Microsoft Purview Information Protection Reviews

My main use cases revolve around Copilot readiness. I go in and assess a Microsoft 365 tenant to understand what their data usage patterns look like so that I can help them figure out how to re-architect their SharePoint and apply the appropriate sensitivity labels so they can start to deploy Copilot confidently while reducing oversharing and reducing unintended access to the company's data in M365.

I particularly appreciate the ability in Microsoft Purview Information Protection to use data sensitivity labeling across all of M365, and then you can also extend it out to AWS S3, Azure Blob storage, Power BI, Dataverse, and all other integrations.

Although it has numerous connectors, the ability to classify data across cloud hyperscalers allows us to gain visibility on where we have sensitive data, and it also enables us to get telemetry to identify when there is potential risky sharing of that data.

We are using Microsoft Purview Information Protection to enable the confident use of AI, so it is a set of controls and visibility that helps customers understand why they should be confident in the way that they have organized and classified their data so they can start to let agentic AI operate in their environment.

I am not impressed with the API ecosystem provided by Microsoft Purview Information Protection, and I want it to be better. Blue Cycle, as a group of developers who know security and Microsoft, differentiates in the Microsoft ecosystem by not only knowing Microsoft but also all the third-party products that Microsoft competes with and integrates with. We are a very API-first company focused on finding patterns and implementing them. A lot of functionality in Microsoft Purview Information Protection is not exposed in an API officially yet, which has made a lot of implementation work difficult because we have to do click ops instead of DevOps. While some tools have capabilities, communication rights management, for example, makes it almost impossible for a third party that is not integrated in as a solution provider to operate. That is not directly Information Protection, but it is a Purview example. However, I think that there have been many releases this week that might help with these issues, but I have not caught up on all of them yet.

I have been using Microsoft Purview Information Protection for about three years.

I am probably not close enough to answer questions about stability or reliability issues, but I think of myself as the architect designer while my team implements the work. I have not heard of any crashes or downtime; nothing has bubbled up to me. If there was a big problem, I would know about it.

My customers have seen a return on investment from having Microsoft Purview Information Protection.

I chose not to look at another solution because we are Purview first, even though there are use cases that necessitate other tools like Varonis that sit on top of Microsoft Purview Information Protection. In general, the only product I have seen that provides significant value on top of Microsoft Purview Information Protection is a company called Gnostics; they complement Purview and come into your Purview deployment to identify the roles and personas in your company, pen-testing the AI to help you figure out where you have gaps in your AI security and in your oversharing controls.

I am not sure I know the answer to how I would evaluate the sensitivity labels in the AI guidance that I receive. My overall review rating for Microsoft Purview Information Protection is an 8.

We initially focused on Office 365 risk and compliance in Teams, SharePoint, and email. More recently, I have been utilizing it from the data platform perspective, integrating information protection labels into Azure SQL, Power BI, and more.

Microsoft Purview Information Protection helps us comply with national standards. I don't deal with HIPAA or GDPR, but I'm working closely with federal standards in Australia. I used to work with government agencies. Purview is about auditing and discoverability. We need to ensure people aren't releasing information that they shouldn't and that they're doing multi-factor authentication or accessing it from the correct devices. It aids in reducing silos within organizations, enabling staff to easily find documents and contacts without exhausting human resources.

One of the key features of Microsoft Purview Information Protection is the auto-classification functionalities, although I have found them to be less effective in complex scenarios. The policy toggle, demanding justification for downgrading labels, provides an essential audit trail that helps prevent accidental exposure of sensitive data.

The security tools integrate well. I like that you can scan several data or informational assets, such as your SharePoint list, Teams, etc., and bring them into Purview as a central repository. Partnering with other products, like Sentinel, for logging capability and inventory provides a service across the board.

It's essential that Purview automatically prevents highly sensitive corporate secrets and data from being ingested into generative AI models, but the reality is that AI is a tool. It's problematic if consumers rely on a tool to protect them because they must be educated first. Regardless of the education, the employee might share the information anyway, so the AI shouldn't be the first point of failure. It should be a human making good decisions.

The communication around Microsoft product names and functionalities can be confusing, like when they combined Office 365 Risk and Compliance with Azure Purview. Then, they added Purview Hub to Fabric, and people thought Purview Hub would do data lineages, but it didn't. It isn't full-fledged Purview. It's just one feature set. 

Clarifying product features and use cases would help avoid such confusion. Additionally, improving the auto-classification functionalities and providing a more user-friendly experience would be beneficial.

I have been using Microsoft Purview Information Protection for two to three years.

I have seen no issues with stability; it appears to work reliably even when deployed broadly within organizations.

The scalability of Microsoft Purview Information Protection is excellent. There have been no real problems with scaling, and it can handle large collections of data without issues.

I rate Microsoft support six out of 10. Response times are a challenge. It's hard to be an ambassador for a product when you know it will be hard to get support. With Microsoft's support, I have learned to be persistent. 

I'll raise a support ticket, knowing that it will take some time to escalate. When you've got runways on a project, you only have so much time to burn with support tickets. In some cases, it has taken 30 to 60 days before I reach someone who can help. However, recent improvements in visibility and community engagement have made it somewhat easier to obtain support.

Neutral

I have explored other products such as Exceleon and Informatica, but ultimately chose Microsoft Purview due to its direct integration with the Microsoft ecosystem.

I'm a consultant, so the solution is typically implemented by third-party resellers and state government clients, who procure necessary licensing and services.

Microsoft Purview Information Protection offers an indirect return on investment by acting as a governance tool. You can centrally store all the informational assets so staff can search the catalogs to find the necessary documents. They can see that it's on SharePoint, a Power BI report, etc. 

If I've got a database called CRM, they don't necessarily know it will be sales or customer data. They can tell Purview that they're looking for customer data, and it lets them know where it is. They don't have to have direct access to do that. They just have to have access to the metadata and the glossaries. It takes away some of those silos in organizations. Purview can do a quick scan, and it doesn't use human resources, so it gets time to do things that we need humans to focus on. 

Initially, Purview's cost seemed quite high because it was for personal use. I was scanning a tiny tenant and thinking, "If I extrapolate this to an enterprise-scale tenant, it will be quite costly." However, I talked to people who had compared it to other products on the market, and they're spending five figures to get started. At least, Purview has a free trial, so you can try some of the features early on.

I rate Microsoft Purview Information Protection seven out of 10. Purview's classification abilities could be improved, especially in handling complex rules. Greater clarity in product communication and the continued development of its roadmap will help enhance user confidence and understanding.

I have several different clients in various industries, particularly in HR and finance departments. They wanted to lock down and protect their documentation to ensure it does not end up outside their tenant.

For a small company, having Microsoft Purview Information Protection gives us kudos in the community. We offer services that competitors do not, which provides us with a competitive edge by staying on top of Microsoft's new releases.

The features my clients request most are sensitivity labels and data loss prevention. Additionally, I am trying to interest them in risk management and insider risk management, although those features are considered more advanced. 

Purview Information Protection integrates with the productivity and security tools we use regularly. It's paramount to have a single solution for information protection. It makes things easier to manage from one place, and the Purview portal gives you everything in one pane of glass. We're talking about the security of our content and lifecycle management. It's crucial to our effective operations.

We don't have any medical clients, but Purview has been extremely helpful in enforcing compliance standards for the industries I serve. 

There should be more training and communication regarding new features. I may be missing those communications, but it often seems like changes happen in the Purview portal without notice. Having a roadmap or updates about new releases would be helpful for demonstrating to clients. If things are constantly changing, I sometimes look silly when I log in, and things have moved or changed.

Purview's data classification abilities could be more comprehensive. Purview is designed for Microsoft items like Word and Excel, but they're broadening the scope a little. Our clients use many file types. Being able to apply protections to those would be helpful because they're essential information for our clients.

I've been using it for the past year and a half, going on two years.

I think Purview is incredibly stable. Once implemented, I haven't had issues with its consistency.

If you know what you're doing, Purview is easy to scale, especially once the groundwork for information protection and sensitivity labeling is set. It can be scaled across different departments organization-wide very quickly and easily.

I rate Microsoft six out of 10. Microsoft customer service is hit or miss. Sometimes, I get a fast and knowledgeable response, while other times, I've experienced delays and received no resolution.

Neutral

Before it became Purview, we dipped our toes into other Microsoft solutions.

The initial setup was tentative and difficult, but over time, with more feature releases and updates to the user experience, it has become easier.

We did not use an integrator, reseller, or consultant for the implementation process.

I cannot know how much time we've saved by preventing data loss, leaks, or exfiltration. These things are outside the grasp of my company. Sometimes, I get an angry phone call asking why something was shared. We're preventing a lot of that, but it's hard to quantify.   

Purview has saved money, but it's hard to say how much. The cost of data loss and your data going to a competitor is potentially massive. We're protecting our client's business, and they're paying us to protect them. It has saved us money and made us lots of money as well. The most significant ROI is the peace of mind from knowing sensitive information is not leaking out. 

The pricing and setup costs are transferred to my clients, who find it affordable and are satisfied with what they receive.

I rate Microsoft Purview Information Protection nine out of 10. It is a very cool and powerful technology. However, there's a societal lag in data protection, but I'm excited about Purview's potential.

Our managed services provider performs assessments, maintenance, and checks. We also offer a SOC to customers who do not have a budget for a dedicated security engineer.

Microsoft Purview Information Protection is used for both internal needs and for our customers to help them implement data loss prevention and conduct compliance assessments. With the deployment of Copilot, we use it as a tool to ensure proper data governance and to prevent unauthorized access to data.

Purview simplifies and consolidates security products. We implement other products from CrowdStrike and SecureWorks. However, it's better for Microsoft customers because they're already paying for the enterprise license, so they save some costs by leveraging that. 

A single solution for information protection is crucial because the Holy Grail of security management is the single pane of glass. With all the indicators in one place, you avoid false positives, which means that it requires a low level of attention. The operator won't believe it's an actual attack if you have too many false positives. Copilot For Security also prevents this kind of false alarm and provides a way to automate many things. 

Purview saves customers time by offering them a quick way to assess a situation and insights into how to improve. It also helps to save customers money because consulting engagements are based on the consultants' time with the customer. 

The reporting capabilities of Microsoft Purview are crucial. They provide insights into potentially non-compliant situations and suggest ways to rectify them. The solution helps to automate many tasks, allowing human operators to focus on areas where they offer the most value.

Microsoft Copilot is an advantage because it's enterprise-grade AI. Customers can't use a generic AI and risk having their IP disseminated in the general public version of the AI engine.

Purview's data classification features are excellent for Microsoft shops using SharePoint, OneDrive, and Microsoft 365. It's a great tool to assess everything. It's more complicated if the customers are using third-party tools. 

Purview could better integrate with third-party tools, but I don't have a specific use case for that because It's currently integrated into the managed services we offer to Microsoft customers using E5 licenses.   

We have been using Microsoft Purview for the last two to three years. We started using it when it was called Azure Purview.

The concept of stability is somewhat ambiguous, as Microsoft continually upgrades the product as part of its SaaS model.

The product is scalable, and we do not face issues concerning scalability for the customer size with which we work.

We generally receive good support from Microsoft for this solution.

Positive

We offer solutions based on SecureWorks and CrowdStrike. The choice depends on customer requirements and existing licensing agreements. We have no preference. It depends on the customer's case and history. If they have already chosen CrowdStrike or SecureWorks, we can deliver our services with any of those. 

The setup is straightforward out of the box, but requires attention to adjusting certain settings for optimal performance.

Customers have seen a return on investment through quicker issue detection and cost savings due to automation.

As a service provider, we do not handle licensing directly. Our focus is on helping customers maximize their software investment. If the customer already has an E5 agreement, we help them get the most out of it. 

I rate Microsoft Purview nine out of 10. It's an excellent solution for a Microsoft-centric environment. The importance of using enterprise-grade AI to ensure data protection cannot be overstated.

My main use cases involve being able to control user permissions within Teams primarily, as I am not really as much on the Office side of things, just more on the collaboration side.

The features I like the most about Microsoft Purview Information Protection include the ability to set different retention policies. These features have benefited my organization by being crucial in maintaining taxpayer anonymity when communicating with government employees.

In the context of the AI boom, the importance of Microsoft Purview Information Protection automatically preventing high-sensitive corporate secrets and PII data from being ingested into generative AI models is crucial and critical in government and public health.

I do not have any suggestions for improvement of Microsoft Purview Information Protection at this point since I am still learning.

I have been using Microsoft Purview Information Protection for about a year.

I would assess the stability and reliability of Microsoft Purview Information Protection as excellent. To my knowledge, I have not experienced any downtime, crashes, or performance issues with Purview.

I think Microsoft Purview Information Protection scales excellently with the growing needs of my organization, and it is very appropriate. I have expanded usage, and I would say the process was seamless when I was expanding usage.

I would evaluate my customer service and technical support experience as excellent.

On a scale from one being the worst and ten being the best, I would rate my customer service and technical support as a nine.

Positive

I am not aware of any solutions used prior to adopting Microsoft Purview Information Protection to address similar needs.

I would describe my experience with deploying Microsoft Purview Information Protection as excellent. It works well, and I think I faced challenges mainly with education and training.

I do not work with the API ecosystem provided by Microsoft Purview Information Protection closely enough to have a good answer to that.

I have seen a return on investment with Microsoft Purview Information Protection. This return on investment is evident in terms of standardization and being able to consolidate everything under essentially the Azure framework, so we are not trying to have different vendors and different offerings affecting different parts of our city government.

I do not have a lot of experience on the licensing side with Microsoft Purview Information Protection.

I was not part of the decision on what other solutions to consider before selecting Microsoft Purview Information Protection, so I do not know.

I would advise another organization considering using Microsoft Purview Information Protection to ensure that you are including ample training for your technical staff that are going to be supporting this, because I think at times that can be easily overlooked, and not through any fault of Microsoft, but through the fault of just not realizing that this is something new that you need to make sure your staff are trained adequately on it. I have rated this review a ten overall.

We utilize Microsoft Purview Information Protection for data loss prevention on Teams chat. If a user shares any sensitive data on Teams chat, we block the message using DLP policies created on Purview.

The most valuable feature of Microsoft Purview Information Protection is its ability to respond to sensitive data shared on Teams chat by deleting the message, not just monitoring or logging. The creation and implementation of DLP policies on the platform have been crucial for protecting data on Teams chat.

I would like the time it takes to update a DLP policy on an endpoint to be reduced. This improvement would positively impact the scalability of the solution.

We have been using Microsoft Purview Information Protection for about six months.

Microsoft Purview Information Protection is stable, and we have not encountered any problems.

Scalability is affected by the time it takes to update policies. Since policy updates take a lot of time, scalability can be improved by reducing these intervals.

We have not interacted with technical support for Information Protection because we have not faced any problems with Purview.

Neutral

We previously used on-prem DLP, but it could not support Teams chat for data leakage. This limitation led us to move to cloud DLP, and ultimately, we chose Microsoft Purview.

The initial setup of Microsoft Purview Information Protection was easy and smooth, primarily because it is cloud-based. I would rate it nine out of ten in terms of ease.

Our deployment team consisted of three people who managed the setup of Microsoft Purview Information Protection. For maintenance, we continue to have three people handling the Information Protection side.

I cannot provide information on pricing or setup costs as the sales aspect is managed by another team.

We evaluated several CASB solutions, including Symantec and Forcepoint, primarily for controlling Teams chat. However, we found Microsoft Purview easier to set up, which influenced our decision.

I have no additional suggestions for new users at this time. We rate Microsoft Purview Information Protection ten out of ten for its features and ease of use.

I am using multiple products from Microsoft to maintain a robust security posture. Integrating Microsoft Purview Information Protection is part of keeping our ecosystem consistent with other Microsoft products. I have implemented Microsoft Information Protection for data classification and data loss prevention, and I use it for governance and auditing.

Microsoft Purview Information Protection supports data classification, sensitivity labels, and data loss prevention. I have implemented it for governance and as a logging tool for audits. However, it does not support direct PDF labeling on Macs, which is an area where the tool can be improved. I have critical documents where I implemented this solution to encrypt and label data effectively, ensuring the data's security and proper ROI.

The most difficult part in the labeling solution is the lack of direct PDF support on Macs, whereas on Windows, a Purview agent can label PDFs. This should be improved to support PDF protection on Macs as well. Logging and auditing of SharePoint and other services need improvement. 

Additionally, during the initial setup, I found the lack of policy segregation at the sub-site level for DLP policies to be a challenge.

I have experience with Microsoft Purview Information Protection for approximately one year and five months, and two plus years with total Microsoft solutions.

The solution is stable overall. Once it is configured properly, it works fine. However, there are some drawbacks, which are common in such solutions.

I would rate the scalability of the solution at around seven out of ten.

My experience with the customer service and support of Microsoft is around five out of ten. The response time is slow, and they take multiple sessions for diagnosing issues.

Neutral

I have experience with Microsoft SharePoint and other Microsoft solutions. However, I do not have any experience in third-party classification solutions.

Setting up Microsoft Purview Information Protection had its challenges, particularly due to the lack of policy segregation at the sub-site level for DLP policies. Overall, it was manageable.

Microsoft Purview Information Protection helps label and encrypt critical documents like contracts, providing a proper return on investment in terms of security.

The pricing is not very high and is considered fine. Microsoft offers different licensing options. AIP Plan 2 is used for critical users. The AIP is included in the business standard license for cloud-based protection.

I recommend Microsoft Purview Information Protection for organizations using the Microsoft ecosystem. It complements Microsoft SharePoint, Microsoft Teams, and Outlook. 

Overall, I rate the solution at around eight out of ten. 

My previous project used Microsoft Purview Information Protection for end users and data discovery. It was a new implementation, and the customer was unsure how to proceed with Data Loss Prevention (DLP) due to new security policies. I discussed the requirements with the customer to understand where encryption was needed and what labels were required. After identifying these, I created data security labels and applied them to a small group of IT department users for testing. Once testing was complete, we rolled it out to a limited set of users from different departments and gathered feedback.

For example, HR needed a specific label for their data, accessible only to HR users. We then created and applied labels globally to all users. Initially, we didn't force label application or content-based detection; users applied labels based on judgment. Next, we implemented content-based detection by creating Sensitive Information Types (SITs) with keywords and regex patterns based on discussions with the data security team. We created four main labels: public, internal, confidential, and restricted. SITs were added to specific labels, like financial data for the restricted label and internal confidential data for the confidential label. The system would detect content and recommend labels but not force their application.

After applying labels to end users and achieving some maturity in the process, including fine-tuning and adding appropriate Sensitive Information Types (SITs), we moved on to existing data in on-premises file shares. This data volume was huge. We used the Azure Information Protection scanner, which is the scanner, to conduct a proof of concept. After the POC, we performed performance testing on the complex environment, which had many devices like antivirus, firewall, proxy, and network components. I had to ensure the scanning wouldn't impact the environment's performance.

We took a sample of about one terabyte of data for scanning, noting different timings during and off-production hours. This helped determine the best time for scanning and how long it would take to scan one terabyte of unstructured data. Once completed, we defined an approach to handle the full 375 terabytes of data that needed scanning and labeling where appropriate.

We calculated the number of servers needed for the scan, considering this wasn't just a one-time process. We also had to plan for ongoing scans of new files. After deciding on the approach, we began scanning the data. Once the scanning process started, we handed it over to the Business As Usual team for ongoing management.

I created training materials for end users on applying different labels, explaining their purposes, and providing examples. This was crucial since end users would apply the labels in different protection scenarios. The implementation helped the organization in several ways.

Firstly, it ensured compliance with regional laws and regulations by providing a solution to identify and label data appropriately. We now had a system to identify data and apply the right label, which was the main objective. Secondly, it educated end users about the data they were handling. When we gave label recommendations, users learned about the nature of their data and which labels to apply. This increased awareness among end users about the kind of data in their files and the appropriate labels.

Thirdly, it improved the overall data protection ecosystem. For example, it enhanced the effectiveness of our Data Loss Prevention (DLP) system. Instead of DLP starting from scratch, it could work with already classified data, making the process more efficient. We already knew what kind of data existed, which helped DLP work better.

The most valuable aspect of this product is its ability to protect data across boundaries. Currently, I think the most valuable feature is encryption across boundaries.

I had experience with previous versions of Microsoft Purview Information Protection as well. The new version doesn't have all the features that were present in the previous native clients and functionalities. For example, the ability to track documents - knowing where your document is, who is accessing it, when and where. You could even revoke access to a particular document if needed, which was a cool feature. These aren't available right now, although Microsoft is working on bringing them back, which might take some time. 

The tracking and revoking features from previous versions need to be brought back. Users should be able to track their documents' locations and revoke access when necessary.

The scanning functionality should extend beyond on-premises environments to include cloud storage. Since it's Microsoft Protection, it should cover all Microsoft cloud services like SharePoint and OneDrive. If scanning works on-premises, it should work equally well in the cloud.

Cloud functionality has limitations. For instance, the auto-labeling feature of Azure Information Protection can label 25,000 files per day, but it can't label existing data. This is impractical, as it's not feasible to create millions of new files just to have them labeled. These features seem incomplete or "half-cooked." 

The tool is  cloud-based SaaS. As such, they don't require much scalability on our end. The cloud infrastructure handles most of the scaling needs.

However, scalability becomes a concern when dealing with on-premises AIP scanners. For instance, scalability was crucial in my project, where I had to scan 375 terabytes of data. If there's a time constraint to scan a large amount of data within a specific number of months, I'd need to increase the number of servers. This allows for thorough scanning and label application within the given timeframe. 

From my perspective, Microsoft's support could be improved in every aspect. It's not enough to pick up a ticket from the queue and send an email saying they're working on it. They must work thoroughly and ensure that whoever picks up the ticket is trained and knowledgeable about the issue.

Microsoft seems to have many internal issues. Their support staff often aren't properly trained and don't know who the subject matter experts (SMEs) are. They're overwhelmed with tickets and often don't respond promptly. It's frustrating when a new person takes over the ticket each day due to shifts or leave, and I must repeatedly provide the same logs. I don't understand why they can't access the logs from the case history instead of asking me to submit them repeatedly.

The support staff often don't seem to understand how their product works. Poor communication exists between the first-level (L1) agents and the second-level (L2) or SME teams. The same issues extend to their product and engineering teams. 

Negative

The tool's initial deployment is pretty straightforward. It's simple enough that I could explain it to a kid step by step. This simplicity applies to implementing the MIP solution, setting up the AIP scanner for on-premises scanning, and creating labels on the portal. However, there are challenges with the Azure Information Protection auto-labeling functionality for cloud services. While it's a good tool, it has limitations. For example, when creating a policy, I have to run it in simulation mode, but I can't simulate more than one million files.

I can add SharePoint sites to the simulation, but if I add more than 50 sites, I have to redo the simulation, which isn't necessary. If my 50 SharePoint sites have more than one million files total, the simulation won't work, preventing any scanning. There are also issues with MDC. It can only label 100 files per day, which can be increased to 3000 with justification. It only supports XLSX, DOCX, and PPTX files, with a 30 MB file size limit. These limitations make the tools less useful than they could be. It feels like they're giving us a tool, but it's half-cooked and doesn't make sense in practical use.

The tool's pricing is not a problem for customers because they often purchase it as part of a bundle. With an E5 license, for example, users get access to the entire functionality. This is one of the main reasons why many customers are choosing Microsoft.

This pricing model is different from other tools in the market. For instance, with Varonis, you have to pay separately for different models like data privilege, data advantage, data transport, and data classification. Varonis, being a data governance tool, requires you to onboard all your servers for file share governance. They have limitations on the number of servers you can have, and if you exceed that limit, you have to pay extra. There are also limits on data transfer volumes, with additional charges for exceeding those limits.

Considering all these factors, Microsoft's approach of offering everything in one suite with a per-user charge is appealing to many customers. 

I rate the overall solution an eight out of ten.