Try our new research platform with insights from 80,000+ expert users
Vundavalli Gowtham - PeerSpot reviewer
Information Security Analyst at LTIMINDTREE
Real User
We can control user-group workflow, enabling or disabling particular steps, to prevent exfiltration
Pros and Cons
  • "My favorite features are eDiscovery and insider risk management, because these are the major threats to an organization that can't be easily traced."
  • "There are differences when looking at an incident in the M365 portal versus Purview, and the main one is the advanced hunting. In the M365 portal, you can write KQL queries and fetch data. If that was available in Purview, it would be very good."

What is our primary use case?

We are integrating Purview with Copilot. We are creating prompts in Copilot for whatever we require from Purview. There are multiple scenarios where we create something in Purview: eDiscovery, auditing, labels, and data loss protection alerts. It is something like the parent application for the data loss alerts.

How has it helped my organization?

The major benefit is the workflow inside Purview. While creating policies, we can add an organization's security groups and, for those particular users, we can control the user data or exfiltration. We can control the workflow of those users. If we want to exclude a particular channel that they use to communicate about sensitive data, we don't need to monitor it. We can just exclude it. That means we can include or exclude every individual step in their workflow. Based on our customers' requirements, because there are a lot of features in Purview, we can easily include, exclude, enable, or disable things. That is the major advantage of Purview.

Also, it has reduced false-positive alerts for data loss protection. Why? Because the policies or detection patterns are based on the normal or generic concepts that apply within each organization. Each will have its own set of policies. And that generates fewer alerts. An organization can have particular data monitored, and that can be changed from organization to organization. As a result, there is a lower chance of false-positive scenarios.

What is most valuable?

My favorite features are eDiscovery and insider risk management, because these are the major threats to an organization that can't be easily traced.

Also, there are multiple rules within Purview related to cloud applications. Purview's major focus is on Microsoft Azure and its Microsoft cloud-related applications, such as Exchange, OneDrive, SharePoint, et cetera. They have created a set of rules and added workflows to the policies as well. That means we can directly add those particular cloud workflows to the policies. Alerts can be triggered and workflows implemented based on the rules that we set while creating a policy inside Purview.

We also use Copilot, the next generation of ChatGPT. If you ask it: "According to Purview, what were the DLP alerts that were generating today?" it will take just five seconds to generate the data—whatever is available in the backend of Purview. Copilot is integrated with Purview. If a person is using Purview but doesn't have any idea how to operate it—meaning they don't know how to search for alerts—they can easily ask Copilot. They can create a prompt. That way, a non-technical person can get the data.

Also, all the required security products are integrated with Purview, including endpoint DLP.

What needs improvement?

I would like to see them simplify advanced hunting. There are differences when looking at an incident in the M365 portal versus Purview, and the main one is the advanced hunting. In the M365 portal, you can write KQL queries and fetch data. If that was available in Purview, it would be very good.

Another issue is that for incidents, only DLP alerts are available in Purview, not the incidents themselves. An incident consists of multiple categories of alerts belonging to multiple products. But in Purview, we can only see DLP alerts, yet those alerts could be part of an incident in the incident portal. We are not able to see if a particular alert ID is part of a given incident.

For example, if an exfiltration happens, the exfiltration-related alert will only be triggered inside of Purview. But it's possible that before the exfiltration, there was a kill chain there, such as initial access, privilege escalation, a user being compromised, or a brute-force attack. Those types of alerts are not available inside Purview. They are covered in other Microsoft products. All those products' alerts will combine into one case and generate an incident as a single story. But in Purview, the incident is not available.

Buyer's Guide
Microsoft Purview Data Governance
December 2024
Learn what your peers think about Microsoft Purview Data Governance. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,067 professionals have used our research since 2012.

For how long have I used the solution?

I have been using Microsoft Purview since it was introduced. I am part of our Purview team.

What do I think about the stability of the solution?

With Purview itself, I have not faced any issues, but there have been some with Copilot.

What do I think about the scalability of the solution?

The scalability of Purview is eight to nine out of 10.

What's my experience with pricing, setup cost, and licensing?

The price is a little bit high, but it's worth the money because it has a lot of features. And there will be more features in the future.

What other advice do I have?

My advice is that you need to understand the architecture of Purview first. Play with it and go through the data loss policies. Whoever is using Purview should have some idea about data loss protection policies. If you have these things, you can easily do things in Purview, such as labeling and IRM.

There is no maintenance. As a user, you just see the alerts, while the protection is taken care of by the Microsoft team.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor. The reviewer's company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Sr. Architect at a computer software company with 201-500 employees
Real User
A data governance solution that efficiently breaks down barriers to sharing information while making it easy to access and understand data
Pros and Cons
  • "I think Purview does as good a job...I'll say that it is as stable as the data governance maturity that exists within an organization. It can't be more stable than that."
  • "As Microsoft Purview got a little more mature, the deployments got a little more complex, as we were kind of seeing that there are a lot of ways, like there were a hundred ways to do one thing or less."

What is our primary use case?

I was working for a nonprofit here in Kansas called Children International. I was a global data engineering manager, and I was tasked specifically with developing a data governance program. And at the same time, that's right when Purview came out. So I spent a year in that realm. I've been very plugged into Purview ever since.

The main use is data governance. Now, not every firm is necessarily at that maturity level when it comes to understanding data as an asset. So, a lot of companies can use it just as a data dictionary, a business glossary, which is nice, but it doesn't give the entire picture of what Purview can actually do, and so, actually, there were a dozen of implementations of Purview that I have been a part of in the past. I've led as a consultant and an architect. I'd say maybe I have used twenty-five percent of every feature that it has to offer. I am still kind of catching up with the rest of the features.

How has it helped my organization?

Microsoft Purview breaks down barriers to sharing information, accessing data, understanding what a piece of data means, how it is defined, how it's interpreted, and then how the end user uses it. So, with Purview, when it's best used, and it is at its best when the end users are the ones that are very involved because they're the ones who are going to be using it. Its users can see the support, and it grows year over year, you know, a kind of revenue measure. I don't know how exactly this is created. Also, I don't know what fields it uses. I don't know exactly what this means. We have a different department in the company that may need this. So they feel the need to go out and then hop to Purview. So it definitely knocks down a lot of barriers. It eliminates a lot of needless communication between different departments, and it just centralizes all information about an organization's data assets.

What is most valuable?

Speaking of the valuable features, I would speak on behalf of my clients, considering how it seemed when it was implemented. So, the sensitivity labels are big. The insights are also very nice as it gives the visual representation of being able to look at what or how the data storage is performing, especially monitoring if they are tagging technical assets or if they are adding business glossary terms. So, that's big, along with the basic features of Microsoft Purview. I'd say the last one that is very big with most clients is data lineage and being able to integrate that end-to-end flow component kind of so they can see that this is data from a Power BI dataset, and then they can follow where that dataset is coming from like it's from a SQL query in a Power BI report itself and data coming from a SQL Server, etcetera, etcetera.

What needs improvement?

The out-of-the-box connectors and being able to connect to third-party apps and data storage were some of the areas where they started off strong, but that's something that I think needs to continuously be at the forefront of the developers and the engineers for Purview to make sure that it is constantly up to date and can talk with any data source that it may need within a data state. So I would say that's not necessarily a con, but it's a possible weak point that could be strengthened.

For how long have I used the solution?

I've been implementing Microsoft Purview with my clients for three and a half years. I'm a consultant for a Microsoft partner.

What do I think about the stability of the solution?

I think Purview, in terms of its stability, a lot of people think Purview itself is for data governance. Whereas data governance is something that is more like how we now view, let's say, Toyota six sigma or Agile, where it's kind of embedded in an organization and kind of culturally and throughout the work that's being done, it's kind of embedded in the network. I think Purview is kind of the same way. So, data governance operates in the same way. It first needs to be adopted and agreed upon by those that will be using it. Purview is the tool, and that's, like, the actual interface, and that's the actual, you know, that's the tool that allows it to be done. But in terms of stability, I think Purview does as good a job as it can of providing a foundation to make stability with data governance as easy as possible for those that manage it, but it does come down to those that are in charge of Purview itself to make sure that it stays stable. Well, I won't just say stable. I'll say that it is as stable as the data governance maturity that exists within an organization. It can't be more stable than that.

What do I think about the scalability of the solution?

Scalability is fantastic considering their pricing since it addresses their pricing where it can have your incremental scans, which can cut down on your computing costs. That's great for scalability. So, if you have more data and you need to scan more and more, you don't need to scan the exact same data again and again and again. You may be okay only scanning the entire database maybe once a week, and then, let's say daily, you have incremental refreshers that help very much, or that help a lot with scalability. I think as more an organization scales and the more that it uses Purview with that scaling, the more you can get out of it, and the more it'll end up helping the organization, the more the stewards that are in their tagging things, the more that data is suggested, and that triggers are set up for ingestion runs. The more it scales, the better it is.

How are customer service and support?

I have spoken with Purview's product team consisting of engineers who created Purview that writes the documentation that will work on bugs hands-on. Also, I've been a part of a lot of conversations, and I provided a lot of feedback in terms of improving Purview itself as a product and how we use it with our clients. So, there's been a lot of collaboration on that.

Considering Purview, I rate technical support a ten out of ten.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

There was not one solution. There were multiple solutions like Profisee involved. We also had Atlas and kind of a lot of commingling of those two and kind of piecemeal together solutions between a lot of those to do a Purview does. So not a whole lot, I guess, is what I'm trying to say.

How was the initial setup?

The deployment of the solution was done on Azure. A majority of our deployments for our clients are through a private cloud, and they're locked down with private DNS zones and custom DNS records on the back end if they're on their own servers and private endpoints as well. So fairly locked down, especially with where we talked about a lot of the data being sensitive and a need for it to be protected and monitored. Well, if data needs to be protected and monitored, then it likely is going to be needing something to be secure. So it's all been on a private cloud so far.

I was involved in the initial deployment of Purview. The initial deployments were actually straightforward because we were figuring out about the features, and found that it was a little less feature-rich, so there was less of a question. And it hasn't given us the time to figure out where it works well or where it doesn't work well, and if we need to bring in consultants or can we do this in-house. As Microsoft Purview got a little more mature, the deployments got a little more complex, as we were kind of seeing that there are a lot of ways, like there were a hundred ways to do one thing or less. I think that applies to anything in software. But it applies to Purview as well and where we control access to a given data source while figuring out if we should use the policies and governance features within Purview. We also thought if we should do it in Azure portal using RBAC or should it be elsewhere. So I think we passed that part, and then now we're going to get back to some smooth deployments, and a lot of them will be templatized, you know, whether it be in ARM templates or Bicep like Terraform. Overall, at first, the setup process was fairly smooth to moderate.

What was our ROI?

I have not been able to conduct any actual ROI analysis on Purview just because it is hard to measure those kinds of intangibles of how those results show up. But they absolutely show up if we consider data to be an asset. Also then, it can also be a liability, just like something that would be like a can of soup on the shelf in a restaurant. That's an asset as it exists then, but also there can be hazards. So, if it's a large pallet, it could fall and cause damage. So, data cost would be a liability. I think that it is not something that currently appears on the balance sheet and can be cut to draw that line, but I think it'll be made much clearer in the near future, especially as we've become more and more data-saturated and we'll be more conscious of the value of data. Regarding ROI, I have not done any analysis in that realm, but I have full confidence that there are real ROIs that do exist and that will show up one way or another in the future.

What's my experience with pricing, setup cost, and licensing?

Price-wise, I think it's very generous and accessible to not just enterprises but small to medium-sized companies as well. I think it's very fair in terms of how they break apart the storage and the actual computing, and that makes it very accessible. So, that is a very big plus for Purview. I think a lot of clients and organizations would feel that way as well.

On the time front, I can absolutely speak about the cost of the solution since time is money. Saving analysts or developers, or engineers time can add or translate into actual savings if you can do the right calculation. But just to stick on that time front, I've seen it cut down, let's say, a given team, or a data governance team, I'd say, in a reduction of fifty to sixty percent of the time that would be spent answering maybe questions for other parts of the business about what a certain data means or where this data lives, they can just point them into certain directions, and they can point them to Purview and have those answers or have or have this questions answered. So that's a big part. And then also being able to have those ties from the business to IT and being able to bridge that gap and being able to have a technical asset ingested from the data side or, from the technical side, and then being able to get the business to interact with that as well. I would say that total savings in terms of on a team-to-team basis, I could see anywhere from fifty to seventy-five percent reduction in time spent on those activities just by having Purview.

Which other solutions did I evaluate?

After looking through other options, we decided for our clients that in these situations where they're already in a Microsoft data environment in terms of their data, whether it's living in Azure or on-prem, but the analytics that they're doing, whether it be with Power BI, with Synapse and Data Factory, it integrated so well.


What other advice do I have?

Speaking about the importance that Purview delivers data protection across multi-cloud and multi-platform environments, including AWS and Google Cloud Platform, I would say that it's very important, and I am going to lean on the side of this that has to do with data protection in terms of international data protection and various laws that kind of force data to stay in certain places. For example, I have one of my clients, which is a Fortune 100 company, and they have three different main regions around the world, including Asia Pacific, the EU, and the US. They had a lot of financial data that were in these three regions, but they couldn't cross each other even though it was the same data that was being used in the same applications, but it was difficult due to various barriers and regulations for the actual data control. Hence, they couldn't pass between each other. So that was kind of an issue. We had to actually go and deploy multiple instances of Purview. We had a dev and a prod instance in these three regions. That was definitely very important, and that was because of not only regulations but because of their desire to keep their data private, secure, and kind of locked down.

Speaking of how important it is for me that Purview can connect to iOS, Mac, and Android devices and data in other SaaS apps, it is not very important as it's typically with legacy databases and data warehouses.

Regarding Purview's data connector platform for supporting ingestion from non-Microsoft data sources, I think it's very robust, and out of the gate, they included a data connector that you can plug in straight to Amazon and SAP. I believe now that they have some connectors for Salesforce and things like that and Snowflake. So they are absolutely staying right on or ahead of the curve when it comes to making this kind of making sure that the interoperability between other vendors as well is taken into account, which is awesome.

Speaking of how important is Purview's natively integrated compliance across Azure Dynamics and Office, I think it's very important, and it does it very well. I mean, literally without a problem. It's completely seamless, and so it does that perfectly.

Speaking of how important it is to me that Purview was built taking into account critical regulations from around the world, I think that it is very important. So, that's what kind of gave birth to the original classifications for 200 or so out-of-the-box classifications for a lot of data for possible credit card numbers, passport data, and ZIP codes in different countries. They were definitely aware of that, and you could tell from their design process they keep updating those. And so that was definitely built with that in mind for sure.

I have never used Purview for data loss protection. Typically, in these solutions, when we're deploying Purview, they're usually at a stage in their data platform maturity where they already kind of have that taken care of elsewhere.

Speaking of whether Purview helped reduce the number of solutions I need to interact with, I would say that I don't think so because I think data governance exists kind of outside the solution's architecture for these kinds of things. So, I'll say no, but that's not in a bad way. It's just not its job, in my opinion.

In terms of Purview's visibility, I think visibility is the most significant part since that's kind of what it does as long as it's set up correctly and maintained by the data stewards and the business experts. The domain experts that actually know how to interpret these business glossary terms and can link them to data assets, then it is the most useful tool out there.

I haven't used Microsoft Purview's automation. However, I have used Purview's AI since we have had a few situations. While not many organizations have had to do this, we had two instances of Purview in a given tenant, which would be dev and prod. So, we would use some APIs and some Purview CLI. We automated a lot of those processes. Also, it's workflow automation in terms of approvals and sign-offs from a given definition being changed or a term being added and being able to send that to the right people, especially by sending an email to the right group for approval. So the automation piece is huge. I have not yet been a part of, or I have not, used any of the AI-related features.

Speaking of how automation affected my speed and accuracy of risk detection, I would say it went very well, especially when dealing with financial data or when dealing with possible credit card data, personal information, and health data. In PII or PHI, being able to have those classifications kind of flag that data if it comes through, and then being able to mask it or identify those is something huge. So, that's probably one of my favorite features considering how it's integrated into the various protection services that Microsoft and Azure have to offer.

Speaking of how automation affected the quality of the insights I have, I would say it has more to do with speed on that front. Also, it's going to be as good as the developers, data stewards, and experts working on it. As you know, it'll be as good as the effort that they put in to constantly go through and curate or update a certain classification, including what the threshold may be to make sure it's catching all of where it needs to cache for risk detection or risk mitigation. And there's definitely a one-to-one relationship that is a very linear relationship. So the more end users and stewards are involved, the more you get out of it in terms of every feature that it has to offer.

Regarding Purview enabling me to show my compliance in real-time, I would say that I believe that there are some integrations that I have not personally, which I think came out in Purview the last time when I was very heavily involved with Purview, which is maybe four or five months back. So, I have not used those yet. But in terms of real-time, I don't think we have used it yet. But I'm sure we'll do that eventually.

Regarding whether Purview helped to reduce the time to action needed for insider threats, I would say it has, especially in the context of early detection for possible sensitive data, like health data, credit card information, and things like that, and being able to alert the right parties. So, they can make decisions on whether they need a mask or not or if there was a problem with the actual data source, whether the data kind of slipped through, and if it should have been taken out. So, definitely, it works in that kind of early detection there and in terms of the speed of making those decisions.

I would say that Purview has helped save time and money for my clients. So, it's definitely a long road for data governance, and a lot of the benefits aren't necessarily very tangible, so they might not show up on the balance sheet. However, data is an asset and needs to be treated as such. Hence, those who implement these data governance programs and who use Purview to do that are absolutely gonna be ahead of the curve, and we'll save countless dollars and time. I mean, the savings start immediately. So, down the road is when you really see those effects come up.

I would agree that Purview has affected my ability to stay on top of compliance.

Regarding others who are looking into evaluating the solution, I think they should prepare by making sure that the individuals or the teams that internally exist that are in charge of or that have a very large say, and how data governance is or functions within that organization, they need to be on board and they need to be willing to kind of to go through the motions and be okay with having an iterative process once Purview is deployed. It's not all going to be solved on day one, and they're not going to have everything that they need right away. Again, it's a tool that their data storage and domain experts can use, I would say.

As I am trying to be as unbiased as possible, I would suggest those planning to use the solution contact Microsoft since there are a lot of financial incentives and reimbursements, and discounts that exist right now, also in the past, and in the future, I would assume that for Purview's demos and PoC engagements. So, trying to find or just having the first part, which is the internal understanding of what data governance is and what they want out of it, while the second part is Microsoft does very well by tucking in partners that can show them ropes.

Since there were some features recently that maybe I haven't been able to test, I rate the overall solution a nine out of ten.


Which deployment model are you using for this solution?

Private Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Microsoft Azure
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor. The reviewer's company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Buyer's Guide
Microsoft Purview Data Governance
December 2024
Learn what your peers think about Microsoft Purview Data Governance. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,067 professionals have used our research since 2012.
Mcafee Epo Administrator at Consultant/Converge Technology Solutions
Real User
Helps us block unintended data sharing, but the documentation and licensing could improve
Pros and Cons
  • "The feature that I find most valuable is its ability to block unintended data sharing, like forcing unencrypted emails to be encrypted. We're evolving technologically, so people aren't always working from their desks. Our people are on the move. We have data everywhere. For example, in airlines, they're mobile and working from one door to another. They can't carry a computer from one station to another. That's where a lot of airlines use iPads. Securing and integrating iPads is helpful."
  • "One way that Microsoft Purview has benefited our organization is by preventing data leakage, which saves the company money on fines and protects its reputation."
  • "One area for improvement is better documentation on what is working and what is not, as well as what features are allowed depending on your licensing model. It's essential to know if a feature isn't working due to missing licenses."
  • "Licensing is frustrating due to multiple modules and licenses. The feature might be available in the console, but it won't work without the proper license, creating confusion."

What is our primary use case?

Microsoft Purview Data Governance protects against data loss, helps prevent accidental data sharing, ensures the right people have access to data and helps remediate data issues.

How has it helped my organization?

One way that Microsoft Purview has benefited our organization is by preventing data leakage, which saves the company money on fines and protects its reputation.

What is most valuable?

The feature that I find most valuable is its ability to block unintended data sharing, like forcing unencrypted emails to be encrypted. We're evolving technologically, so people aren't always working from their desks. Our people are on the move. We have data everywhere. For example, in airlines, they're mobile and working from one door to another. They can't carry a computer from one station to another. That's where a lot of airlines use iPads. Securing and integrating iPads is helpful. 

Purview's data protection across multi-cloud and multi-platform environments is essential because data is everywhere, and all data is important. We could have Social Security numbers in the cloud or on-prem, so it's crucial to protect them all.

The ability to consider regulations around the world is essential due to outsourcing. Many companies outsource to India or China, so it's important to protect data wherever it is. Purview provides visibility through its data classification module, which allows us to scan our environment and let us know where that sensitive data is.

What needs improvement?

One area for improvement is better documentation on what is working and what is not, as well as what features are allowed depending on your licensing model. It's essential to know if a feature isn't working due to missing licenses.

For how long have I used the solution?

I have been using Microsoft Purview Data Governance for the last four years.

What do I think about the stability of the solution?

There are some bugs in how long it takes policies to apply. It can take seven days to 24 hours to determine whether a policy is effective.

What do I think about the scalability of the solution?

The product is scalable and works across multi-cloud and multi-platform environments, but better performance could be useful.

How are customer service and support?

I would rate Microsoft customer service seven out of 10. More updated documentation would improve our results, as Microsoft is always changing online, and the documentation doesn't update as quickly as the console.

How would you rate customer service and support?

Neutral

Which solution did I use previously and why did I switch?

My company is a consulting company, and we have worked with various products. One such company is Varonis, which does similar functions but doesn't offer the one-stop-shop solution that Microsoft provides.

What about the implementation team?

We are the consultants, so we are responsible for the deployment of the solution.

What was our ROI?

We don't typically see direct ROI since we're a consulting company. However, clients benefit from using a one-stop-shop solution, increasing their visibility across different platforms.

What's my experience with pricing, setup cost, and licensing?

Licensing is frustrating due to multiple modules and licenses. The feature might be available in the console, but it won't work without the proper license, creating confusion.

Which other solutions did I evaluate?


What other advice do I have?

I rate the Microsoft Purview Data Governance seven out of 10. 

Which deployment model are you using for this solution?

Hybrid Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PeerSpot user
reviewer2346735 - PeerSpot reviewer
Enterprise data architect at a non-profit with 1,001-5,000 employees
Real User
Works seamlessly with Microsoft products but not with third-party products
Pros and Cons
  • "Their data labeling or data classification is particularly valuable because we want to categorize all of our data into confidential, public, or internal."
  • "It supports only a limited number of tools and technologies that pertain to Microsoft products. If you want to leverage other solutions such as Workday or Oracle Fusion, features will be coming up, but as of now, it is for the Microsoft suite."

What is our primary use case?

We migrated everything to the Azure cloud. Microsoft Purview was coming up at the time, and we also started looking into their other products such as Microsoft Power Platform, particularly Power BI. We wanted to see how these particular tools can go head to head and how they would be useful. This is when we started with Microsoft Purview. The POC itself took more than a year because it was not easy. The tool was growing. It took a long time to get their product support help to fix some of the issues and features. 

In the last year, we started using it for a few things. One is mainly data protection. We mainly targeted the scenarios where when someone is sending a document in an email or labeling a document as confidential, what the person receiving the document can do. 

We are trying to cover Microsoft 365-related products. We are trying to use it for the data discovery process. That is the end goal. Across the organization, we want people to be able to find the data easily. There is a kind of data marketplace, and we started to use it for data discovery.

How has it helped my organization?

Data discovery is one of the beautiful things of Microsoft Purview. We mostly have Microsoft products, so it has been helpful, but we are continuously growing. We are still in the learning stage with this product. We are trying to onboard only a small amount of data, and then we will see how we can curate the data so that it is meaningful. Slowly, and probably after a year, we will come to know how efficiently we are using Microsoft Purview as a part of the data discovery phase.

Microsoft Purview is a cloud-native app. So far, we have only used it with Windows with Chrome or Edge browser, and it works seamlessly. It is not a problem. We have not used it with other OSs, but it should work with them.

Microsoft Purview was built taking into account critical regulations from around the world. Data classification is one of the beautiful features. It works seamlessly.

Microsoft Purview's natively integrated compliance across Azure, Dynamics 365, and Office 365 is perfect.

Microsoft Purview enables you to show your compliance in real time. There is the Insights dashboard, which is particularly for security officers. They can always go and have a look. If there are any compliance issues with the portal, they can always go and check anytime.

Microsoft Purview has helped to reduce the time to action on insider threats, but I do not have the metrics. We are in the discovery phase. After a year, we should be able to provide exact metrics. As of now, we just look into the issue and take action. It is helping to reduce the errors. In terms of percentage, there are about 20% savings.

Microsoft Purview will save us time and overall product delivery costs. Product data discovery should be easy, which will reduce the overall product delivery time. This is something that we are working on. There should be at least 10% savings on the project delivery time.

What is most valuable?

There are several features. Their data labeling or data classification is particularly valuable because we want to categorize all of our data into confidential, public, or internal. Microsoft Purview works seamlessly with the Microsoft product suite, including Office 365, to schematize the data assets, so data labeling and classification have been helpful.

Microsoft Purview can connect with all of our security-related things across Office 365. It easily connects with Microsoft Defender. The integration with Microsoft Defender is good.

It works well for schematized data assets for lineage tracking. Overall, it works well if someone is using mostly Microsoft products.

What needs improvement?

It is still growing. It does not meet all the requirements from the security point of view. It supports only a limited number of tools and technologies that pertain to Microsoft products. If you want to leverage other solutions such as Workday or Oracle Fusion, features will be coming up, but as of now, it is for the Microsoft suite. 

It is still growing as a data connector platform for supporting ingestion from non-Microsoft data sources, so not all the products are supported as of now. 

As a data catalog tool, it needs to have a connection with all the sources. This improvement is definitely needed because they are supporting only Microsoft-related products but not third-party products.

For how long have I used the solution?

We started to explore Microsoft Purview when they launched it. It was the end of 2021.

What do I think about the stability of the solution?

It is a stable product, and continuous improvements are always coming in. After a year, it probably will be a complete tool for all sorts of uses. I would rate it an eight out of ten for stability.

What do I think about the scalability of the solution?

It is unlimited. I would rate it a ten out of ten in terms of scalability.

We currently have 10 to 20 people using the tool. It is deployed as part of information technology from the IT management, and we try to circulate it by onboarding various sets of users from various departments.

How are customer service and support?

Last week, I raised an issue with technical support. It issue was a priority for us. Within a couple of hours, they got back. They were efficient with this particular product. I would rate them a nine out of ten.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We used some of the manual processes. We built a data catalog using Vast data services.

How was the initial setup?

It is deployed on the cloud. The deployment time is much less, but because it is a data cataloging tool, curating the data takes time. Spinning of the environment and starting it can be done in a couple of hours.

It definitely requires maintenance from the data security and data scanning point of view.

What about the implementation team?

We have a data governance team. 

What's my experience with pricing, setup cost, and licensing?

It is cheap. It is based on consumption. If somebody wants to start using it, the price is definitely cheaper than a tool like Collibra.

What other advice do I have?

I would definitely recommend Microsoft Purview. However, it is not good for data quality. If you are not looking for data quality and you only want a complete security and data cataloging tool, it is perfect.

It is still maturing. At this time, I would rate Microsoft Purview a six out of ten.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
Microsoft architect at Kyndryl
Real User
Top 20
Helps save us time, and cost, and improves our compliance
Pros and Cons
  • "Purview helps mitigate risk and allows us to govern the information being shared among apps and devices."
  • "I would like to have AI functionality on the dashboard to help me analyze and report on the data that we capture using Purview on a daily basis."

What is our primary use case?

We use Microsoft Purview to protect sensitive transactional data. We can control organizational policies such as who can monitor the system and how data is shared between managed apps and enrolled devices. We create the data loss prevention policy.

How has it helped my organization?

Purview can deliver data protection across multi-cloud and multi-platform environments. For example, we can set up a multitenant environment across different vendors and control Purview through Azure. Our enterprise licensing allows us to extend the connectors and tokens to other vendors. Once the connectors are active, they streamline the same functionalities and policies across the data on the other clouds.

Purview can connect to iOS, Mac, Android devices, and other SaaS apps, provided that we have created enrollment profiles for the other devices in Microsoft Azure. We can then monitor those devices from a central Microsoft location.

Microsoft Purview's natively integrated compliance across Azure Dynamics 365 and Office 365 is important because all escalation auto breaches from Microsoft or our data loss prevention policy will be highlighted to our program manager and portfolio manager. Therefore, we must treat this as a service-level agreement breach. The most important thing is to ensure that we are alerted whenever sensitive data is sent across 18 servers, Microsoft Office 365, or by people using their hybrid environment to connect to Office 365.

It is important that Purview was built taking into account the critical regulations from around the world because one of the accounts I support is a financial institution from the UK with offices in Europe. As a result, we have new regulations to comply with. We had a different region-wide DLP setup for the UK and Europe, but we needed to ensure that it was within the new Purview system and that data could not move out of it. To achieve this, we have people in Europe working on certain governance and risk portfolios that we have created using Microsoft Azure and Purview. We also share this information with our audit team, which comes in from outside to verify it every quarter.

We have an in-house process for handling policy violations. Purview's DLP for remediating policy violations helps us. For certain categories of transactional and social ethics violations, we capture data on any copying of sensitive data. This is because sensitive data should not be shared. We capture this data using our exchange server. It is difficult to share sensitive data, but we can capture it. We then share this data with our ombudsman team. The ombudsman team will review the data, including the timestamps and users involved, and determine what action to take. In rare cases, the person responsible for the violation may be removed from the team or organization.

Awareness of mobile device monitoring must be shared across the organization, especially with end users who may not be aware that their actions are being monitored. Training should be provided to all users of enrolled devices, regardless of whether they use Intune or another endpoint server. There are three sets of training, End-user training, Admin training, and Global provider user training.

Over the past two years, we have improved our relationship with external auditors. In the first year, it was challenging to implement DLP policies. However, in the second and third years, we have had fewer than ten violations. These violations were typically due to users accidentally accessing sensitive data without their knowledge. We have been able to significantly reduce our policy violations in the past three years using Microsoft Purview.

Purview has helped us reduce the number of solutions we need to interact with each other. We used to have a lot of L1 tickets that came in earlier, where there was a policy change or configuration change being done. And then we didn't have a proper change process or control over the data that had been accessed, because it was in a shared model. This led to SharePoint violations. Now that this has been reduced, we have proper version control, and anyone accessing these resources must check IAM. As a result, those L1 tickets, which were more than a thousand in the first year, have been reduced to less than a hundred or so, in terms of SharePoint access violations. So, this is one area where we have seen a significant drop because the IAM and the user's profile now determine whether they have read and write access.

Our visibility into our estate has improved significantly with Purview. We started a pilot project, and the project manager who owns this portfolio is already running the show, even before the policy is set for the organization itself. This level of visibility was tested in a small pilot project, and now the project manager has full visibility.

Microsoft Purview allows us to demonstrate our compliance in real time. On the default dashboard, we can see the number of phones that have violated the DLP policy that we created. We can then determine which standard was breached, such as ISO or BIS. We use Purview for weekly compliance calls with the client as well.

Purview helped streamline our meetings with compliance regulators by making it easier to share data with them.

Microsoft Purview has helped us reduce our time to action on insider threats. Before Purview, we manually managed our insider threat detection process using a weekly Excel report with a macro. This meant that if a breach occurred on Monday, we would not review the report until the following Monday, resulting in a one-week time to action. With Purview, we can now take action as soon as Purview detects the violation.

Purview has saved our admin teams 99 percent of their time spent investigating violations. In terms of cost savings, Purview is included with our E5 license. The savings are significant.

Purview helps us maintain compliance. It gives us full control over our data, and when there is a violation, we can follow our established procedures to decide whether to call the ombudsman or if the process setup is sufficient.

What is most valuable?

Purview helps mitigate risk and allows us to govern the information being shared among apps and devices. Purview can restrict access from even the smallest threats, such as a mobile device trying to access and manage apps.

What needs improvement?

I would like to have AI functionality on the dashboard to help me analyze and report on the data that we capture using Purview on a daily basis.

For how long have I used the solution?

I have been using Microsoft Purview for three years.

What do I think about the stability of the solution?

Purview is stable and always available because it is a SaaS service, which means we don't have to worry about the infrastructure.

What do I think about the scalability of the solution?

Purview is scalable depending on the number of transactions we want to monitor per day. 

How are customer service and support?

Whenever we had an issue with Purview during the test phase of setting up DLP, we would call Microsoft Premium Support. They responded immediately and assigned a support engineer to our case right away. The support engineer would escalate the issue to their internal product group team, who would update Purview on the backend with a patch. The product group team would then let us know that our feedback on the product had been accepted and that they had worked on a solution, which would be released within the next week or quarter along with other updates. Overall, we were very pleased with their support.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

Before Microsoft Purview, we used a feature in Intune called data analytics to record what users access and the transactions they perform. However, this data was not meaningful, and there was no way to filter it to identify breaches. As a result, we had to manually review all of the transactions for all users in the organization to see if any were violations.

Microsoft Purview is able to capture breaches because we use tags to properly understand the data and identify violations. For example, we can tag all transactions involving credit card numbers. When we run the ETL tool, it uses the tags to identify transactions that may be violations.

How was the initial setup?

Initially, deployment will occur once the data is confirmed by the ETL team and properly ingested. This process typically takes a few weeks, depending on the volume of data. Once the initial deployment is complete, we will design and test the DLP and UAT systems. This process typically takes two weeks to a month.

Once it is deployed to production, any future changes or updates must be approved by a cabinet review board, and we must have a rollback plan in case anything affects production.

We have eight engineers who work at different levels to ensure that the data is furnished correctly, regardless of whether it is structured or unstructured, how it is being populated, or where the data loss prevention process runs daily. We also have a couple of managers and a scrum leader, as well as a portfolio manager.

What was our ROI?

When we implemented Purview, we were able to reduce our staff by 60 percent. We no longer need compliance officers to manually check spreadsheets for changes or breaches. In addition to the staff reduction, we have SLAs that require us to pay penalties to our clients if there is a violation. With Purview, the number of SLA breaches has been significantly reduced, saving our organization over one million dollars.

What's my experience with pricing, setup cost, and licensing?

Microsoft Purview requires a Microsoft 365 license and is included with an E5 license. The license is expensive, but it is worth the cost because of all the tools it includes.

What other advice do I have?

I would rate Microsoft Purview nine out of ten.

Purview is a cloud-based SaaS product. We keep our sensitive data on-premises, but we export a de-identified version (.NET) to the cloud in order to review reports for violations.

I recommend Microsoft Purview, especially for organizations that are already using Azure. Purview can be used to extend their risk governance capabilities in a seamless manner. There are other solutions available, but Purview is flexible and offers hybrid, cloud, and on-premises options with connectors for other vendors.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Microsoft Azure
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor. The reviewer's company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Luke Greening - PeerSpot reviewer
Corporate Data Specialist at a tech services company with 1,001-5,000 employees
Real User
Great ROI, is stable, and can identify content across many prescribed regulatory frameworks
Pros and Cons
  • "Microsoft Purview's most valuable feature is its ability to identify content across a number of prescribed regulatory frameworks, including Microsoft, GDPR, PII, and UCC Financial."
  • "Purview's data loss prevention for macOS endpoints has some limitations, and the end-user experience of recovering from a failure is lacking."

What is our primary use case?

We are a partner and work with different organizations. We go through a number of activity phases, such as initial discovery, understanding their data to see what is and is not sensitive, and then using Microsoft Purview. 

We use Microsoft Purview to provide sensitive information in building out a roadmap in terms of classification, protection, and lifecycle management. We then determine what kind of use case is most common for other work we would look for and fill in the gaps with the customer. Microsoft Purview's vast features and capabilities really depend on what we learn in those workshops and where that organization is looking to go over a period of time. So if one of the key areas is the mitigation or prevention of data breaches, we can help with that. 

We can also help protect content, especially when it is sensitive and involves individuals. We can also help businesses change their processes to help ensure users know what their preferences are and how to use the user tools.

How has it helped my organization?

Microsoft Purview's ability to deliver data protection across multi-cloud and multi-platform environments, including AWS and GCP, is very important. It helps organizations realize the investments they have already made and how they can further expand those investments to another remote type of Microsoft workflow. Microsoft Connect has been used to centralize these workflows, and the ability to import existing records management processes and policies into the file plan in Microsoft Purview allows organizations to bring compliance into a central location. This helps to manage costs and improve efficiency, as users can go to one area to leverage basic facilities without having to use separate tools.

It is important for our clients that Microsoft Purview can connect to iOS and Android devices. With many people now working from home and using their own devices, there is a need to manage these devices. Microsoft Purview's conditional access and endpoint management capabilities help organizations to protect their data, regardless of the device being used.

Purview's natively integrated compliance across Azure Dynamics 365 and Office 365 is important. However, it is also important to ensure data privacy with its data as a whole from a compliance perspective. This means ensuring that we can meet the requirements of 2701 controls and that people know the processes, technology, and relevant skills. CRM controls information about potential customers and opportunities, so it is important to ensure that we are compliant when handling this data. We also need to make sure that updates to Purview are made as needed and that our team is able to stay on Office 365. Having a strong compliance program is essential for any organization that handles sensitive data. By taking the necessary steps to ensure compliance, we can protect our data and our customers.

It is critical that Purview is built around global regulations. This is because we have different types of customers, some of whom operate slowly. There is a rack with some regulations, and we have the US. We also have a rack with different regulations that are up-to-date, but they are only safe in some areas. This means that we need to be able to control, face, or bank on system regulations. This is very important to me and the customer because they can be very tricky.

Purview's DLP can be used to remediate policy violations. A number of kinds of DLP rules can be leveraged, such as sensitivity labels, data classification, and sensitive information protection plans. This means that it is not enough to simply provide people with the technology, they also need to be trained on how to use it effectively. Through the use of an ERP system, a number of policies can be set up. This insight can then be used to make meaningful decisions about how to rate the data on the system. This will help to understand how the data is costing the organization. If the organization does not have the necessary internal controls in place, new protection and encryption measures may need to be implemented. This is primarily becoming step one in the process of working policies, understanding how the data is being used, making decisions about how to protect it, and then building a protection layer on top of that.

Data loss prevention education for users is important because it can help them to understand how to best protect sensitive data. This can be done by providing users with training on how to use DLP tools and policies, as well as by educating them about the risks of data loss. DLP tools can help to prevent data loss by monitoring user activity and blocking unauthorized access to sensitive data. DLP policies can help to define what constitutes sensitive data and how it should be protected. By educating users about DLP and the risks of data loss, organizations can help to create a culture of data security. This can help to prevent data breaches and protect the organization's data assets.

Purview helped reduce the number of solutions we need to interact with each other. I used the solution that crosses between Endpoint Data Loss Prevention, Microsoft Defender for Data, and Conditional Access to block specific types of information at different workloads. This made it easier to manage sensitive information. For example, if I have sensitive information today, I can easily block people from uploading it to Teams, SharePoint, or OneDrive.

The reduction in the number of solutions we need to interact with each other has had a significant impact on our pricing. In the past, we had to use a variety of different solutions to manage our portals, which was time-consuming and expensive. Now that everything is coming into Microsoft Purview, we are able to simplify our technical and environmental environment. This allowed us to reduce our costs and improve our efficiency. In addition, Microsoft Purview provides us with a central location to manage our data governance. This made it easier for us to comply with regulations and protect our data. Overall, Microsoft Purview has been a major asset to our organization.

Microsoft Purview expanded our visibility into our state by allowing us to see what is labeled, relabeled, and what is not classified. There are a number of different areas where Purview improved capability and overall cost. These are all different aspects of Purview, which is helpful for organizations. Purview has a point-in-time view, and it also has the ability to explore more granular data from the logs.

Purview helps to reduce the time it takes to take action on insider threats by around 50 percent. It requires planning and configuration, as well as two weeks of setup. The technical configuration is used to identify users and the types of activities they are performing. For example, users who sign into hundreds of documents within a few minutes of each other or delete large numbers of documents can be quickly identified and flagged. This allows security teams to send high-priority emails to the appropriate people in a timely manner.

Purview helps save our clients between 30 to 40 percent of time and money. 

What is most valuable?

Microsoft Purview's most valuable feature is its ability to identify content across a number of prescribed regulatory frameworks, including Microsoft, GDPR, PII, and UCC Financial. It can also help organizations identify content that is important to them but not specifically regulated. This is done by creating trainable classifiers and sensitive information types. The protection controls components are based on the perspective of the device. Microsoft Purview has been growing in popularity over the past few years, and it offers a number of tools that can help organizations manage their data.

What needs improvement?

Purview's data loss prevention for macOS endpoints has some limitations, and the end-user experience of recovering from a failure is lacking.

I would like to be able to search for labels using Purview to see what items are affected and the time periods in which they will be active. This would allow us to export the results for specific business areas, which would make our lives a lot easier. We could also use this information to identify sensitive information types and reduce false positives.

The utility system format, the policy tips and user descriptions of sensitivity labels, and the overall policy tips that are shown in the loss prevention policy have room for improvement.

For how long have I used the solution?

I have been using Microsoft Purview for three years.

What do I think about the stability of the solution?

The stability of Purview has been good. It takes a bit of time for someone to configure it, but once it is configured, it is responsive. However, there are sometimes delays due to the speed of users' devices and their home network connections. This can be especially true for mobile devices and when users are using multiple apps at the same time. Microsoft also sometimes experiences delays in processing requests, which can lead to further delays in Purview. Overall, Purview is a stable platform with good uptime and resilience.

What do I think about the scalability of the solution?

In terms of scaling Microsoft Purview, there are two main challenges: network load and data ingestion. Network load can be a problem if there are too many requests coming into the system. This can be addressed by adding more servers to handle the load. Data ingestion can also be a challenge if the company is generating a lot of data. This can be addressed by using virtual machines to store and process the data. As the amount of data grows, the number of VMs can be increased to keep up.

Our clients vary in size from 100 all the way up to 6,000.

How was the initial setup?

Each setup is different. We have thousands of workshops, configurations, and design agreements followed by a baseline to mitigate of about 30 percent which we build on top of. The deployments can take anywhere between a few hours to a few months. We need to understand each organization to ensure that they understand the type of people process that is in place. Then, depending on the technology, we need to make sure that they have access to 365. This is implemented as a baseline, and our target operating model is also needed to ensure that they have the necessary functions. This will allow me to deal with the environment. We need a team of people to manage the deployment.

What about the implementation team?

We implement the solution for our clients. Microsoft Purview is managed in a single location.

Microsoft Purview does not require any maintenance.

What was our ROI?

Our client's have seen a 100 percent return on investment. 

What's my experience with pricing, setup cost, and licensing?

The pricing depends on the client's requirements and the number of applications.

What other advice do I have?

I give Microsoft Purview an eight out of ten.

It is difficult to assess how much AI and automation affect our speed and accuracy of risk detection. This is because the effectiveness of AI and automation depends on how we train the system. There are a lot of sensitive information types that are prescribed by Microsoft. There are also a number of types that fit within another structure of sharing information. So potentially, we have a number of false positives, which means that we are relying solely on the information provided by the system. This is not something that I would push on an organization. Once we start updating the system, we need to make sure that we understand and compare the number of activities to identify and fine-tune the system. We need to do this a number of times before we can be really sure that the system knows our data. We also need to consider the AI side of things, which obviously allows for some risk. The identification of risk seems to be a matter of realizing confidence in the system's predictions.

It is difficult to assess how Microsoft Purview's AI and automation affect the quality of insights that we have. We have run this process effectively a number of times across different organizations, but this has raised some doubts. This is a bit of a shame, especially with the out-of-the-box solution from Microsoft. We are then asked to hold a number of workshops to review the results. This is because the system can operate with different accuracy levels and false positives. It is important to consider how we portray these insights and what the next steps will be. As a result, there are mixed reviews.

Currently, Purview does not enable us to view our compliance in real-time without some additional work to enable us to show compliance. This is because the visual displays rely on the time it takes to update the Microsoft SQL database, which can be delayed. We have seen cases where the displays do not reflect the actual data, and we have had to manually update the database to correct the issue. However, we can clearly see what data is due for disposition, deletion, and retention based on our policies. While it is not always easy to see this information, we have made improvements to make it easier. Overall, it is not a straightforward process, but we are working to improve it.

I recommend Microsoft Purview, but organizations should always conduct a proof of concept to ensure that their requirements can all be met before implementing the solution.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Microsoft Azure
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor. The reviewer's company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Cybersecurity Consultant at Cyberiage
Consultant
Safeguards sensitive and confidential data, but frequent updates can make navigating the UI unpredictable
Pros and Cons
  • "Microsoft Purview's primary benefit lies in safeguarding sensitive and confidential data, thereby mitigating the risk of internal data exfiltration."
  • "Frequent daily updates from Microsoft can cause interface elements like buttons to appear and disappear, making navigation unpredictable."

What is our primary use case?

We have implemented Microsoft Purview as a comprehensive DLP solution for our clients across Europe, Africa, and the Middle East to protect their data and help them classify, identify, and investigate who and how the data is being accessed.

How has it helped my organization?

Microsoft is aiming to build favorable relationships with other cloud solution providers. On our end, if we have both AWS solutions and Microsoft's cloud solution, implementing the Microsoft Purview dashboard can be a good way to collect and classify our data across both platforms. This could be a strong selling point for Microsoft to explore partnerships with AWS and other public cloud players, allowing them to combine and leverage their global development, sales, and services.

Implementing Purview's integrated compliance across Azure Dynamics 365 and Office 365 is relatively straightforward thanks to available connectors and Microsoft's improved user interface.

Microsoft Purview includes a compliance manager, which simplifies meeting various standards and regulations through integration with companies like ISO, ISCE, and other risk solutions. This feature is an add-on for E5 and E3 licenses. It allows us to create assessments that generate reports with specific recommendations for implementing and configuring ISO 27001 or other standards within our Microsoft 365 environment. This makes compliance significantly easier and, according to Microsoft, can reduce the cost of implementing such measures by approximately 40 percent compared to using other solutions for ISO compliance or other critical regulations.

Given my role as a cybersecurity consultant, I previously created a DLP policy based on the client's needs. Since then, I haven't had further contact with the client. However, I'm now working on a new project for them next year. This project involves developing and implementing a DLP solution with a focus on information protection. My responsibilities include monitoring all user activity and reporting on it in a few months. Based on my observations, there's a significant amount of activity requiring governance. This includes areas like DLP policy enforcement, USB blocking, printer control, copy prevention, file transfer via secure FTP, and external user access restrictions. Purview's data loss protection is helpful for remediating policy violations.

I'm developing a short training guide, about four pages or more, on enabling information protection labeling and related topics. Some clients have suggested automation, but I believe the best approach is to guide users through manual labeling. For instance, we could have a "Sensitive" label for data like personal information, ID numbers, passports, names, passwords, and so on. Information protection can be implemented either by defining detection rules beforehand or by using the system's automated detection capabilities. If sensitive information is detected, the system can then recommend applying the "Non-Confidential" label or whichever equivalent label we prefer.

Microsoft has developed and launched Microsoft Defender for Endpoint for Mac. This agent for macOS is the same agent used for data loss prevention in Endpoint. However, if we don't require DLP for Endpoint, we can simply synchronize our Macs with Microsoft Intune. Intune, a combination of Microsoft Entra ID and an MDM solution, is not just for mobile devices; it's a device management platform for all company devices, including PCs, Macs, mobile devices, and servers. It allows us to synchronize settings and policies across all our devices, manage software deployments, and utilize various other features. Therefore, we have two options: either synchronize our Macs with Intune or install the Microsoft Defender for Endpoint agent to implement DLP for Endpoint. DLP for Endpoint is mandatory if we need to detect and control USB devices, printers, and other data transfer peripherals.

Microsoft Purview's primary benefit lies in safeguarding sensitive and confidential data, thereby mitigating the risk of internal data exfiltration.

Purview does help our customers reduce the number of solutions they interact with. From a cybersecurity engineer and information security expert perspective, consolidating and streamlining technology can be beneficial for IT departments, especially before implementation. Currently, Security Service Edge emerges as a promising solution due to its integration with zero-trust principles and protocols. For example, instead of deploying multiple endpoint detection and response solutions, a single, antivirus-free EDR like CrowdStrike can suffice. Similarly, Microsoft's Defender for Cloud Apps, combined with XDR and other security features, offers a comprehensive solution for Security Operations Centers. My goal is to create a unified MDR solution for clients, allowing for centralized data collection and log analysis. This unified platform, ideally with one or two dashboards, would enable efficient investigation and response, minimizing investigation time and cost. Combining various tools into one interface eliminates the need to jump between dashboards, improving analyst efficiency. Why rely on multiple vendors like CrowdStrike, Proofpoint, Minetest, and MISSP when a single solution can offer comprehensive visibility and data security? Microsoft's Image Security 365, coupled with best practices and anti-phishing strategies, can significantly enhance security. Furthermore, I recommend implementing a DMZ with two firewalls, one internal and one external. This layered security approach, while requiring two vendors, provides redundancy and prevents attackers from exploiting a single firewall and gaining access to the network. However, it's important to remember that cybersecurity solutions are not one-size-fits-all. Each client and scenario requires tailored strategies based on their unique needs and context. Consistency across the industry is crucial, but it's important to acknowledge the lack of standardized approaches in the current landscape.

The Microsoft Purview dashboard is primarily a data security solution, allowing us to implement various layers to safeguard our information. While it can be used for some Endpoint Detection and Response functionalities, its full potential in this area might not be realized without proper configuration and understanding of the underlying processes.

While Purview offers real-time compliance monitoring, it's an add-on feature functioning as a compliance manager. However, due to a lack of clear communication, not all companies fully understand its capabilities. Additionally, it's important to note that while compliance and standards often relate heavily to financial and banking sectors, the scope of regulations has broadened significantly in recent years, extending beyond these specific industries.

Purview helps us stay on top of compliance because Microsoft has tried to build Purview based on the ISC framework.

What is most valuable?

No single feature stands out as the best because the most effective approach involves combining multiple features. For example, when using information protection, labeling, and classification, a multi-step process is necessary. First, we must classify our data, which requires a thorough understanding of our environment and the nature of the data itself. Once classified, we can apply labels and establish rules governing data sharing through information protection measures. The final step involves implementing and configuring a Data Loss Prevention solution. It's crucial to remember that the goal isn't to find ideal individual features; rather, it's to leverage the synergy of multiple technologies to create a comprehensive and powerful data protection strategy.

What needs improvement?

I've been working closely with Microsoft support on issues with the Microsoft Purview Information Protection scanner's on-premises services. While it's a solid tool, there's still room for improvement in my opinion. I've submitted numerous recommendations, from solutions to address specific problems to the implementation of new features like bulk scanning across multiple servers, not just individual paths. I've also encountered a high number of false positives in the classifier and made suggestions for resolving them. Microsoft support is currently reviewing my input, and we're collaborating to refine the scanner and minimize false positives. It's important to remember that this is a new technology, and like any newborn business venture, it's prone to growing pains. Errors and mistakes are inevitable along the way, but they're also valuable learning opportunities.

Frequent daily updates from Microsoft can cause interface elements like buttons to appear and disappear, making navigation unpredictable. Additionally, Microsoft also generates new licenses that require investigation to identify each new license.

For how long have I used the solution?

I have been using Microsoft Purview for one and a half years.

What do I think about the scalability of the solution?

Microsoft Purview is scalable.

How are customer service and support?

Sometimes we have a communication gap or delay but most of the time the technical support is good.

How was the initial setup?

One person can deploy Microsoft Purview.

What about the implementation team?

We implement Purview for our clients.

Which other solutions did I evaluate?

We are a Microsoft Gold Partner and are currently satisfied with our existing solutions. Therefore, we do not prioritize evaluating other vendors at this time.

What other advice do I have?

I would rate Microsoft Purview a seven out of ten. Purview is a good solution but it takes time to master.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Microsoft Azure
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor. The reviewer's company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Jonathan Bloom - PeerSpot reviewer
Solutions Architect, Data & AI at a consultancy with self employed
Real User
Top 20
Saves time and money and offers good security
Pros and Cons
  • "The product has helped us save both time and money."
  • "he one thing it doesn't do is data quality."

What is our primary use case?

As a consultant, I work with clients to sell the idea of data governance. In doing so, we do POCs, proof of concepts, and MVPs, which are minimal, viable products. 

For Microsoft Purview, most of the time, it's also associated with other products -whether it's ADS, Synapse, Key Vault, Databricks, storage accounts, Kubernetes, et cetera. 

I also worked on a project to integrate it with processing. I created a data governance accelerator combined into two products, including Synapse, and we sell that to customers.

What is most valuable?

The data catalog, the data lineage, the data glossary, and the classification are the key features I appreciate, along with the tight security, and role-based security.

There are two flavors of Purview. There's the compliance, which it does the security and all that. And then there's the Microsoft side, which is the data side. I primarily work on the data side. 

I like that Purview can connect to IOS, Mac, Android, and other SaaS apps.

Its data connector platform for supporting ingestion from non-Microsoft data sources works really well. We can use it either through a self-hosted integration runtime or on a VM. Or it can capture data from just about anywhere. There are about 100+ connectors. It's great.

Its natively integrated compliance across Azure Dynamics is a game changer. Back in the day, we never had anything like that. It provides self-service. It provides easy look-up and glossary terms. It also requires a new role called the data steward which we never had before.

It was built to take into account critical regulations from around the world. Now it's no longer something that's nice to have - it's necessary.

Purview helped to reduce the number of solutions we need to interact with each other. If you were to do this custom, it'd be very difficult. It's so easy to use and stand up and configure. There are some configuration requirements that are not self-explanatory. It takes some research; however, we already figured out all those things.

Purview affected the visibility we have into our estate. Now we have a complete ecosystem of where the data is, and it's a lineage. It's a game-changer.

I've used AI and automation in Purview. That's what the scans are. It uses AI to determine the classification. It's built-in. It's under the hood. People don't see it.

Our speed and accuracy of risk detection are good. From a compliance perspective, it helps identify sensitive information by classification. 

The product has helped us save both time and money. From a time perspective, there's an initial upfront cost to stand it up and configure it. However, once it's running, there's very little to do. So there's a one-time hit up front for the implementation in configuration, yet downstream, there's significant time reduction.

Money-wise, it's the same thing. You're only charged for when you run the scan since the storage is minimal. So there are ways to reduce cost, and that is by running it less frequently. Also, there's a whole bunch of out-of-the-box classifications that aren't required. There are ways to increase your cost reduction. Of course, that is not self-explanatory. You have to work with it for a while to know that.

What needs improvement?

The one thing it doesn't do is data quality. That's its only pitfall. The problem is people think it does. So either they're not marketing it right, or, eventually, it's on the road map, and they haven't got to that part yet.

In order to get data in and out, you have to use custom code using Python. That's an inconvenience, and almost every customer wants that feature. For example, let's say I run some scans on some data, and then that data goes away. This issue is Purview still shows it. There's no easy way to clean up your orphan data. That's a problem.

For how long have I used the solution?

I've used the solution since 2015.

What do I think about the stability of the solution?

The stability is very good. Microsoft is solid on the cloud. 

What do I think about the scalability of the solution?

The scalability is quite nice. 

They just changed their model so that you're only allowed one Purview per tenant. So you either get the free one, which is limited, or you purchase the enterprise one, which costs money. However, you only get one per tenant. That's a change they made within the last two months. You can't have three Purviews in the same tenant anymore. That change required a redesign of how people implement it. That said, they are offering it for free. 

How are customer service and support?

I've worked for Microsoft to help a client who was having difficulty. I documented it. We had a backlog where other people were experiencing the same problems. You can reach out via phone or email. 

Which solution did I use previously and why did I switch?

I did not previously use a different solution.

How was the initial setup?

I was involved with the initial setup. I also can configure it. There is quite a bit of configuration required as you need it to speak with other resources. 

The initial installation is pretty easy. It is like any install on Azure. You just enter a few parameters, and it builds it. Then, if you want to start adding resources, there's a bit of configuration. It only takes about ten minutes. However, you have to know which settings you have to add. 

Only one person is needed to deploy the solution. 

Once it is up, there is very little maintenance going forward.

What's my experience with pricing, setup cost, and licensing?

The cost is pay-as-you-go. It provides easy ramp-up and very little maintenance down the road. If you want to shut it down, you just delete it. It's easy to use, easy to configure, and the costs aren't that great. 

I could see more and more companies using this going forward if they're already in Azure, and it's so easy to set up. It's a requirement now as well since data is the lifeblood of any organization. If you have bad data or you don't know where it is, or suffer from data silos, this will solve all that.

What other advice do I have?

We're a Microsoft Gold Partner. 

I'd rate the solution nine out of ten.

Using the Microsoft unified cloud-based data governance is going to allow users to gather data across the entire ecosystem, classify it, place a glossary on top, and look at the lineage in addition to a whole bunch more. They have self-service policies and DevOps policies. Microsoft is heavily funding this tool, and it's now a requirement, not nice to have. Just about every Azure customer is going to incorporate Purview into their ecosystem, and it's going to help govern their data, which is an asset that will help companies increase sales, reduce costs, and streamline processes.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor. The reviewer's company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Buyer's Guide
Download our free Microsoft Purview Data Governance Report and get advice and tips from experienced pros sharing their opinions.
Updated: December 2024
Buyer's Guide
Download our free Microsoft Purview Data Governance Report and get advice and tips from experienced pros sharing their opinions.