Microsoft Purview Data Governance Reviews

I am a system integrator for Microsoft Purview. I have assessed some customers who already have Microsoft Purview because of their E5 license. However, they are not aware of Purview's capabilities. Purview is a relatively new product that provides an end-to-end data security lifecycle solution. It allows us to review our data with a data governance solution, classify it, protect it, and prevent data breaches. I have worked on almost all aspects of Purview.

We have assessed some customers and provided them with use cases such as using Purview to protect confidential data recovery. This allows them to manage their own workflow for vendors on a contractual basis. We have multiple use cases for Purview.

Purview's natively integrated compliance across Azure Dynamics and Office 365 is important. Microsoft has the advantage of being able to connect other solutions in its suite more easily, and this makes Purview a very good choice. With the exception of OCR in Teams, Purview works very smoothly. If we want to protect something in an email, Purview will prompt us immediately if we have configured it to do so. This is very convenient, and Purview does not use more system resources than expected. Another advantage of using Purview is that it is Microsoft's own product, so Microsoft can customize it to its own needs and ensure that it does not impact system performance.

It is important that Purview was built taking into account critical regulations from around the world. Purview is important because businesses are increasingly operating globally, and data is moving between different regions and countries. Purview is up to date with respect to different regional, national, and state privacy laws. I have found Purview to be a great solution, but it is not yet operating as well as it could. Microsoft is working hard to address this issue, and they are publishing new privacy acts to Purview on a regular basis.

How we use Purview data loss protection to educate users on how to handle sensitive data is we deploy Purview in the organization, categorize the data by region or department, perform data flow analysis to understand how the data is used and shared, classify the data as low, medium, or high risk based on the daily digital annual loss, We protect the data using Microsoft DLP, We publish videos on SharePoint to educate users about data classification and labeling, and we enable users to self-educate by providing them with access to documentation and training resources.

Purview is valuable because it is the only end-to-end data lifecycle management solution that provides data governance, classification, and protection.

Purview helps to reduce the number of solutions we need to interact with.

The reduction of the number of solutions we now need to interact with has simplified our data governance. 

I am satisfied with the visibility that Purview provides. Even without configuring anything, we can see many insights, but we do not get the exact details unless we configure Purview accordingly.

It provides a real-time compliance score for all our devices connected with Identity Access Management and Defender.

Purview helps us save time by publishing the policies quickly and collecting information in real time.

Purview helps us stay compliant. I have not encountered another solution that provides end-to-end licensing.

One of the valuable features of Microsoft Purview Information Protection, formerly known as Azure Information Protection or Microsoft Information Protection is data classification and data governance. MIP provides a unified labeling client that allows users to apply sensitivity labels to documents and emails in Microsoft Office files without the need for extra plugins or agents. MIP also provides strong information rights management settings, such as the ability to specify who has access to content and at what time.

Microsoft Purview's ability to deliver data protection across multi-cloud and multi-platform environments is important, but there are some limitations. For example, if we have our own cloud solution, Purview cannot currently protect it. However, we can integrate Purview with other OEMs, such as Forcepoint, McAfee, or Symantec, to provide DLP functionality for our CASB. Additionally, Purview cannot protect cloud platforms that are part of a shared domain, such as our own website, unless they are part of the public domain. Purview needs to add DLP support.

One of the things I would like to recommend is that Purview doesn't have the option to push policies or updates in real-time. Instead, it is based on the last five-bit communication. We cannot make any changes to this. It is based on the device when it is communicating with the server. If I want to do this forcefully from the server, if I want to send a wake-up call to all or selected agents throughout the organization, Purview does not have this capability in the GUI.

The reporting functionality needs to be improved. I have found that the solution is not satisfactory for reporting. We have to use Power BI to generate the overall profit, but this requires a lot of configuration. In another solution, we can easily achieve the same reporting functionality.

Purview does not have OCR functionality or network web. Therefore, OCR functionality is not included. OCR is available for Teams, but it does not work as expected. For example, it does not work well for systems that deliver to the recipient database, which could cause problems if it does not match our rules.

Purview has limitations connecting to Android devices and SaaS devices.

While Purview's data connector platform can ingest information from non-Microsoft data sources, it is slow to do so and the information may become outdated.

I would rate Purview's data loss prevention for remediating violations a six out of ten. The reason is that Purview does not have an option for endpoint discarding. In contrast, Forcepoint and Trellix are more mature DLP solutions that offer endpoint discarding. This allows us to scan endpoints for sensitive data, take a replica of that data, and store it in a safe location. We can also encrypt the data on the endpoint. Microsoft Purview DLP does not offer this functionality. It is only available for Teams and email.

I have been using Microsoft Purview for one and a half years.

Some features of Purview are stable, while others are not. MIP is very stable. DLP is constantly being updated, so some of its options may be unstable. The only stable portion of DLP is the database checking management.

Purview is in the cloud, so it is scalable. However, Microsoft sometimes makes it confusing by adding add-on features that we are forced to add and which will cost us to move. For example, there are options for endpoints four and six, but to use these, we have to add block storage, which will cost more. We should only have the option to configure everything in one console. This is because humans sometimes need to go to the Azure team and ask for access if they do not have Azure. Alternatively, the Azure admin team has to do this on their behalf. This is something that Microsoft can think about.

The customer support is the worst. When we were raising the case, the support was literally asking us how to resolve the issue. So I was really confused about what kind of support this was. We were seeking support, and apparently so were they. One of the customer support people had just provided us with dates but was not working on resolving the issue. I don't know why.

Negative

I have also used McAfee, Symantec, and Forcepoint for our data security. These solutions all offer endpoint discarding, which Purview does not. This gives us the option to replicate and save a copy in another place. Endpoint discarding is granular, and we can save reports in real time and connect to endpoints in real-time. We can also bypass the endpoint, which we cannot do with Purview. McAfee does not have to be built in, while Symantec does. 

The pros of Purview are utilization and performance. It is a lightweight solution that does not impact system utilization. This is important. Microsoft is a one-stop shop for data classification and DLP, so we may not need to worry about integrating with different vendors. We have MIP, and then DLP if we have exposure from DLP. Of course, it is possible to integrate with the help of APIs, but there is a risk that Microsoft may decide not to integrate with Forcepoint or Symantec in the future. This is something customers should think about. In that case, for customers with an E5 license, Purview would be the best choice because they can utilize all the Microsoft products and save costs. This strategy will also improve their security posture.

The initial setup is straightforward. Just plug in our internet credentials. That's it! No need to worry about the server, its utilization, configuration, or architecture. It's very easy to use, and we don't have to worry about disaster recovery or data centers. In a way, it's really helpful and cost-effective. Microsoft is taking care of everything on a pay-as-you-go basis.

The number of people required for deployment depends on the number of end users and departments. For example, an organization with 15,000 end users, 40 departments, and some generic requirements can deploy the solution using one L3, one L2, and two L1 people.

The fact that our organization continues to use Purview indicates that it provides some sort of return on investment.

We pay $15,000 per end user for the E5 license.

I would rate Microsoft Purview seven out of ten.

According to Gartner, Microsoft DLP is one of the top ten DLP solutions, but the top three are Trellix, Symantec, and Forcepoint. I prefer Forcepoint.

The maintenance is easy to complete.

I highly recommend that an organization use an E5 license if they are going with Microsoft because this will give them everything they need, including technical management, governance, and data management.

We are integrating Purview with Copilot. We are creating prompts in Copilot for whatever we require from Purview. There are multiple scenarios where we create something in Purview: eDiscovery, auditing, labels, and data loss protection alerts. It is something like the parent application for the data loss alerts.

The major benefit is the workflow inside Purview. While creating policies, we can add an organization's security groups and, for those particular users, we can control the user data or exfiltration. We can control the workflow of those users. If we want to exclude a particular channel that they use to communicate about sensitive data, we don't need to monitor it. We can just exclude it. That means we can include or exclude every individual step in their workflow. Based on our customers' requirements, because there are a lot of features in Purview, we can easily include, exclude, enable, or disable things. That is the major advantage of Purview.

Also, it has reduced false-positive alerts for data loss protection. Why? Because the policies or detection patterns are based on the normal or generic concepts that apply within each organization. Each will have its own set of policies. And that generates fewer alerts. An organization can have particular data monitored, and that can be changed from organization to organization. As a result, there is a lower chance of false-positive scenarios.

My favorite features are eDiscovery and insider risk management, because these are the major threats to an organization that can't be easily traced.

Also, there are multiple rules within Purview related to cloud applications. Purview's major focus is on Microsoft Azure and its Microsoft cloud-related applications, such as Exchange, OneDrive, SharePoint, et cetera. They have created a set of rules and added workflows to the policies as well. That means we can directly add those particular cloud workflows to the policies. Alerts can be triggered and workflows implemented based on the rules that we set while creating a policy inside Purview.

We also use Copilot, the next generation of ChatGPT. If you ask it: "According to Purview, what were the DLP alerts that were generating today?" it will take just five seconds to generate the data—whatever is available in the backend of Purview. Copilot is integrated with Purview. If a person is using Purview but doesn't have any idea how to operate it—meaning they don't know how to search for alerts—they can easily ask Copilot. They can create a prompt. That way, a non-technical person can get the data.

Also, all the required security products are integrated with Purview, including endpoint DLP.

I would like to see them simplify advanced hunting. There are differences when looking at an incident in the M365 portal versus Purview, and the main one is the advanced hunting. In the M365 portal, you can write KQL queries and fetch data. If that was available in Purview, it would be very good.

Another issue is that for incidents, only DLP alerts are available in Purview, not the incidents themselves. An incident consists of multiple categories of alerts belonging to multiple products. But in Purview, we can only see DLP alerts, yet those alerts could be part of an incident in the incident portal. We are not able to see if a particular alert ID is part of a given incident.

For example, if an exfiltration happens, the exfiltration-related alert will only be triggered inside of Purview. But it's possible that before the exfiltration, there was a kill chain there, such as initial access, privilege escalation, a user being compromised, or a brute-force attack. Those types of alerts are not available inside Purview. They are covered in other Microsoft products. All those products' alerts will combine into one case and generate an incident as a single story. But in Purview, the incident is not available.

I have been using Microsoft Purview since it was introduced. I am part of our Purview team.

With Purview itself, I have not faced any issues, but there have been some with Copilot.

The scalability of Purview is eight to nine out of 10.

The price is a little bit high, but it's worth the money because it has a lot of features. And there will be more features in the future.

My advice is that you need to understand the architecture of Purview first. Play with it and go through the data loss policies. Whoever is using Purview should have some idea about data loss protection policies. If you have these things, you can easily do things in Purview, such as labeling and IRM.

There is no maintenance. As a user, you just see the alerts, while the protection is taken care of by the Microsoft team.

As a consultant, I work with clients to sell the idea of data governance. In doing so, we do POCs, proof of concepts, and MVPs, which are minimal, viable products. 

For Microsoft Purview, most of the time, it's also associated with other products -whether it's ADS, Synapse, Key Vault, Databricks, storage accounts, Kubernetes, et cetera. 

I also worked on a project to integrate it with processing. I created a data governance accelerator combined into two products, including Synapse, and we sell that to customers.

The data catalog, the data lineage, the data glossary, and the classification are the key features I appreciate, along with the tight security, and role-based security.

There are two flavors of Purview. There's the compliance, which it does the security and all that. And then there's the Microsoft side, which is the data side. I primarily work on the data side. 

I like that Purview can connect to IOS, Mac, Android, and other SaaS apps.

Its data connector platform for supporting ingestion from non-Microsoft data sources works really well. We can use it either through a self-hosted integration runtime or on a VM. Or it can capture data from just about anywhere. There are about 100+ connectors. It's great.

Its natively integrated compliance across Azure Dynamics is a game changer. Back in the day, we never had anything like that. It provides self-service. It provides easy look-up and glossary terms. It also requires a new role called the data steward which we never had before.

It was built to take into account critical regulations from around the world. Now it's no longer something that's nice to have - it's necessary.

Purview helped to reduce the number of solutions we need to interact with each other. If you were to do this custom, it'd be very difficult. It's so easy to use and stand up and configure. There are some configuration requirements that are not self-explanatory. It takes some research; however, we already figured out all those things.

Purview affected the visibility we have into our estate. Now we have a complete ecosystem of where the data is, and it's a lineage. It's a game-changer.

I've used AI and automation in Purview. That's what the scans are. It uses AI to determine the classification. It's built-in. It's under the hood. People don't see it.

Our speed and accuracy of risk detection are good. From a compliance perspective, it helps identify sensitive information by classification. 

The product has helped us save both time and money. From a time perspective, there's an initial upfront cost to stand it up and configure it. However, once it's running, there's very little to do. So there's a one-time hit up front for the implementation in configuration, yet downstream, there's significant time reduction.

Money-wise, it's the same thing. You're only charged for when you run the scan since the storage is minimal. So there are ways to reduce cost, and that is by running it less frequently. Also, there's a whole bunch of out-of-the-box classifications that aren't required. There are ways to increase your cost reduction. Of course, that is not self-explanatory. You have to work with it for a while to know that.

The one thing it doesn't do is data quality. That's its only pitfall. The problem is people think it does. So either they're not marketing it right, or, eventually, it's on the road map, and they haven't got to that part yet.

In order to get data in and out, you have to use custom code using Python. That's an inconvenience, and almost every customer wants that feature. For example, let's say I run some scans on some data, and then that data goes away. This issue is Purview still shows it. There's no easy way to clean up your orphan data. That's a problem.

I've used the solution since 2015.

The stability is very good. Microsoft is solid on the cloud. 

The scalability is quite nice. 

They just changed their model so that you're only allowed one Purview per tenant. So you either get the free one, which is limited, or you purchase the enterprise one, which costs money. However, you only get one per tenant. That's a change they made within the last two months. You can't have three Purviews in the same tenant anymore. That change required a redesign of how people implement it. That said, they are offering it for free. 

I've worked for Microsoft to help a client who was having difficulty. I documented it. We had a backlog where other people were experiencing the same problems. You can reach out via phone or email. 

I did not previously use a different solution.

I was involved with the initial setup. I also can configure it. There is quite a bit of configuration required as you need it to speak with other resources. 

The initial installation is pretty easy. It is like any install on Azure. You just enter a few parameters, and it builds it. Then, if you want to start adding resources, there's a bit of configuration. It only takes about ten minutes. However, you have to know which settings you have to add. 

Only one person is needed to deploy the solution. 

Once it is up, there is very little maintenance going forward.

The cost is pay-as-you-go. It provides easy ramp-up and very little maintenance down the road. If you want to shut it down, you just delete it. It's easy to use, easy to configure, and the costs aren't that great. 

I could see more and more companies using this going forward if they're already in Azure, and it's so easy to set up. It's a requirement now as well since data is the lifeblood of any organization. If you have bad data or you don't know where it is, or suffer from data silos, this will solve all that.

We're a Microsoft Gold Partner. 

I'd rate the solution nine out of ten.

Using the Microsoft unified cloud-based data governance is going to allow users to gather data across the entire ecosystem, classify it, place a glossary on top, and look at the lineage in addition to a whole bunch more. They have self-service policies and DevOps policies. Microsoft is heavily funding this tool, and it's now a requirement, not nice to have. Just about every Azure customer is going to incorporate Purview into their ecosystem, and it's going to help govern their data, which is an asset that will help companies increase sales, reduce costs, and streamline processes.

We do a lot of projects for state governments in the US. One of the states had a vast amount of data, around 20 years worth, spread across various systems. We had non-relational databases, files, Snowflake, Oracle, Excel, and more. We aimed to turn this data into meaningful information, track its lineage, and identify problems. I did the proof of concept for this.

It is crucial to us that Purview was built taking into account critical regulations from around the world. The tool considers compliances related to PHI, PII data, and Europe's GDPR. All these are taken into consideration while developing the tool. That's really good.

For data loss protection in Purview, we've explored how third-party access works, particularly concerning the exposure of sensitive data like PHI and PII. We looked into how this data can be masked or hidden. Currently, our team is developing further based on these explorations.

As one of the world's leading healthcare companies, we manage vast amounts of data, especially from state government projects. Healthcare data is very critical, and we can't expose any PII or PHI data due to compliance requirements. 

We audit every three to six months, and we need to justify why the PII or the PHI data has been accessed. From that point of view, this solution gives us very good leverage from the data governance perspective.

Purview has helped to reduce the number of solutions we need to interact with each other because this has a governance portal, analytics portal, data catalog, and data dictionaries. Everything can be done in one single tool.

The beauty of Microsoft tools is that they are valuable, and most of them are UI-driven. A couple of my team members who did not undergo any kind of training, were able to leverage the tool and explore it to the core. Whereas other tools that we use, for example, Erwin or any IBM tool, need a lot of training or a lot of self-running to start mastering the tool. 

At the same time, Microsoft is very easy. Using one single tool, we can accomplish everything. This has made a huge impact on the project timelines including the implementations of certain solutions, data governance portal, building a data governance portal, etcetera. This solution has reduced the number of solutions that affected the complexity of our data governance.

Purview tremendously has affected the visibility we have in our state. Because when we started in our company, nobody had explored using a data governance tool and Microsoft Purview. It was still coming out of its cocoon. We were working together with Microsoft on a lot of issues.

Purview enables us to show our compliance in real time. When I'm on a government project, and we discuss the data, often the management or leadership asks for a report. We simply log in to the tool and instantly create a report. In just a fraction of a second, we have all the information at our fingertips.

Purview has helped to reduce the time to action on insider threats by 30% to 40%. We can identify which fields expose our data or the columns that expose our PII PHI. We also know the data lineage and who has access to the data. 

In case of any compliance issue, it will pinpoint the particular individuals who have access to this data, and then we can ask for an explanation.

The use of Purview helped to save both time and money because we ended up using one tool for most of the data governance work. The project I worked on was around $600,000, and the POC was around $200,000. We probably saved around $400,000 annually.

Purview has affected our ability to stay on top of compliance and provides a report on who has access to the data. Whenever we have an audit, it helps to determine who accessed the data and their need for access. It has a significant impact.

The data lineage feature stands out. It tracks where the data comes from and any changes made. However, it's currently limited to Microsoft products. We can track lineage data with Azure Data Factory.

Another great feature is the ability to connect to any data source. We've linked it with the enterprise architect, a data modeling tool, and Erwin.

It is important to us that Purview can connect to Android devices and data in other software-as-a-service apps. We've connected to Snowflake, Erwin, Oracle, DB2, and more. Name any database, and we've probably connected to it.

It is crucial that Purview offers data protection across multi-cloud and multi-platform environments like AWS and GSP. The solution has an analytics space for data governance. It helps identify who should have access to specific fields. 

Another beneficial feature is the data catalog. It allows us to streamline and classify data, ensuring that only authorized personnel can access it. 

Purview integrates natively with Azure, Dynamics 365, and Office 365, which is also a remarkable feature. We connected to Office 365 Excel files and even accessed a few emails for a proof of concept. We also linked it with Microsoft Power BI. Most Microsoft products have a very good amalgamation.

There is room for improvement when it comes to Purview's data connector platform in supporting ingestion from non-Microsoft data sources.

Microsoft has done an impressive job. I've been in this domain for over 15 years and have used IBM's data governance tool in the past. Microsoft's current offering sets a baseline with features like data governance catalogs and connectivity to various tools.

The product is evolving, and there are some bugs, especially in lineage data lineage and adding parameters. It's maturing, and the data lineage needs improvement. While connecting to Microsoft products is a piece of cake, connecting to external ones, like Snowflake, is more challenging. 

I work for one of the biggest healthcare companies. I've been working on their project for probably almost one and a half to two years now. 

I got the chance to work with Microsoft Purview a year ago.

It's very stable. I never experienced any freezes.

I've never encountered any performance slowdown. Scalability is pretty good.

The customer service and support were pretty good. I engaged with them for about six months on various topics.

Positive

I used something from IBM. We switched to Purview because licensing for the IBM solution was very expensive, and the learning curve was too high.

We have a separate dev ops team. I was part of the discussions from a dev manager perspective but not directly involved in the deployment process. 

When we did the proof of concept, we had about three endpoints. We deployed it in two locations, North Carolina and somewhere in the central, both East and Central.

It's a SaaS model, so it doesn't require any maintenance. Moreover, we deployed it on a private cloud since we work on state government solutions.

I have seen a 100% return on investment.

The pricing is decent. It is neither too low nor too high. Given its capabilities, the pricing is justified.

We previously used the IBM infrastructure but as we are a premium partner with Microsoft, we collaborated with them and began exploring Purview.

Since it is still maturing, I would rate it an eight out of ten. It's a wonderful tool, I would advise everyone to explore it from the data governance perspective.

As a financial institution, our objective is to replace our existing in-house project with a comprehensive solution for data cataloging, data provenance, scanning, drift detection, and overall data governance. We use Microsoft Purview to fulfill these requirements and enhance our data management capabilities.

We haven't witnessed the full impact yet, mainly because it took us a considerable amount of time to effectively integrate Microsoft Purview into our system. Additionally, there are critical features that are currently lacking, hindering the platform from realizing its complete value. However, we have confidence in the roadmap and the commitment of the development team.

The most significant value lies in its seamless integration into the Azure ecosystem, automating various processes and reducing operational burdens. The ability to consolidate metadata from diverse services and databases into a centralized repository is crucial. Moreover, the flexibility of exchanging data through APIs allows us to extend and build upon the platform to meet our specific needs. The openness to supporting customers across various environments and the potential of a comprehensive data strategy are key factors that keep us committed to Microsoft.

Overcoming certain control issues would significantly enhance our overall satisfaction. We encountered challenges in building a custom subscription, and certain essential Azure financial control functions, like customer-managed keys, were not implemented.

I have been working with it for approximately two years.

We have around ten thousand users, and the scale might not necessitate the same level of custom development as larger companies. Despite our size, there are instances where building and hosting certain systems, like a database, provides us with greater control over our data.

I find it to be quite good. The enterprise culture and support we receive are appealing aspects. While our operational support may not match the industry leader, it surpasses what we've experienced with the third-ranked provider. I would rate it seven out of ten.

Neutral

Regarding choosing Microsoft over competitors, our decision was heavily influenced by corporate alignment. We already had a significant business relationship with Microsoft, and there was strong alignment at the senior leadership level between our institution and Microsoft. Despite acknowledging that Microsoft is behind AWS in terms of service maturity, especially in areas like data databases, authentication, authorization, and management automation, we recognized the benefits of our existing alignment.

While it may take another year to reach the desired level of functionality, we believe in the platform's potential and anticipate improvements in its feature set.

In the long run, using Purview may be more cost-effective than building and operating our own solution.

I currently rate it a five out of ten, and I believe there's potential for it to reach a seven within the next year.

Microsoft Purview helps our business identify valuable information across various data types by using machine learning and customizable tags. It then allows users to export this data with PowerShell and combine it with metadata from other Microsoft products, facilitating both data analysis and migration processes.

While I haven't used Purview's cross-platform capabilities, I'm impressed by Microsoft's integration of its various solutions, including ComplianceOne and SharePoint, which cater to large enterprises. A deep dive into the functionality confirmed this positive impression.

The ability of Microsoft Purview to connect across devices, including Macs like mine, is a major benefit. While I was surprised to find PowerShell running smoothly on Mac, Purview itself has been user-friendly and avoided the issues I've read about online. This ease of use is crucial for me.

My previous projects focused on M365, but the next step is integrating Azure Virtual Machines into our solutions. In this context, Purview's ability to natively integrate compliance across both Azure Dynamics and Office 365 is crucial for ensuring our work scales effectively.

The biggest advantage of Purview is its ability to centralize data management. This multi-platform tool integrates data assets from across the company, providing a reliable and unified way to handle data procedures. This consistency, a hallmark of Microsoft products, is valuable for many users.

Designed for our regulated environment, Purview offers a variety of features that enable us to develop compliant solutions even when limitations seem to restrict what's achievable.

Purview has helped save us time through automation.

The most valuable aspect of Purview is its PowerShell connectivity, enabling automation. The content explorer helps visualize how classifiers, including custom-sensitive information types, identify content. Purview even allows testing these custom types with a dedicated button. Overall, PowerShell governance and export capabilities significantly improve our workflow by automating tasks and simplifying data extraction.

While Microsoft Purview addresses global regulations, it lacks out-of-the-box functionality. Extensive development is needed to define sensitive information types and train rectifiers for each customer. Most importantly, Purview currently lacks multi-language support, hindering its use in multilingual environments. Since communication compliance is the only exception, future updates should include sensitive information types and keywords in major languages, especially those relevant to the European Union. This would require customization efforts to create equivalents for these information types and keywords in other languages.

The rapid pace of feature changes in Purview, including marketing shifts, retirements, merges, and splits, creates challenges. Documentation struggles to keep up, leaving users behind. Further compounding this issue is the inconsistency of PowerShell modules. While some, like the SAP exporter, function well, others, like the trainable classifier's missing fetch module, significantly limit the usability of a potentially valuable feature. This lack of polish hinders automation efforts and makes data governance assessments more difficult.

Setting up Purview in a production tenant proved challenging due to a lack of clear documentation on permission requirements. While Purview offers role-based access with custom role creation, there's no built-in explanation of each role's function and associated permissions. Microsoft Learn documentation wasn't helpful either. Ideally, Purview should provide in-context information about each role within the portal, eliminating the need for cryptic names and extensive external research.

I have been using Microsoft Purview for under one year.

Microsoft Purview seems to be functioning, but there's a lack of clarity on how it analyzes data. The content explorer shows inconsistencies, with Microsoft acknowledging that the actual document count might differ from what's displayed. This suggests limitations in the current setup. While improvement is desirable, it's still a usable tool.

I submitted a support request in the test tenant, possibly specific to that environment. However, the Purview quality was lacking. Automatic replies didn't address my question, which seemed misplaced within the chosen topic. It felt like I contacted the wrong department. Instead of offering real support, they suggested I write a public blog post seeking help online. This was essentially non-existent support, potentially due to limited resources for test tenant users. It's unclear if this reflects the quality of support for the expensive enterprise licenses.

While deploying Purview itself was easy for me after I had spent significant time getting a Microsoft certification, onboarding junior colleagues who haven't had that preparation is proving more challenging. Despite their initial confusion, the overall structure and features of Purview seem well-organized and at least decent.

While a single person could deploy Purview in this instance because it's a test tenant, it's important to clarify that this ease of deployment applies only to the test environment and wouldn't be representative of the process for a production tenant.

The implementation was completed in-house.

Microsoft Purview is a subscription-based service, so we need either an E3 or E5 license to use it. The specific features we have access to within Purview depend on which of these licenses we have.

I would rate Microsoft Purview eight out of ten.

To choose the best Purview subscription for your needs, I recommend using a test tenant to explore Purview's features and value proposition. This will help you identify the most critical functionalities and choose the subscription that best aligns with your business requirements.

Our primary use case of Microsoft Purview is data discovery and scanning data sources.

Microsoft Purview is a cloud-based service on Azure, but the way it scans data sources is hybrid. While Purview itself resides in the cloud, some on-premises servers called integration runtimes are deployed within Purview to scan specific data sources. These on-premises servers are essential for making those sources accessible to Purview for further management and governance. In essence, Purview leverages a hybrid approach for data source scanning, but everything else about the service operates entirely in the cloud.

Microsoft Purview's data connector platform for handling non-Microsoft data sources effectively addresses our data ingestion requirements.

Purview affects the visibility we have into our estate. It is the primary reason why we use the solution.

While Microsoft Purview doesn't directly provide revenue, it saves our business money by improving efficiency. Imagine we're launching a marketing campaign and need customer or product data. Before Purview, we'd have to search for existing reports, unsure if they even exist. Now, Purview lets us see all reports, who created them, and when they were updated. This saves us time by eliminating manual data searches, ultimately reducing costs because people's time is valuable.

Purview's greatest benefit for us is data discovery. Even someone unfamiliar with our data can use Purview's basic keyword search to find relevant data sources. Purview then reveals details like data points, who maintains the source, update frequency, record and data point counts, columns, and data types – all this metadata is instantly available, making Purview our primary tool for data discovery.

While Microsoft Purview currently allows weekly scans for data sources, this limitation hinders the usefulness of the tool for frequently changing data. Ideally, Purview should offer daily scan frequencies to better accommodate these dynamic environments.

Microsoft should provide full access to log details, particularly those related to technical aspects of data source integration. Hiding information from technical users assumes a lack of understanding on their part, which isn't the case. While Microsoft claims Purview is under constant development and some features lack documentation, this shouldn't prevent transparency, especially for established functionalities we rely on.

I have been using Microsoft Purview for nearly one year.

Microsoft Purview is stable.

Microsoft Purview meets our scaling needs.

The error codes displayed by the user interface weren't detailed enough to diagnose a problem we had, so we contacted technical support for help. Even with some internal information, we couldn't properly debug the issue. Microsoft then examined their internal logs to provide more details about the error message, which was all we needed. Once we saw the additional log information, we were able to pinpoint the exact problem and fix it.

Neutral

Since Purview is an Azure service, enabling it for our company was simple for IT. Once activated, I became the collection admin, and data admin, and assumed all the associated Purview roles. Setting up the first data scan for our reports and data sources was surprisingly easy, even without any prior experience, though being technical helped! The process is entirely point-and-click with no coding required.

The week-long deployment involved collaboration with our IT network team to handle resources behind corporate firewalls, while I managed the remaining tasks, bringing the total number involved to three.

While we evaluated various data discovery and analytics solutions, particularly open-source options, we ultimately chose Microsoft Purview due to its seamless integration with our existing Azure Stack environment. Since Purview was already included in some of our corporate Microsoft agreements, it offered a cost-effective and user-friendly starting point for our data discovery needs.

I would rate Microsoft Purview eight out of ten.

While our data platform handles governance and privacy, we use Microsoft Purview specifically for data discovery. It helps us scan existing governed data sources and make them discoverable through various methods like keyword search, research tools, and browsing by data source. Notably, Purview provides valuable metadata, even though we don't currently leverage its compliance features.

No maintenance is required on our end.

Before considering Microsoft Purview, identify your specific data governance needs. Purview is a comprehensive solution, so pinpoint the features you require (data discovery, classification, sharing, etc.) and how they address your challenges. If you only need a few functionalities and paying extra for unused features isn't ideal, a simpler solution might suffice. However, if you plan to leverage Purview's full potential and the cost aligns with your budget, then I would recommend Purview.

We are using it for governance on the cloud data migration. When people want to see legacy application Hadoop to Azure, we use the solution to gain some governance aspects and integrate it with Synapse on the final layer, which is the transform layer of the data lake. 

Purview was included at a single location in eastern Canada. There are close to 1,000 users.

It strengthens governance and provides visibility. It gives you better control and reports, then it integrates them with the Microsoft reporting solution. It integrates very well and helps provide visibility, but you need to do a lot of homework before you gain visibility. You need to understand the limitations in each of the data sets to gain visibility from a governance perspective.

For a tech organization, it gives them the ability to lower maintenance costs because it is natively integrated. So, it reduces the number of solutions that need to interact with each other. It is far easier for clients to operate and maintain that solution rather than be worried about a custom or hybrid solution, or even a best-of-breed. This solution makes it tougher because then you can hire people with different skill sets. 

Depending on the pipeline, it enables us to show compliance in real-time. This has sped up the decision-making cycle, making clients more proactive. They can do more internally before responding to compliance requests. For the banks, it is very important for them to be compliant with the standards that they are expected to adopt, e.g., GDPR. This gives them more time to prepare and figure out what the root cause could be if there are gaps.

Because governance analysts have these reports and dashboards out-of-the-box from Purview, they now have more time. For example, in a 40-hour work week, they would gain back three to four hours. So, the decision-making is faster.

Purview gives you more visibility and has native integration. It gives you a heat map regarding your risks. For example, where could there be potential exposure? It can very quickly identify non-compliance. Since it is natively integrated, the catalog tracker can quickly scan it.

It natively integrates. It gives you a lot of controls, awareness, features, and best good practices, making conversations a lot easier with the clients. Features are pre-built. All you have to do is configure it properly, and you get the correct tables and names of the entities with data. This reduces effort and gains efficiency, both for the clients and for SIs (like us). 

It is critical that Purview delivers data protection across multi-cloud and multi-platform environments. That is the number one reason that people are adopting hybrid and best-of-the-breed approaches. Especially in banking, it is critical because people want to protect, govern, and secure their data. This is one of the first conversations that happen with security and the architecture group on the client side.

It is a heterogeneous environment. That is a desire that the clients are asking for increasingly. So, the feature that provides data protection for iOS, Mac, Android, and data in other SaaS apps is pretty important.

Batch sources can connect well.

It works very well, but there are some limitations because it is a new product. For a lot of features, you need to wait until the time that Microsoft announces that they are generally available. Or, a lot of times, some features are not even available. Then, you need to go through their support channel. So, it's a mixed bag.

The API needs some improvement when connecting to non-Microsoft API sources. This is a limiting factor.

The integration with modern data warehouses needs a lot more traction. Because clients will not always adopt Microsoft Azure as their cloud, as they can choose to be in a heterogeneous environment. For example, I have three warehouses: Synapse, Snowflake, and Amazon Redshift. In this case, I would hesitate to adopt Purview, as it is not the best choice at this point in time.

I have been using it since it was launched in 2021.

The reliability is very good, but the stability is evolving as Microsoft is trying to challenge the established leaders with new features.

It is middleweight from a maintenance perspective, as there are two people from the client side at one site maintaining this, technically and functionally. There is a lot of leg work needed on the functional side. 

You need to keep an eye on it when applying a new patch or version from the cloud. You need to be very careful of how you upgrade that so it does not undo your customizations.

It scales without issues. In terms of performance, it scales pretty well.

Out-of-the-box, it is fairly easy to use the features. The clients have been happy overall, but they struggled when they tried to extend it to other applications in the cloud. This is getting better, from what I understand, as they release more feature enhancements.

The technical support is good. They respond quickly, though it depends on your license. If you have Premier Support, they will respond. On a scale of 1 to 10, I would rate them between eight and nine. They are trying to improve.

Positive

We did previously use another solution.

We had a client who decided to move to a single platform in the cloud. Azure was chosen because of its native dataset and proximity, e.g., the platform closest to the existing state of affairs. That is why Azure was chosen and the major reason for Purview to get adopted.

The initial setup is pretty complex. When you make it a private cloud, the security makes the setup complex. The public cloud is far easier. With a private cloud, you do the configuration to the right security standards and norms. You have to do the extra groundwork to make that happen. That took us a long time, but that is okay. Once it was done, it worked fine.

The first step is migration, making it visible and gaining efficiency. Then, you let it stabilize and clients get it. Phase two might be more automated, having some intelligence with AI for more decision-making.

I did the implementation with a Purview team of eight to 10 people. This included a governance analyst, data analyst, Purview expert, SMA, developer, and functional analyst. I was the overall delivery lead overseeing the effort, then there was a lead on governance.

Clients are happy and seeing the benefits. However, it is too early to determine ROI.

We also evaluated Collibra and AWS.

We haven't explored data loss protection at this point in time because the client has a very specific, in-house utility tool that they wanted to retain for DLP.

Make your case. Do your homework. Know your roadmap, which is critical with Microsoft and adopting Purview. 

I would rate the solution somewhere between an eight and nine out of 10.