Microsoft Purview Information Protection Reviews

We utilize Microsoft Purview Information Protection for data loss prevention on Teams chat. If a user shares any sensitive data on Teams chat, we block the message using DLP policies created on Purview.

The most valuable feature of Microsoft Purview Information Protection is its ability to respond to sensitive data shared on Teams chat by deleting the message, not just monitoring or logging. The creation and implementation of DLP policies on the platform have been crucial for protecting data on Teams chat.

I would like the time it takes to update a DLP policy on an endpoint to be reduced. This improvement would positively impact the scalability of the solution.

We have been using Microsoft Purview Information Protection for about six months.

Microsoft Purview Information Protection is stable, and we have not encountered any problems.

Scalability is affected by the time it takes to update policies. Since policy updates take a lot of time, scalability can be improved by reducing these intervals.

We have not interacted with technical support for Information Protection because we have not faced any problems with Purview.

Neutral

We previously used on-prem DLP, but it could not support Teams chat for data leakage. This limitation led us to move to cloud DLP, and ultimately, we chose Microsoft Purview.

The initial setup of Microsoft Purview Information Protection was easy and smooth, primarily because it is cloud-based. I would rate it nine out of ten in terms of ease.

Our deployment team consisted of three people who managed the setup of Microsoft Purview Information Protection. For maintenance, we continue to have three people handling the Information Protection side.

I cannot provide information on pricing or setup costs as the sales aspect is managed by another team.

We evaluated several CASB solutions, including Symantec and Forcepoint, primarily for controlling Teams chat. However, we found Microsoft Purview easier to set up, which influenced our decision.

I have no additional suggestions for new users at this time. We rate Microsoft Purview Information Protection ten out of ten for its features and ease of use.

I am using multiple products from Microsoft to maintain a robust security posture. Integrating Microsoft Purview Information Protection is part of keeping our ecosystem consistent with other Microsoft products. I have implemented Microsoft Information Protection for data classification and data loss prevention, and I use it for governance and auditing.

Microsoft Purview Information Protection supports data classification, sensitivity labels, and data loss prevention. I have implemented it for governance and as a logging tool for audits. However, it does not support direct PDF labeling on Macs, which is an area where the tool can be improved. I have critical documents where I implemented this solution to encrypt and label data effectively, ensuring the data's security and proper ROI.

The most difficult part in the labeling solution is the lack of direct PDF support on Macs, whereas on Windows, a Purview agent can label PDFs. This should be improved to support PDF protection on Macs as well. Logging and auditing of SharePoint and other services need improvement. 

Additionally, during the initial setup, I found the lack of policy segregation at the sub-site level for DLP policies to be a challenge.

I have experience with Microsoft Purview Information Protection for approximately one year and five months, and two plus years with total Microsoft solutions.

The solution is stable overall. Once it is configured properly, it works fine. However, there are some drawbacks, which are common in such solutions.

I would rate the scalability of the solution at around seven out of ten.

My experience with the customer service and support of Microsoft is around five out of ten. The response time is slow, and they take multiple sessions for diagnosing issues.

Neutral

I have experience with Microsoft SharePoint and other Microsoft solutions. However, I do not have any experience in third-party classification solutions.

Setting up Microsoft Purview Information Protection had its challenges, particularly due to the lack of policy segregation at the sub-site level for DLP policies. Overall, it was manageable.

Microsoft Purview Information Protection helps label and encrypt critical documents like contracts, providing a proper return on investment in terms of security.

The pricing is not very high and is considered fine. Microsoft offers different licensing options. AIP Plan 2 is used for critical users. The AIP is included in the business standard license for cloud-based protection.

I recommend Microsoft Purview Information Protection for organizations using the Microsoft ecosystem. It complements Microsoft SharePoint, Microsoft Teams, and Outlook. 

Overall, I rate the solution at around eight out of ten. 

I have several different clients in various industries, particularly in HR and finance departments. They wanted to lock down and protect their documentation to ensure it does not end up outside their tenant.

For a small company, having Microsoft Purview Information Protection gives us kudos in the community. We offer services that competitors do not, which provides us with a competitive edge by staying on top of Microsoft's new releases.

The features my clients request most are sensitivity labels and data loss prevention. Additionally, I am trying to interest them in risk management and insider risk management, although those features are considered more advanced. 

Purview Information Protection integrates with the productivity and security tools we use regularly. It's paramount to have a single solution for information protection. It makes things easier to manage from one place, and the Purview portal gives you everything in one pane of glass. We're talking about the security of our content and lifecycle management. It's crucial to our effective operations.

We don't have any medical clients, but Purview has been extremely helpful in enforcing compliance standards for the industries I serve. 

There should be more training and communication regarding new features. I may be missing those communications, but it often seems like changes happen in the Purview portal without notice. Having a roadmap or updates about new releases would be helpful for demonstrating to clients. If things are constantly changing, I sometimes look silly when I log in, and things have moved or changed.

Purview's data classification abilities could be more comprehensive. Purview is designed for Microsoft items like Word and Excel, but they're broadening the scope a little. Our clients use many file types. Being able to apply protections to those would be helpful because they're essential information for our clients.

I've been using it for the past year and a half, going on two years.

I think Purview is incredibly stable. Once implemented, I haven't had issues with its consistency.

If you know what you're doing, Purview is easy to scale, especially once the groundwork for information protection and sensitivity labeling is set. It can be scaled across different departments organization-wide very quickly and easily.

I rate Microsoft six out of 10. Microsoft customer service is hit or miss. Sometimes, I get a fast and knowledgeable response, while other times, I've experienced delays and received no resolution.

Neutral

Before it became Purview, we dipped our toes into other Microsoft solutions.

The initial setup was tentative and difficult, but over time, with more feature releases and updates to the user experience, it has become easier.

We did not use an integrator, reseller, or consultant for the implementation process.

I cannot know how much time we've saved by preventing data loss, leaks, or exfiltration. These things are outside the grasp of my company. Sometimes, I get an angry phone call asking why something was shared. We're preventing a lot of that, but it's hard to quantify.   

Purview has saved money, but it's hard to say how much. The cost of data loss and your data going to a competitor is potentially massive. We're protecting our client's business, and they're paying us to protect them. It has saved us money and made us lots of money as well. The most significant ROI is the peace of mind from knowing sensitive information is not leaking out. 

The pricing and setup costs are transferred to my clients, who find it affordable and are satisfied with what they receive.

I rate Microsoft Purview Information Protection nine out of 10. It is a very cool and powerful technology. However, there's a societal lag in data protection, but I'm excited about Purview's potential.

Our managed services provider performs assessments, maintenance, and checks. We also offer a SOC to customers who do not have a budget for a dedicated security engineer.

Microsoft Purview Information Protection is used for both internal needs and for our customers to help them implement data loss prevention and conduct compliance assessments. With the deployment of Copilot, we use it as a tool to ensure proper data governance and to prevent unauthorized access to data.

Purview simplifies and consolidates security products. We implement other products from CrowdStrike and SecureWorks. However, it's better for Microsoft customers because they're already paying for the enterprise license, so they save some costs by leveraging that. 

A single solution for information protection is crucial because the Holy Grail of security management is the single pane of glass. With all the indicators in one place, you avoid false positives, which means that it requires a low level of attention. The operator won't believe it's an actual attack if you have too many false positives. Copilot For Security also prevents this kind of false alarm and provides a way to automate many things. 

Purview saves customers time by offering them a quick way to assess a situation and insights into how to improve. It also helps to save customers money because consulting engagements are based on the consultants' time with the customer. 

The reporting capabilities of Microsoft Purview are crucial. They provide insights into potentially non-compliant situations and suggest ways to rectify them. The solution helps to automate many tasks, allowing human operators to focus on areas where they offer the most value.

Microsoft Copilot is an advantage because it's enterprise-grade AI. Customers can't use a generic AI and risk having their IP disseminated in the general public version of the AI engine.

Purview's data classification features are excellent for Microsoft shops using SharePoint, OneDrive, and Microsoft 365. It's a great tool to assess everything. It's more complicated if the customers are using third-party tools. 

Purview could better integrate with third-party tools, but I don't have a specific use case for that because It's currently integrated into the managed services we offer to Microsoft customers using E5 licenses.   

We have been using Microsoft Purview for the last two to three years. We started using it when it was called Azure Purview.

The concept of stability is somewhat ambiguous, as Microsoft continually upgrades the product as part of its SaaS model.

The product is scalable, and we do not face issues concerning scalability for the customer size with which we work.

We generally receive good support from Microsoft for this solution.

Positive

We offer solutions based on SecureWorks and CrowdStrike. The choice depends on customer requirements and existing licensing agreements. We have no preference. It depends on the customer's case and history. If they have already chosen CrowdStrike or SecureWorks, we can deliver our services with any of those. 

The setup is straightforward out of the box, but requires attention to adjusting certain settings for optimal performance.

Customers have seen a return on investment through quicker issue detection and cost savings due to automation.

As a service provider, we do not handle licensing directly. Our focus is on helping customers maximize their software investment. If the customer already has an E5 agreement, we help them get the most out of it. 

I rate Microsoft Purview nine out of 10. It's an excellent solution for a Microsoft-centric environment. The importance of using enterprise-grade AI to ensure data protection cannot be overstated.

My main use cases involve being able to control user permissions within Teams primarily, as I am not really as much on the Office side of things, just more on the collaboration side.

The features I like the most about Microsoft Purview Information Protection include the ability to set different retention policies. These features have benefited my organization by being crucial in maintaining taxpayer anonymity when communicating with government employees.

In the context of the AI boom, the importance of Microsoft Purview Information Protection automatically preventing high-sensitive corporate secrets and PII data from being ingested into generative AI models is crucial and critical in government and public health.

I do not have any suggestions for improvement of Microsoft Purview Information Protection at this point since I am still learning.

I have been using Microsoft Purview Information Protection for about a year.

I would assess the stability and reliability of Microsoft Purview Information Protection as excellent. To my knowledge, I have not experienced any downtime, crashes, or performance issues with Purview.

I think Microsoft Purview Information Protection scales excellently with the growing needs of my organization, and it is very appropriate. I have expanded usage, and I would say the process was seamless when I was expanding usage.

I would evaluate my customer service and technical support experience as excellent.

On a scale from one being the worst and ten being the best, I would rate my customer service and technical support as a nine.

Positive

I am not aware of any solutions used prior to adopting Microsoft Purview Information Protection to address similar needs.

I would describe my experience with deploying Microsoft Purview Information Protection as excellent. It works well, and I think I faced challenges mainly with education and training.

I do not work with the API ecosystem provided by Microsoft Purview Information Protection closely enough to have a good answer to that.

I have seen a return on investment with Microsoft Purview Information Protection. This return on investment is evident in terms of standardization and being able to consolidate everything under essentially the Azure framework, so we are not trying to have different vendors and different offerings affecting different parts of our city government.

I do not have a lot of experience on the licensing side with Microsoft Purview Information Protection.

I was not part of the decision on what other solutions to consider before selecting Microsoft Purview Information Protection, so I do not know.

I would advise another organization considering using Microsoft Purview Information Protection to ensure that you are including ample training for your technical staff that are going to be supporting this, because I think at times that can be easily overlooked, and not through any fault of Microsoft, but through the fault of just not realizing that this is something new that you need to make sure your staff are trained adequately on it. I have rated this review a ten overall.

My previous project used Microsoft Purview Information Protection for end users and data discovery. It was a new implementation, and the customer was unsure how to proceed with Data Loss Prevention (DLP) due to new security policies. I discussed the requirements with the customer to understand where encryption was needed and what labels were required. After identifying these, I created data security labels and applied them to a small group of IT department users for testing. Once testing was complete, we rolled it out to a limited set of users from different departments and gathered feedback.

For example, HR needed a specific label for their data, accessible only to HR users. We then created and applied labels globally to all users. Initially, we didn't force label application or content-based detection; users applied labels based on judgment. Next, we implemented content-based detection by creating Sensitive Information Types (SITs) with keywords and regex patterns based on discussions with the data security team. We created four main labels: public, internal, confidential, and restricted. SITs were added to specific labels, like financial data for the restricted label and internal confidential data for the confidential label. The system would detect content and recommend labels but not force their application.

After applying labels to end users and achieving some maturity in the process, including fine-tuning and adding appropriate Sensitive Information Types (SITs), we moved on to existing data in on-premises file shares. This data volume was huge. We used the Azure Information Protection scanner, which is the scanner, to conduct a proof of concept. After the POC, we performed performance testing on the complex environment, which had many devices like antivirus, firewall, proxy, and network components. I had to ensure the scanning wouldn't impact the environment's performance.

We took a sample of about one terabyte of data for scanning, noting different timings during and off-production hours. This helped determine the best time for scanning and how long it would take to scan one terabyte of unstructured data. Once completed, we defined an approach to handle the full 375 terabytes of data that needed scanning and labeling where appropriate.

We calculated the number of servers needed for the scan, considering this wasn't just a one-time process. We also had to plan for ongoing scans of new files. After deciding on the approach, we began scanning the data. Once the scanning process started, we handed it over to the Business As Usual team for ongoing management.

I created training materials for end users on applying different labels, explaining their purposes, and providing examples. This was crucial since end users would apply the labels in different protection scenarios. The implementation helped the organization in several ways.

Firstly, it ensured compliance with regional laws and regulations by providing a solution to identify and label data appropriately. We now had a system to identify data and apply the right label, which was the main objective. Secondly, it educated end users about the data they were handling. When we gave label recommendations, users learned about the nature of their data and which labels to apply. This increased awareness among end users about the kind of data in their files and the appropriate labels.

Thirdly, it improved the overall data protection ecosystem. For example, it enhanced the effectiveness of our Data Loss Prevention (DLP) system. Instead of DLP starting from scratch, it could work with already classified data, making the process more efficient. We already knew what kind of data existed, which helped DLP work better.

The most valuable aspect of this product is its ability to protect data across boundaries. Currently, I think the most valuable feature is encryption across boundaries.

I had experience with previous versions of Microsoft Purview Information Protection as well. The new version doesn't have all the features that were present in the previous native clients and functionalities. For example, the ability to track documents - knowing where your document is, who is accessing it, when and where. You could even revoke access to a particular document if needed, which was a cool feature. These aren't available right now, although Microsoft is working on bringing them back, which might take some time. 

The tracking and revoking features from previous versions need to be brought back. Users should be able to track their documents' locations and revoke access when necessary.

The scanning functionality should extend beyond on-premises environments to include cloud storage. Since it's Microsoft Protection, it should cover all Microsoft cloud services like SharePoint and OneDrive. If scanning works on-premises, it should work equally well in the cloud.

Cloud functionality has limitations. For instance, the auto-labeling feature of Azure Information Protection can label 25,000 files per day, but it can't label existing data. This is impractical, as it's not feasible to create millions of new files just to have them labeled. These features seem incomplete or "half-cooked." 

The tool is  cloud-based SaaS. As such, they don't require much scalability on our end. The cloud infrastructure handles most of the scaling needs.

However, scalability becomes a concern when dealing with on-premises AIP scanners. For instance, scalability was crucial in my project, where I had to scan 375 terabytes of data. If there's a time constraint to scan a large amount of data within a specific number of months, I'd need to increase the number of servers. This allows for thorough scanning and label application within the given timeframe. 

From my perspective, Microsoft's support could be improved in every aspect. It's not enough to pick up a ticket from the queue and send an email saying they're working on it. They must work thoroughly and ensure that whoever picks up the ticket is trained and knowledgeable about the issue.

Microsoft seems to have many internal issues. Their support staff often aren't properly trained and don't know who the subject matter experts (SMEs) are. They're overwhelmed with tickets and often don't respond promptly. It's frustrating when a new person takes over the ticket each day due to shifts or leave, and I must repeatedly provide the same logs. I don't understand why they can't access the logs from the case history instead of asking me to submit them repeatedly.

The support staff often don't seem to understand how their product works. Poor communication exists between the first-level (L1) agents and the second-level (L2) or SME teams. The same issues extend to their product and engineering teams. 

Negative

The tool's initial deployment is pretty straightforward. It's simple enough that I could explain it to a kid step by step. This simplicity applies to implementing the MIP solution, setting up the AIP scanner for on-premises scanning, and creating labels on the portal. However, there are challenges with the Azure Information Protection auto-labeling functionality for cloud services. While it's a good tool, it has limitations. For example, when creating a policy, I have to run it in simulation mode, but I can't simulate more than one million files.

I can add SharePoint sites to the simulation, but if I add more than 50 sites, I have to redo the simulation, which isn't necessary. If my 50 SharePoint sites have more than one million files total, the simulation won't work, preventing any scanning. There are also issues with MDC. It can only label 100 files per day, which can be increased to 3000 with justification. It only supports XLSX, DOCX, and PPTX files, with a 30 MB file size limit. These limitations make the tools less useful than they could be. It feels like they're giving us a tool, but it's half-cooked and doesn't make sense in practical use.

The tool's pricing is not a problem for customers because they often purchase it as part of a bundle. With an E5 license, for example, users get access to the entire functionality. This is one of the main reasons why many customers are choosing Microsoft.

This pricing model is different from other tools in the market. For instance, with Varonis, you have to pay separately for different models like data privilege, data advantage, data transport, and data classification. Varonis, being a data governance tool, requires you to onboard all your servers for file share governance. They have limitations on the number of servers you can have, and if you exceed that limit, you have to pay extra. There are also limits on data transfer volumes, with additional charges for exceeding those limits.

Considering all these factors, Microsoft's approach of offering everything in one suite with a per-user charge is appealing to many customers. 

I rate the overall solution an eight out of ten. 

We use the solution for our customers' services. It helps identify and protect sensitive data in documents, PDFs, emails, and Teams chats to prevent data leakage. It can detect and block emails containing credit card information sent outside the organization.

Microsoft Purview IInformation Protection works well with Microsoft products and cloud-based systems like SharePoint Online and Microsoft 365. However, it has limitations with on-premises systems like NAS or SAN storage, where performance can degrade.

The tool allows for classifying and labeling documents as confidential or restricted. It can automatically tag documents based on keywords, like labeling a document with "contract" or "accounts payable" as a finance document. This helps with retention policies. The solution doesn't support classifying video and audio files yet, but I believe that's planned for the future. 

The solution helps manage documents, especially document lifecycle management with Word documents and SharePoint Online. It auto-upgrades its versions.

The product helps gain extra storage space by identifying documents that can be deleted after classification. It also helps with regulatory compliance like privacy acts.

I wouldn't recommend Microsoft Purview Information Protection for petabytes of documents as performance might be affected.

I have been using the product for a year. 

There were no glitches with the solution, but processing large volumes of documents took longer.

No installation is needed as it's a cloud service you are onboard with. Microsoft provides detailed user guides for configuration, which makes it moderately easy to set up.

The tool's pricing is fairly low, less than 100,000 for a year.

Copilot is an inbuilt feature that can automatically summarize Teams meetings. If using Microsoft products online, I'd rate the product an eight or nine out of ten. I'd give it a six or seven out of ten for a mix of features or non-Microsoft products on-premises. Overall, I'll go with a seven out of ten rating for the solution.

I use Microsoft Purview Information Protection to ensure the secure management and protection of my organization's data. It allows me to automate governance processes, safeguard sensitive information, and exert control over email and document security.

When implementing Microsoft Purview Information Protection, I aimed to automatically classify sensitive data and ensure its protection. The goal was to streamline the process of identifying and securing sensitive information to enhance overall data security measures.

Microsoft Purview Information Protection has significantly improved our company by ensuring data security across all locations. I no longer worry about the safety of my data, especially sensitive information. Whether it is critical or not, the system reliably protects our information without any concerns.

It has saved us time overall. We are looking at a time savings of around two to three hours a day. It also helped us save money, especially considering the high cost associated with data. Ensuring that our data is secure and not at risk has translated into significant internal cost savings.

The most valuable features are its automatic protection and access control for assets like documents. It ensures that sensitive data is automatically safeguarded, even for email attachments, regardless of the user or device. 

This feature not only encrypts email content but extends protection to data viewing, contributing significantly to overall data security.

Microsoft Purview Information Protection can improve in terms of scan concurrency and scan processing time. Currently, the default limit for scans is a bit restrictive, and reducing the time it takes for scans would enhance overall efficiency.

I have been working with Microsoft Purview Information Protection for two years.

Microsoft Purview Information Protection is a scalable solution. We have approximately 1,500 end users at our company.

I would rate Microsoft's technical support as an eight out of ten.

Positive

The initial setup of Microsoft Purview Information Protection was easy and took only two days. The implementation strategy focused on ensuring coverage across my entire landscape. Deployment requires just one person, and ongoing maintenance is not needed.

I find Microsoft Purview's data classification capabilities comprehensive. It efficiently identifies specific types within broad categories of sensitive information. With this solution, I don't need additional tools for secure data storage. It empowers users to control access, classify data, and integrate sensitivity levels seamlessly, contributing to effective data management.

Microsoft Purview helps me comply with standards like GDPR and HIPAA by ensuring it follows all the required guidelines and standards. It provides a straightforward solution for meeting industry-specific compliance requirements.

It is crucial to me that Microsoft Purview automatically prevents highly sensitive corporate and PII data from being used in generative AI models. This feature ensures effective discovery, protection, and governance of sensitive information. The added layer of data security and access control authorization further enhances our overall data protection measures.

Microsoft Purview seamlessly integrates with our productivity and security tools. The extensive API integrations make it easy to connect with various solutions, eliminating the need for multiple information protection tools.

Having a single solution for information protection is crucial to our operations. It aligns with our goal of a unified approach, promoting efficiency and ensuring comprehensive data security across all aspects of our operations.

Microsoft Purview secures all our platforms, like SharePoint and file shares, without the need for multiple solutions. It is hassle-free and comprehensive.

Having a single vendor for data protection eliminates the need for duplicating procurement, onboarding, and training activities with multiple security vendors.

I would highly recommend using Microsoft Purview Information Protection. It effectively controls and classifies sensitive information, providing robust protection for our documents and emails. It is a valuable solution for enhancing data security. Overall, I would rate the solution as an eight out of ten.