Microsoft Purview Information Protection Reviews

I am essentially a consultant, working freelance with various clients. Some of these clients need help understanding and organizing sensitive data in their environments across different clouds, applications, and devices. For Microsoft-centric clients, we often recommend using Microsoft Purview as a go-to tool to drive their information protection strategy. This tool allows us to integrate, examine, and analyze data in all these areas, breaking down the process when discussing it with customers.

When speaking to customers, I usually focus on four specific categories of use cases: knowing their data, protecting their data, preventing data loss, and governing their data. Microsoft Purview information protection is capable of addressing all of these use cases.

It is crucial that Microsoft Purview provides data protection across multiple cloud and platform environments. This is a key selling point that I use when working with customers. Nowadays, most organizations are not confined to a single cloud; they are already operating in hybrid environments with both on-premises and public cloud providers. However, more and more of them are moving towards using multiple cloud providers. Microsoft was the first major public cloud provider to offer multi-cloud capabilities in various products, not just in Purview. This feature is a significant benefit that many of my customers base their decisions on when choosing a platform.

Multicloud goes beyond simply connecting resources in AWS, Microsoft, or Azure. It also involves connecting resources in various endpoint platforms such as iOS, Android, and Mac, which are part of the ecosystem we oversee as information security professionals. We require tools that can integrate these devices and comprehend their current state, making it a crucial aspect of our work. Microsoft Purview Information Protection is capable of establishing these connections.

The ability of Microsoft Purview Information Protection to ingest data from non-Microsoft sources is a valuable additional feature that I believe is improving. There are now more capabilities, connections, and opportunities to integrate with third-party products. Every month, it seems like we are adding new capabilities or bringing on new partners. This is a crucial aspect that many of my customers seek, as most companies do not rely solely on Microsoft and Microsoft Azure. They use various platforms and systems, so being able to gather and centralize data from multiple sources is a significant advantage. This allows us to monitor, analyze, make decisions, and react to the data all in one place, instead of going to multiple platforms and vendors. It is a highly sought-after feature for most of my customers when choosing a platform.

Purview's native integration of compliance across Azure Dynamics and Office 365 is important. I believe it is crucial for customers who heavily rely on Microsoft products, but there are also many customers who use non-Microsoft-centric product lines and SaaS solutions. Therefore, having the integration allows us to have visibility into Microsoft's primary products, but it also enables us to connect with additional solutions and examine them, extending our visibility beyond Microsoft products. I think the blended solution is what is most critical.

It is essential for my customers that Purview considers critical regulations worldwide. It is extremely uncommon for me to have customers who are not subject to or aligned with at least one major regulatory compliance framework, be it an ISO standard, an NISC standard, or other US-centric or external regulations like GDPR. Consequently, having these frameworks built-in or the capability to access and integrate them on demand provides significant added value for the majority of my customers.

Data loss protection in Purview is effective for remedying policy violations. It relies on correct setup and architectural choices for implementation. Having implemented hundreds of them for customers worldwide, I can confidently say that making good decisions makes the process straightforward. With the right licensing, we can integrate Purview across the entire productivity suite, including OneDrive, SharePoint, Teams, and Outlook. The end-user experience is relatively seamless as they go about their business. If they try to send sensitive data through the system or store it in inappropriate places, we are able to catch and handle it accordingly. We have options to alert the user, strip the data, notify a manager, or block the communication, depending on the severity of the violation. This gives information security professionals like me the ability to fine-tune the organization's response based on the level of exposure. Overall, Purview is a highly effective and easy-to-operate tool.

It is crucial that Microsoft has extended Purview DLP to MacOS endpoints. Mac comprises a much smaller percentage of the number of desktops in an average organization compared to Windows or Intel-centric solutions. So, on average, it is a small percentage. However, some customers almost exclusively use Mac, so it varies. For most businesses, there aren't too many Mac users in comparison. But it's a blind spot, at least until the extension of capabilities to the Mac platform. We cannot monitor activities on those endpoints, including users' operations and whether they are sharing proprietary confidential sensitive data inappropriately. This lack of visibility prevents us from enforcing compliance and poses a regulatory risk. So, any action taken by a vendor like Microsoft to extend platform capabilities, eliminate these blind spots, and provide us with visibility is greatly welcomed and highly beneficial.

On average, Microsoft Purview Information Protection has provided my customers with much greater visibility into potential risks and threats within their organization. It has also given them access to reliable information to make informed decisions and has helped reduce the number of incidents that occur within their control. This tool has allowed organizations to enforce policies effectively and improve their risk posture and threat mitigation capabilities. In larger organizations, such as those with numerous endpoints and outlets for information, tools like Microsoft Purview are invaluable for constant monitoring and protection. As humans, we are limited in our ability to effectively watch over all this information, so these toolsets are crucial for safeguarding data. Microsoft's ability to deploy these tools at scale through their platform-based licensing is an essential aspect that I regularly discuss with customers.

Purview has been effective in reducing the need for us to interact with multiple solutions, but its success depends on the technology stack used by the organization. If the organization heavily relies on Microsoft and its infrastructure, Purview can help centralize information and minimize the need for multiple tools and platforms. However, even if the organization is Microsoft-friendly and uses third-party platforms, Purview can still reduce the number of tools needed. The key is to present a strong business case to decision-makers to demonstrate the benefits of centralizing reporting, visibility, activity, and monitoring through Purview. 

Purview enables me to have much greater visibility, particularly as I manage numerous infrastructures for multiple clients worldwide. This allows me to quickly comprehend and address any issues they may encounter, without having to track down and communicate with multiple individuals, which can be time-consuming. It is truly a tremendous time-saver and greatly enhances visibility, adding significant value.

AI and automation have significantly improved our speed and accuracy in risk detection. The challenge we have long faced is the overwhelming amount of information to examine without enough resources. To address this, the industry is implementing artificial intelligence, machine learning, data visualization, business analytics, and other technologies. Automation plays a crucial role in determining the key factors involved. In small organizations with limited data and users, manual management may suffice. However, in larger organizations, continuous monitoring and automated workflows are essential. Visual presentation of large volumes of information can be achieved through dashboarding and business intelligence capabilities. AI and automation enable us to identify patterns that may be missed by humans due to the sheer volume of data. They help process information at scale and provide summarized insights to humans for further action. Indicator compromise indicates ongoing issues, while indicators of exposure allow proactive measures to be taken. Purview and AI facilitate identification and response, as well as preemptive actions. These are crucial takeaways from the application of AI and automation in risk management.

I believe that insights are better with AI and automation. They are more tailored to a personalized view of my customer's world, taking into account each individual customer. Microsoft is able to gather trillions of data points every day from millions of customers globally, which benefits us by providing threat intelligence analysis and indicators of potential threats. This has led to significant improvements in actionable intelligence and desired results. In the past, it was difficult to create scalable action and intelligence without visibility into different regions, but AI and scalable platforms have changed that. The platform continues to improve with new features and capabilities, and it is maturing at an impressive rate.

Purview has helped reduce the time to action on insider threats. Depending on whether the organization chooses to be aware of them and take action on them, they can proactively address potential issues instead of reacting through incident management. It has become a significant aspect for many of my customers, as they aim to switch from a reactive to a proactive approach. Our goal is to prevent issues from occurring in the first place, rather than just reacting to them when they do happen. Tools like Purview play a big role in identifying risky and unusual behavior, which could indicate potential concerns. However, it is essential to be mindful that not all unusual behavior is malicious, as there may be legitimate reasons for it, such as business travel. Building an army of humans to monitor for such behavior may not be efficient, as they need breaks and rest. The value of platforms like Purview lies in their ability to continuously monitor without breaks. The responsibility then lies with the humans using these platforms to pay attention to alerts, classify them, and investigate as needed. By doing so, organizations can stay current with potential threats and distinguish between genuine activities and suspicious ones. Ultimately, the success of these tools depends on the organizational culture and how they are utilized.

Purview has helped save both time and money for many of my clients. It has reduced the time to find solutions, identify issues, and respond to them. This has allowed us to respond quicker and address concerns proactively before they become major problems. Additionally, we can now handle higher volumes of information and oversee more systems with the help of these tools, resulting in increased protection. 

Regarding cost savings, it can be challenging to quantify as it depends on individual businesses' needs and usage patterns. Often, companies are underutilizing the capabilities and features they are paying for, leading to duplicative efforts and wasted resources. However, through careful analysis and assessing current products in place, we have been able to identify significant savings over the long term by removing duplicative product licensing and renewing licenses strategically. These savings can then be reinvested elsewhere in the business. Overall, while the process may be complicated, we can achieve substantial savings with the right approach and understanding of our spending.

I believe valuable features depend on the customer and the specific use case because everyone's needs vary, as do the needs of different organizations. Some may have regulatory requirements while others may not. Therefore, the ability to classify data and represent it graphically in the organization is extremely beneficial.

Additionally, having the option for customer-managed teams to encrypt data and control the keys themselves, rather than relying on a platform-managed key from providers like Microsoft is crucial. Incorporating data loss prevention capabilities built into the Microsoft platform to endpoints, such as Windows 10 and Windows 11 computers, can also help prevent data loss and is highly advantageous.

There is potential for more integration in the use of AI. I believe the new capabilities of CoPilot, which Microsoft is starting to make available on its platform, will be valuable. The ability to refine and integrate regulatory frameworks, as well as address ongoing threats and attacks, can help us improve our defense. However, there is room for improvement in bringing things to market quickly and utilizing intelligence in the platform. The more automation and AI capabilities we deploy, the sooner we can benefit from real-time analysis and data gathering. Improvements in these areas are sought after and welcomed. The maturity of the Defender ecosystem and its extension into various areas of the Broad Azure and Microsoft 365 landscape are also appreciated, with more opportunities on the horizon. While there is always room for improvement, there is also a lot to celebrate in terms of using the tools we have and learning how to use them effectively.

I have been using Microsoft Purview Information Protection for around three years.

I believe that Purview is a highly stable product. From what I can recall, there have been very few, if any, significant issues with its stability over the past several years. In my experience, it performs exceptionally well at scale and serves as a key foundational element for building information assurance in most of my customer engagements.

Purview's scalability is a managed service, meaning I don't have to scale it on my own. In our industry, scalability is defined as the ability to add five things to the left side of the table, where there are already five things, to make it ten when needed. 

Microsoft provides the tools and capabilities to manage the infrastructure behind the scenes for scalability. So, while it is scalable from our perspective, Microsoft controls and maintains the scalability over time, even under load. It always meets my needs, but it could be a bit quicker in ingesting and analyzing data, which are scalability issues on the backend that Microsoft controls. As a customer, I would like things to happen faster, but overall, I find the platform to be highly scalable and responsive for the workloads it handles.

We work with Microsoft's technical support on a regular basis depending on the customer and the needs.

Neutral

I have used a variety of different tools for data loss prevention and risk mitigation over time. The selection of tools depends on the specific needs of the customer. Nowadays, many of these tools offer similar capabilities, such as e-discovery, encryption control, device control, and content-aware protection. Microsoft's Purview stands out because it operates across four categories: knowing our data as an organization, protecting our data, preventing data loss, and governing our data from a risk management and compliance perspective. Unlike other vendors, Microsoft's offering is fully integrated and provides a comprehensive set of tools and capabilities in each category, spanning across the entire Microsoft platform including Azure, Microsoft 365, and Dynamics. This integration saves time and effort compared to using multiple vendors for the same functionality.

The complexity of the deployment depends on the organization's needs, but I find it quite straightforward. Paying attention to the details and understanding the features and integration are crucial. Success or failure in a good deployment comes down to planning and needs analysis with the customer. Many people make the mistake of not understanding the problems they need to address or which features to use, leading to difficulties in integrating the system. Those who plan sufficiently and don't rush into it tend to find it easier. Personally, I prioritize planning with my customers, making it a relatively easy journey for me.

The number of people involved in the deployment depended on the customer. Typically, in my line of work, I collaborate with a team within the organization to set up and possibly maintain the project. For small companies, I am usually the only person they hire for this task. However, for larger companies, I am usually a part of a team responsible for both the setup and ongoing maintenance. The number of people involved can vary, but on average, there are usually four to six people with different roles at some point during my practice.

This may not be obvious to decision-makers initially, but with the right pitch, there is a clear return on investment. By reducing the number of tools used, Purview enhances protective capabilities and decreases response time, providing significant value for the investment.

The price is determined by the enterprise licensing, either the E3 or E5 licensing or the EMS plus security and other feature licensing. We can access it in various ways depending on the organization's needs. We have the option to buy individual aspects or include them as a premium part of our existing licensing for other tasks. Microsoft's licensing and pricing can be more complicated than necessary, a criticism commonly heard from anyone who has dealt with them over the years. However, they have made strides in simplifying it compared to the past. The pricing is competitive and offers good value for the service offerings. It holds up well against other competitors and vendors in the market. Considering the number of capabilities and features integrated into the platform, the price seems fair.

I give Microsoft Purview Information Protection an eight out of ten.

We use the solution for our customers' services. It helps identify and protect sensitive data in documents, PDFs, emails, and Teams chats to prevent data leakage. It can detect and block emails containing credit card information sent outside the organization.

Microsoft Purview IInformation Protection works well with Microsoft products and cloud-based systems like SharePoint Online and Microsoft 365. However, it has limitations with on-premises systems like NAS or SAN storage, where performance can degrade.

The tool allows for classifying and labeling documents as confidential or restricted. It can automatically tag documents based on keywords, like labeling a document with "contract" or "accounts payable" as a finance document. This helps with retention policies. The solution doesn't support classifying video and audio files yet, but I believe that's planned for the future. 

The solution helps manage documents, especially document lifecycle management with Word documents and SharePoint Online. It auto-upgrades its versions.

The product helps gain extra storage space by identifying documents that can be deleted after classification. It also helps with regulatory compliance like privacy acts.

I wouldn't recommend Microsoft Purview Information Protection for petabytes of documents as performance might be affected.

I have been using the product for a year. 

There were no glitches with the solution, but processing large volumes of documents took longer.

No installation is needed as it's a cloud service you are onboard with. Microsoft provides detailed user guides for configuration, which makes it moderately easy to set up.

The tool's pricing is fairly low, less than 100,000 for a year.

Copilot is an inbuilt feature that can automatically summarize Teams meetings. If using Microsoft products online, I'd rate the product an eight or nine out of ten. I'd give it a six or seven out of ten for a mix of features or non-Microsoft products on-premises. Overall, I'll go with a seven out of ten rating for the solution.

We are a Microsoft partner specializing in Microsoft Purview Information Protection which is used for digital rights management. Essentially, we integrate Microsoft Purview Information Protection into our own software products that we develop and currently deploy in various customer locations. As a small organization, we have a handful of developers who are highly productive, thanks to Microsoft Purview Information Protection. We utilize the Microsoft Purview Information Protection SDK, which is a software development kit provided by Microsoft, to integrate solutions such as SAP with the ERP, a system used by many enterprise customers. This integration allows us to maintain good communication with Microsoft as a partner, as we work alongside them on Purview Information Protection.

It is important for Microsoft Purview Information Protection to be able to connect with iOS, Mac, and Android devices. Microsoft Purview Information Protection is highly popular; it is a stable Microsoft product, and many customers are using it in their product environments. Moreover, extending its compatibility to all possible and popular operating systems, applications, and devices would be incredibly beneficial. It should not be limited only to Windows.

Not all customers use Microsoft platforms. Each person has their own software requirements, and it is crucial that Microsoft Purview Information Protection has the interface connectivity to ingest data from various non-Microsoft data sources as well. Only in this way can we attract more customers to use it, as not all of them want to be exclusively dedicated to Microsoft. Some may still be using legacy systems or other platforms.

Microsoft Purview Information Protection has significantly enhanced the security of our file system. All files within Microsoft Purview Information Protection can only be accessed by authorized users, preventing any unauthorized external access. This ensures Purview safeguards the organization's confidential data, improves the handling of critical data, and also allows us to assist other organizations in implementing Purview technology and automating encryption within their information systems. Thus, not only are we benefiting from this technology, but all our other customers as well. Microsoft Purview Information Protection is instrumental in securing their data, business files, and overall information through encryption and thorough tracking of file access and any attempted unauthorized access within the Purview ecosystem.

For our internal purposes, we are not using Purview for real-time compliance. However, our larger customers are using it for their internal complaints. We are aware of this because we interact with them and have learned that they heavily rely on Purview for managing complaints and other matters. Therefore, they want to safeguard their confidential information in accordance with their organizational requirements.

Microsoft Purview Information Protection can significantly reduce response time. Based on my knowledge, I can affirm that it offers excellent tracking capabilities and provides various insights. For instance, it enables tracking the file's movement within the organization, ensuring well-defined travel. Additionally, if an insider attempts to send the file to an external party without the company's knowledge, we can still track it. Consequently, it greatly aids in reducing response time or, at the very least, detecting issues early to take appropriate action.

All enterprises need to invest in their security, and Microsoft Purview Information Protection is beneficial in saving time and valuable information, while also ensuring data protection. With Purview, both time and information are safeguarded. Without Purview, all information remains accessible to anyone, and it can be shared externally without any restrictions, making it impossible to track data movement without software like Purview in place. Consequently, if an incident occurs, it would require significantly more time and effort to investigate the cause and identify how critical business information got leaked. Therefore, I can confidently say that Purview undoubtedly saves time for any organization.

The UI is user-friendly, and I have observed that it improves further each year.

Microsoft can improve the affordability of Purview Information Protection by offering it at a lower cost. This could be in comparison to the current pricing for enterprise customers and also for individual users. Providing an option for individuals to purchase Purview technology at a reduced cost would be beneficial. For instance, if I, as an individual, want to have Microsoft Purview Information Protection, it should be available at a more affordable price. Creating a separate low-cost version specifically tailored to individual users and a separate higher-cost version for enterprises would make the product more accessible and appealing. This approach could make Purview more popular, encouraging more individuals to start using and exploring its services.

I have been using Microsoft Purview Information Protection for five years.

Microsoft Purview Information Protection is a stable solution with few bugs. The solution undergoes thorough testing with beta versions and is experimented with by a closed group of testers before its release to the public.

I would rate Microsoft Purview Information Protection an eight out of ten.

I only have experience working with Azure Cloud, but it is a good idea and important that Microsoft Purview Information Protection is capable of extending data protection across multi-cloud platform environments, including AWS and Google Cloud platforms.

Microsoft Purview Information Protection does not require maintenance from our end.

Potential users should evaluate Microsoft Purview Information Protection. The solution is simple and straightforward. Microsoft offers extensive documentation on its website, including public spaces and community sites. Therefore, numerous questions from various customers are likely to arise. Both Microsoft developers and other people associated with Microsoft are eager to respond to these inquiries. For those who wish to evaluate the solution, I recommend joining the Microsoft community and actively participating by asking questions. There are many people available to provide answers, not only from Microsoft but also from other customers and partners who may have encountered similar issues. By being engaged in the community and regularly consulting the Microsoft documentation, we can start anywhere in the community to seek help, even if we have seemingly basic questions about the solution. People within the community will be more than happy to come forward and provide the necessary clarifications to help.

We primarily use it for data labeling, specifically for labeling documents and emails.

The automated labeling feature in Microsoft Purview Information Protection has greatly enhanced our organization's security. By ensuring correct labeling of documents and emails, we effectively prevent sensitive data from being shared externally. This feature has strengthened our data protection measures and instilled confidence in managing access to our sensitive information within the organization. Microsoft Purview has saved me time, especially with the auto-labeling feature. It spared me from manually labeling extensive amounts of data. Quantifying the time saved is tricky since it is more of a day-to-day tool once implemented, rather than a specific time-saving task.

The automated labeling feature in Microsoft Purview Information Protection has been incredibly valuable for us. Before using it, we had a lot of unlabeled data, and the tool helped us quickly and accurately label a large number of documents. This saved us time and ensured our data was properly categorized and protected.

There is room for improvement with the policy tips feature. It seems inconsistent, working well in some web applications but not as effectively in desktop applications. The experience is a bit hit-and-miss, so refining the policy tips functionality across all platforms would be a valuable enhancement.

We have been working with Microsoft Purview Information Protection for four years.

Overall, I find the product to be very stable, especially with the essential features. However, there are some instances, like the policy tips, where it doesn't feel entirely right to me since there is a slight instability in certain aspects. Nonetheless, the critical features remain stable.

The scalability has been good. We haven't encountered any issues with two or three million documents.

I would rate Microsoft's technical support as a five out of ten. The main issue for me is difficulty in getting a technical person right away when raising a ticket. It often involves explaining the issue multiple times before reaching the right person, which can be frustrating.

Neutral

From a technology standpoint, the initial setup was easy, but user adoption was a challenge. There was a need for extensive user training and communication to familiarize everyone with the labeling behavior. As users adapted, the system started understanding the changing user behavior better.

Microsoft Purview has helped us avoid potential financial issues, especially in terms of GDPR fines, by ensuring full compliance with regulatory requirements. It is more about preventing problems than directly saving money, but it is valuable nonetheless.

The pricing and licensing for the product are quite expensive. Some advanced features are included in the E5 licensing, and it might be beneficial to see some of those features integrated into E3 to make it more accessible.

Microsoft Purview, along with Information Protection tools, has been great for meeting rules like GDPR and HIPAA. We use features like sensitive information types, auto-labeling, and trainable classifiers to easily identify and manage data. If we need specific info, like PII data, the tool helps us quickly find and extract it. For us, it is very important that Purview Information Protection stops our sensitive corporate secrets and personal data from going into AI models. Before jumping into AI tech, we want to be sure all the safeguards are in place. Keeping our data secure within our system is crucial, and having everything set up right is a top priority for us. Microsoft Purview integrates seamlessly with the productivity and security tools we regularly use. It is essentially a one-stop solution for me. While we might have adopted a boundary-level technology, I wouldn't say it's necessary because the current tooling covers our needs well. Having a single solution for information protection is crucial for our operations. It is a complex task, and having everything under one umbrella is much easier for me than dealing with different solutions for different types of data. It simplifies things and works well for our needs. Overall, I would rate Microsoft Purview Information Protection as an eight out of ten.

Our primary use case is for applying sensitivity labels to sensitive content, including in emails, OneDrive, and SharePoint. 

Purview Information Protection helped to reduce the number of solutions we need to interact with each other, and it's very valuable to have in small to mid-sized organizations; that's where it shines the brightest. The effect on the complexity of data governance depends on the organization; if a company is only concerned about PII and Office 365 apps, then they don't need other services such as DLP tools, data classification tools, discovery tools, etc. Those can all be eliminated because Purview is a catchall product; you can classify data using sensitivity labels and integrate that with DLP. You can write DLP rules or policies based on what's specified in the sensitivity labels, so separate apps and tools could be unnecessary depending on the organizational requirements.   Reduced Number of Solutions/Complexity of Data Governance

The solution provides good visibility into our estate and is very helpful for gaining visibility into a client's Office 365 estate.  Visibility Into Estate

Purview enables us to show compliance in real time, though I have yet to be in a meeting with a compliance regulator.  Show Compliance in Real Time

The product helped reduce our time to action on insider threats, and it's great for that. We can specify who has access to specific labels, so if a group like HR doesn't have access, they won't be able to see the content. In terms of insider threat, Purview is a powerful tool.  Reduced Time to Action-Insider Threats

The solution is great for helping us stay on top of compliance; we can go through the compliance manager section in the app and use a risk assessment template. Purview recommends actions, so going through a cybersecurity framework is huge for compliance. It's also pretty straightforward to use.  Stay On Top Of Compliance

We can restrict access or specify who can see sensitivity labels, which can be based on the classification level. We can encrypt restricted content and limit who can see that from an internal view, too, so Purview is a powerful tool.

Purview delivers data protection across multi-platform and multi-cloud environments, including AWS and GCP, which is essential. It's definitely a meaningful integration. DLP Across Multi-cloud, Multi-platform Environments- Importance

The solution lets us connect to iOS, Mac, and Android devices, plus data from other SaaS apps. This is vital, as employees are not just accessing MS suite applications; they're typically going all over the internet using web-based or desktop apps. There's value in looking at Microsoft apps, but it's essential to see the whole landscape rather than just the 365 suite. Connect to iOS, Mac, Android Devices and SaaS apps- Importance

Purview's native and integrated compliance across Azure Dynamics 365 and Office 365 is good, and the classification is reasonable. Native and Integrated Compliance Across Other Microsoft- Importance 

The fact that Purview was built to take into account critical regulations from around the world is essential. It's necessary, as the more information we can protect, the better. Takes Into Account Critical Regulations- Importance

Regarding DLP for remediating policy violations, the product is excellent; we can alert on policy violations, block and so on. The current capabilities are typical, but we can get pretty deep in finding and specifying remediation outcomes using Boolean Logic. So, if content contains X, X, and X, we can trigger specific actions. The solution is beneficial in this regard, and the UI is easy to navigate.  DLP-Remediating Policy Violations- Importance

Purview's DLP is very good for educating users on how best to handle sensitive data, and it comes in the form of policy tips and email notifications. Policy tips are great; this capability alone is fantastic for spreading cybersecurity and data protection awareness. When the policy tips are implemented, it reinforces our organizational standards, which is excellent.  DLP-Educating Users On Handling Sensitive Data 

Our primary concern is third-party application visibility. Many people choose other DLP tools, as they can search the Office 365 suite and detect sensitive information across thousands of other apps. The product is weak compared to the competitors on the DLP front, but the classification is good; the tool needs a bit more maturation.

I want to see Microsoft being more flexible; Purview is excellent for an MS environment, but we can't use the DLP capabilities with third-party products, so it's limited there. We can use other tools for that, but it would be good if Microsoft implemented that.

I want to see more robust reporting capabilities; reporting in dashboards and navigating through alerts can be laborious. If Microsoft could develop the reporting, the product would be more beneficial.

We've been using the solution for about a year and a half.

I reached out to technical support once and didn't get a response. The tool is easy to use, and you don't need much background information to navigate the tenant, but the one time I reached out, they didn't get back to me. Therefore, I can't rate them as we've never interacted.

The product is affordable, and our clients agree. Sensitivity labels come with the MIP license at an additional $2 a month per user, an excellent deal for auto-labeling capabilities.

I rate the solution seven out of ten.