Microsoft Purview Data Loss Prevention Reviews

A client was interested in Microsoft Purview Data Loss Prevention and Forcepoint LP solutions. They wanted to understand the difference between Microsoft Purview Data Loss Prevention and Forcepoint features.

Microsoft Purview Data Loss Prevention is known for its user-friendly interface, making it easy to configure the DLP system. It allows monitoring of data movement, ensuring sensitive data is protected. It ensures data is retained within the organization. 

Also, it's secure and can be integrated with an existing Forcepoint DLP setup.

Some main features are limited in comparison to other solutions. There is an issue where data transfer from a local to shared drive works, but shadow to local does not. Also, setting a whitelist for two pilot users often affects all users. There is no audit option in standard DLP, which is crucial for monitoring. Integration documentation is incomplete.

Microsoft Purview DLP implementation was almost a year ago.

Real-time working has issues, and the system sometimes doesn't operate as expected.

Microsoft Purview DLP shows strong scalability and availability.

The level of knowledge from customer service was limited, as seen when a representative seemed confused about integration processes.

The client was already using Forcepoint DLP and wanted to compare it with Microsoft Purview Data Loss Prevention features.

With the E5 license, various features of Microsoft Purview Data Loss Prevention are available. It offers an economical solution compared to others.

The client was evaluating Microsoft Purview Data Loss Prevention against Forcepoint DLP to decide whether to switch or use both.

Based on my experience, I rate the Microsoft Purview Data Loss Prevention solution seven out of ten. Microsoft DLP is effective yet has room for improvement in some areas. Reviewing other available options and comparing the benefits can be helpful.

The solution's IDM (Indexed Document Matching), EDM (Exact Data Matching), and DCM (Described Content Matching) features have been most effective in identifying and mitigating potential data leaks.

We faced a performance issue with the tool when we didn't get alerts for file uploads.

I have been using the solution for eight months.

I would recommend the solution for larger companies.

The technical support team takes a long time to resolve issues. We contacted the support team for issues we faced while migrating from another DLP to Microsoft Purview DLP. Although the support team said they would address the issues within 24 hours to a maximum of two days, they took around four to five days. The waiting period for the support team is longer.

Neutral

I previously worked with Symantec DLP. I prefer Symantec DLP over Microsoft Purview DLP because Symantec is easy to connect and navigate. Comparatively, managing and conducting investigations on Microsoft Purview DLP is difficult. Sometimes, Microsoft Purview does not work as expected.

The solution’s initial setup is easy.

The solution’s pricing is reasonable.

It is easy to upgrade the solution.

Overall, I rate the solution an eight out of ten.

Our approach involves issuing warnings when users send over twenty sensitive messages, such as bank account numbers, across various channels like email and chat.

Having visibility into the quantity and reasons behind the data we send out is crucial. This is particularly significant when dealing with sensitive information like Social Security Numbers, especially in the context of desktop backups. This newfound visibility not only contributes to time and potentially cost savings but also enhances credibility. Leveraging blocking in our policies serves as an effective remediation measure. When a policy is in place, it acts as a gatekeeper, preventing users from carrying out actions that go against the specified policy, even if they intend to do so. This proactive approach ensures a robust defense mechanism.

The most valuable features are identifying sensitive data and issuing alerts. This was further enhanced by email notifications sent to our secondary mailbox, providing comprehensive oversight of website activities. These features have proven to be beneficial in our role within the financial sector, where safeguarding customer data and ensuring overall data security are top priorities. Ensuring secure connectivity to iOS is vital, with enabled features on endpoints being essential for data security. The importance of data protection expands to the cloud and various platforms, especially in the context of deploying applications across multiple environments.

There are still inconsistencies in the functionality of mail tips and related features. Occasionally, the system fails to recognize words and content accurately in applications like Word and Excel, with effectiveness contingent on simplification. There is a need for improvements, particularly in ensuring that file-based recognition is more reliable and comprehensive.

I have been using it for two years.

I would rate its stability capabilities six out of ten.

I would rate the scalability abilities seven out of ten.

The support is commendable, but there are notable issues with the product, particularly concerning exchange clients, which adds a layer of complexity. I would rate it seven out of ten.

Neutral

I previously worked with Symantec.

The initial setup proved to be somewhat complicated due to the challenges and issues we encountered.

During our initial implementation of DLP, we encountered several challenges, particularly with issues like malfunctioning mail tapes and difficulties in downloading policies correctly. Despite ongoing efforts by the team to address these issues, there were limitations in policy functionality, with successful implementation observed primarily on the web client rather than the client side.
It took nearly six months to conclude and finalize various aspects.

The ROI is inherent in the existing license, making it unnecessary to incur additional expenses for another tool.

Overall, I would rate it seven out of ten.

We use the product to set up policies. 

Microsoft Purview Data Loss Prevention's responses are faster. Its installation is also reliable. The security score helps with the security part. 

Microsoft Purview Data Loss Prevention's licensing is expensive.

Microsoft Purview Data Loss Prevention is stable. 

The tool's scalability is great. 

We have dealt with Unified and Premier support. Whenever I raise a ticket, I start researching the answer as well. 

The tool's implementation is easy. 

We have seen ROI with the product's use. 

I have Microsoft Purview Data Loss Prevention on Mac, but I do not use it daily. 

We use GCP, and it is good that the product can expand to it. 

It is good that the product goes automatically into the sensitivity limits of a country. 

Microsoft Purview Data Loss Prevention saves time in the implementation area.

I rate the product an eight out of ten.  

The product has improved compliance and confidence. We are aware of the data that is leaving our organization. It provides confidence in data management and information storage. 

Microsoft Purview Data Loss Prevention ensures users don't accidentally send inappropriate information outside. 

The AI advancements can improve the false positives. 

I have been using the product for five years. 

We use Premier support. 

Microsoft Purview Data Loss Prevention's deployment concepts are straightforward. Documentation is also available. 

I am satisfied with the tool's pricing. 

We consider user parity and user experience across all devices. 

My company is in the SMB domain, so we do not require multi-cloud features. 

Our primary concern is North American regulations, but the tool's compliance with international regulations like GDPR is also helpful. 

I rate it a seven out of ten. 

We use Microsoft Purview Data Loss Prevention to prevent data loss on our devices.

We can use Microsoft Purview Data Loss Prevention to manage devices and site policies.

The platform can be challenging to navigate and has the potential for improvement. For instance, we encountered an email in our environment that needed to be deleted from all user mailboxes. This process required us to involve multiple security administrators. It would have been easier if we could highlight the email after completing the email trace and have the option to add or soft delete it, rather than having to go to the Action Center.

I have been using Microsoft Purview Data Loss Prevention for one year.

Microsoft Purview Data Loss Prevention is stable and meets Microsoft’s SLA.

Microsoft Purview Data Loss Prevention can scale effectively as long as there is space available for additional licenses.

I give Microsoft Purview Data Loss Prevention a seven out of ten.

We currently have 160 users.

I recommend Microsoft Purview Data Loss Prevention.

With this product, you can protect your data from getting out of the company, or falling in the wrong hands. You protect your data leakages. It's a very huge subject. It's very important.

The main part I like about it is, that quite a few of the DLP features are built into the latest server operating systems. The reliability of these is good and there's a good amount of documentation in case you run into any problems. They work well. 

The setup is straightforward. 

VM people say you cannot use just one product; you need multiple products across the network and you have to deploy to the backups.

The DLP could always be better.

Overall, they should make their Hyper-V and the clustering more stable. VMware offers very good clustering, for example. Microsoft needs to improve a lot in terms of stability.

Technical support is awful.

I've used the solution for almost 10 years.

The solution is very stable and extremely reliable. There are no bugs or glitches. It doesn't crash or freeze.

The solution has been very scalable. 

As an integrator, we don't have a single client. We have so many clients. The average number of users can be as low as 100 and can go as higher 1,000. It varies. Not everyone implements DLP. A basic level of DLP is implemented, however, it is a very niche implementation and DLP is done only if someone has to be compliant. For example, a company might need either an SSA 2018 certification or SOC 1 Type 2 certifications. 

You can troubleshoot easily via documentation, which is readily available. 

Technical support seriously needs work. They are not helpful at all.

Microsoft has kind of become a monopoly now and there are so many users. They are more interested in selling the products. They're not interested in supporting them. Unlike the other companies who have at least a ticket system, here, when you are a monopolistic company, you don't care. You know the products will sell, and people will buy them.

Negative

You have the full encryption file and folder, however, for that, we use a different product. We don't use Microsoft. BitLocker has given us encryption features, however, we don't use that. Mostly, we prefer McAfee for that.

The initial setup is pretty straightforward. I see a lot of improvement on the installation part when compared to earlier days when it was a little bit tough. Right now, the documentation is good and implementation is not taking that much time. You're up and running quickly. The final aspects might require additional time, however, 80% of it you finish pretty fast. 20% of the time is when you want to fine-tune, depending on your site requirements There it might require an extra effort.

There are some products that are available on a subscription basis. Predominantly, what I use is the one that comes with the operating system and I use other third-party products basically to cover anything that's missing.

We are an integrator as well for Microsoft DLP.

Our deployments are mostly on-premise or private cloud, not on the public cloud.

Overall, I'd rate the solution a seven out of ten.

We basically use it to track personal identifiable information. We are also using it to label any confidential, company trade secret, and internal data. We have an internal use policy and a confidential use policy to encrypt the documents.

The auto-labeling feature is definitely the most valuable feature. It goes in and labels the documents for you in different repositories. It covers the Outlook and Exchange repositories along with SharePoint and OneDrive. It is really helpful in those areas.

There is a lot of ambiguity when you are setting up labels, such as sensitive information labels. It is a little daunting at first if you don't have prior knowledge, and there is a little bit of a learning curve for setting up the labels.

Some of the setup wizards could be more helpful from an AI perspective. They can streamline the setup through more AI technologies so that you don't have to jump through so many hoops and different menus and dropdowns. It would be useful to have a setup wizard that is more hands-off and engaging for setting up the information type labels. If you tell them this is what we're trying to protect, it should basically start to lead you down that path of best practices. Such a feature would be great.

It is absolutely stable. A part of the success criteria was to not have any stability issues. It seems very responsive after you get through the deployment aspect of it.

We have been adding more label information types, and it seems to scale well. I don't see any issues there. This part of the solution is built into the Microsoft Cloud ecosystem. Therefore, you don't really have any sort of quota or cap on your data. It seems to be going really well on that front.

Currently, we have about 600 users. We're going to continue on this Microsoft journey. There is another feature that we're looking at called the Purview feature, which is basically adding the same sensitive info type tagging for data in your Microsoft SQL databases. We are currently looking at using that.

Their technical support is excellent. We've had some hiccups here and there regarding the setup. We contacted Microsoft, and they were very quick to respond with solutions. The online Microsoft documentation is also kept fairly up to date, which has been another plus. Its documentation is really well done.

It was fairly complex because it has a very wide and broad gamut of sensitive info types. Each of the labels and sensitive input types that we created took four to six hours of initial setup and work. The deployment itself is pretty instantaneous, but getting the data back and actually seeing the labels and sensitive info types come back in the form of data tagging definitely takes some time. Depending on the size of your repository, it can take longer to scan the data and label it while going through all the algorithms. It probably took a good two to three days to actually see some meaningful data.

It is a part of our Microsoft licensing. We pay for a yearly renewal. Its price is reasonable for the size of the organization we are. It is fairly competitive, and you get what you pay for. We have an E5 license, and a part of understanding the E5 license is to see what all you get with it. If you really look at it from that standpoint, you get a lot of value. You have Defender and all its security features in there as well.

Their licensing is fairly flexible. They have different programs. We've seen ones where you could pay for up to three to five years in advance. There is also a monthly pay-as-you-go type of deal, but we're doing a yearly renewal and fixing the budget.

We didn't evaluate any other product because it was just way too convenient. It is a part of our Microsoft licensing, so we were already paying for it. There wasn't anything appealing to try a third-party solution or anything like that.

I would advise others to definitely go to the documentation first and plan ahead. It is definitely something you plan, and it definitely requires a kind of a crawl-walk-run approach, so you definitely want to plan for it. I would also suggest taking advantage of the testing and reporting features that are available to be able to do a pilot and test it before you actually deploy it.

I would rate Microsoft Endpoint DLP a nine out of ten. There is a little area for improvement, but it is definitely the best in class.