbon Black is installed in our system, we must put it on passive mode while using Microsoft Purview.

The product is very well integrated. We do not have to pay more to make the best use of the solution. Everything is part of the E5 license. Storage costs less compared to other products.

It's very important for me that Purview was built taking into account critical regulations from all around the world. Since we share a lot of information with people from other countries, respecting their compliance and regulatory systems is crucial.

Educating users is very important. Irrespective of whether it is an employee, partner, or consultant, people should be aware of how to protect themselves and the company while they work. Change management is very important.

I use DLP on my iPad. I have an iPhone, and I like to have access to different systems. It's very important to me to have the flexibility to choose my endpoint. Purview has helped reduce the number of solutions I need to interact with because it integrates everything and has become an integral part of my workday.

Many employees would use office computers for tax filing and other personal needs. I was working for the regulatory and governance department. When I configured Purview and scanned all the data, I could see all the information of the employees.

I automate everything with metadata. If we choose the metadata option for financial documents, Purview will associate these documents with a level of confidentiality. The AI’s automation speed and accuracy of risk detection are good, but to use the features well, we should know our processes very well.

The solution's AI is very sharp. We need to protect data and confidential documents. The product makes me feel secure. It ensures that the people outside our organization don't have the right to access our data. We can also automate email alerts. Microsoft releases regular updates to protect personal data. The solution’s regulations help organize our company.

Overall, I rate the solution a nine out of ten.

We basically use it to track personal identifiable information. We are also using it to label any confidential, company trade secret, and internal data. We have an internal use policy and a confidential use policy to encrypt the documents.

The auto-labeling feature is definitely the most valuable feature. It goes in and labels the documents for you in different repositories. It covers the Outlook and Exchange repositories along with SharePoint and OneDrive. It is really helpful in those areas.

There is a lot of ambiguity when you are setting up labels, such as sensitive information labels. It is a little daunting at first if you don't have prior knowledge, and there is a little bit of a learning curve for setting up the labels.

Some of the setup wizards could be more helpful from an AI perspective. They can streamline the setup through more AI technologies so that you don't have to jump through so many hoops and different menus and dropdowns. It would be useful to have a setup wizard that is more hands-off and engaging for setting up the information type labels. If you tell them this is what we're trying to protect, it should basically start to lead you down that path of best practices. Such a feature would be great.

It is absolutely stable. A part of the success criteria was to not have any stability issues. It seems very responsive after you get through the deployment aspect of it.

We have been adding more label information types, and it seems to scale well. I don't see any issues there. This part of the solution is built into the Microsoft Cloud ecosystem. Therefore, you don't really have any sort of quota or cap on your data. It seems to be going really well on that front.

Currently, we have about 600 users. We're going to continue on this Microsoft journey. There is another feature that we're looking at called the Purview feature, which is basically adding the same sensitive info type tagging for data in your Microsoft SQL databases. We are currently looking at using that.

Their technical support is excellent. We've had some hiccups here and there regarding the setup. We contacted Microsoft, and they were very quick to respond with solutions. The online Microsoft documentation is also kept fairly up to date, which has been another plus. Its documentation is really well done.

It was fairly complex because it has a very wide and broad gamut of sensitive info types. Each of the labels and sensitive input types that we created took four to six hours of initial setup and work. The deployment itself is pretty instantaneous, but getting the data back and actually seeing the labels and sensitive info types come back in the form of data tagging definitely takes some time. Depending on the size of your repository, it can take longer to scan the data and label it while going through all the algorithms. It probably took a good two to three days to actually see some meaningful data.

It is a part of our Microsoft licensing. We pay for a yearly renewal. Its price is reasonable for the size of the organization we are. It is fairly competitive, and you get what you pay for. We have an E5 license, and a part of understanding the E5 license is to see what all you get with it. If you really look at it from that standpoint, you get a lot of value. You have Defender and all its security features in there as well.

Their licensing is fairly flexible. They have different programs. We've seen ones where you could pay for up to three to five years in advance. There is also a monthly pay-as-you-go type of deal, but we're doing a yearly renewal and fixing the budget.

We didn't evaluate any other product because it was just way too convenient. It is a part of our Microsoft licensing, so we were already paying for it. There wasn't anything appealing to try a third-party solution or anything like that.

I would advise others to definitely go to the documentation first and plan ahead. It is definitely something you plan, and it definitely requires a kind of a crawl-walk-run approach, so you definitely want to plan for it. I would also suggest taking advantage of the testing and reporting features that are available to be able to do a pilot and test it before you actually deploy it.

I would rate Microsoft Endpoint DLP a nine out of ten. There is a little area for improvement, but it is definitely the best in class.

I am working on Microsoft Purview Data Loss Prevention for multiple locations like SharePoint, OneDrive, device level, and exchange level. We also use it for on-premises and cloud applications, including Power BI. We have implemented it in multiple locations with different conditions and actions.

I like the sensitivity labels and data security posture management for AI. Insider risk management and data retention are also beneficial. Microsoft Purview Data Loss Prevention usually performs well, except for endpoint Data Loss Prevention, which may need improvements.

Endpoint Data Loss Prevention needs to be improved as it is not up to expectations. Auto labeling and Data Loss Prevention (DLP) for devices need improvement as well.

I have been working with Microsoft Purview Data Loss Prevention for one and a half years.

Sometimes the solution is not stable when the internal connection is not reliable, so this aspect needs improvement.

For Microsoft ecosystem, scalability is good. However, for device level, it needs improvement. Onboarding is fine, however, the policy working and detection technology need enhancements.

Microsoft Purview Data Loss Prevention is cloud-based and does not require traditional installation. Maintenance is minimal.

I rate the overall solution 3 out of 10.

Our approach involves issuing warnings when users send over twenty sensitive messages, such as bank account numbers, across various channels like email and chat.

Having visibility into the quantity and reasons behind the data we send out is crucial. This is particularly significant when dealing with sensitive information like Social Security Numbers, especially in the context of desktop backups. This newfound visibility not only contributes to time and potentially cost savings but also enhances credibility. Leveraging blocking in our policies serves as an effective remediation measure. When a policy is in place, it acts as a gatekeeper, preventing users from carrying out actions that go against the specified policy, even if they intend to do so. This proactive approach ensures a robust defense mechanism.

The most valuable features are identifying sensitive data and issuing alerts. This was further enhanced by email notifications sent to our secondary mailbox, providing comprehensive oversight of website activities. These features have proven to be beneficial in our role within the financial sector, where safeguarding customer data and ensuring overall data security are top priorities. Ensuring secure connectivity to iOS is vital, with enabled features on endpoints being essential for data security. The importance of data protection expands to the cloud and various platforms, especially in the context of deploying applications across multiple environments.

There are still inconsistencies in the functionality of mail tips and related features. Occasionally, the system fails to recognize words and content accurately in applications like Word and Excel, with effectiveness contingent on simplification. There is a need for improvements, particularly in ensuring that file-based recognition is more reliable and comprehensive.

I have been using it for two years.

I would rate its stability capabilities six out of ten.

I would rate the scalability abilities seven out of ten.

The support is commendable, but there are notable issues with the product, particularly concerning exchange clients, which adds a layer of complexity. I would rate it seven out of ten.

Neutral

I previously worked with Symantec.

The initial setup proved to be somewhat complicated due to the challenges and issues we encountered.

During our initial implementation of DLP, we encountered several challenges, particularly with issues like malfunctioning mail tapes and difficulties in downloading policies correctly. Despite ongoing efforts by the team to address these issues, there were limitations in policy functionality, with successful implementation observed primarily on the web client rather than the client side.
It took nearly six months to conclude and finalize various aspects.

The ROI is inherent in the existing license, making it unnecessary to incur additional expenses for another tool.

Overall, I would rate it seven out of ten.