Microsoft Purview Data Governance Reviews

We use Microsoft Purview to protect and govern our information.

It is important for Microsoft Purview to provide data protection across multi-cloud and multi-platform environments, including AWS and GCP. I have been a consultant for a year and a half, advising mostly European enterprise customers. All customers, from mid-sized to larger, have diverse storage solutions. Therefore, it is important for Microsoft Purview to be flexible enough to be applied to various environments, such as multi-cloud. Although the product is not yet there, it is important to many business customers.

The enterprise IT landscape is diverse, with various devices, SaaS applications, and multi-cloud solutions. Protecting and governing information is a need that spans all of these touchpoints and Microsoft Purview helps us do that.

Purview's native integration with Azure Dynamics 365 and Office 365 is essential because many organizations use these Microsoft products. This native integration is unmatched by other solutions.

Purview DataOps Protection does a great job of remediating policy violations. It has a comprehensive reporting and fine-tuning integration that allows us to track policy violations effectively. Overall, I think it does a great job of protecting data.

Purview recently improved in the area of DLP. These tips are now available across different platforms, such as Office and Outlook, and they are getting better. This is helpful in educating users about policies. 

Microsoft Purview helped us control the growth of data, reduce dark data, and better protect against the filtration of data.

Purview increased our visibility into our other Microsoft solutions.

We use AI and automation sparingly. This is not part of Purview directly, but an AI tool that helps us determine if data is redundant or has business value before we move it to Azure or Microsoft 365. We use the AI tool in a very limited way, such as trainable classifiers. We also have the option to use another product called Syntex in collaboration with Purview, but this has not been explored much.

Technically Purview can enable us to show our compliance in real-time.

Purview reduced the time it takes us to act on insider threats by almost 90 percent. Previously, many violations were not reported or took months to be reported. Now, we can act on violations almost instantly, or within days.

Microsoft Purview partially helps organizations stay on top of compliance. The platform provides a number of technical features that can be used to manage compliance, but it is up to organizations to implement these features and take the necessary steps to ensure compliance.

Microsoft Information Protection uses sensitivity labels to classify and protect sensitive information. MIP works together with Data Loss Prevention to prevent sensitive information from being leaked outside of the organization. MIP also helps to mitigate insider risk by preventing unauthorized users from accessing sensitive information.

Purview's data connectivity platform has a good set of connectors for ingesting data from non-Microsoft data sources. However, it still falls short in terms of coverage of other systems. It is mostly integrated with the Microsoft stack, but there are connectors to other systems and sources of information. Overall, Purview is not a one-stop shop for protecting company information.

I am not sure that Purview was built with compliance guidelines in mind. It does have a component called Compliance Manager, which allows us to track our adherence to different standards, such as security and privacy standards around the globe. However, this is more of an add-on. I think there is still a significant gap between the technical capabilities of Purview and the ability to drive compliance or prove compliance through its use. I think this is a major gap that Microsoft does not adequately address. Purview is not a GRC tool. It is a set of security features, labeling features, and lifecycle features that do not come close to GRC tooling in terms of functionality. Additionally, there is no strong integration with the compliance framework, either in terms of rolling it out or proving our adherence to it.

I would like to see improvements to the compliance manager, such as making it easier to start small and grow over time. This is not possible at this time.

The current event-based retention management is very poor. This is an area that needs improvement. We need to be able to more natively or near natively label content for retention and sensitivity across other lines of business systems like Workday and ServiceNow. This would allow us to extend labeling to those applications and make it native. This would be of great benefit to our clients.

Purview's DLP protection has some downsides. One downside is that the tips only appear in native applications. This means that users will not see them in other applications, such as web browsers. Another downside is that the tips only cover a subset of all the information. This means that users may still need to seek out additional information elsewhere.

The technical support has room for improvement.

I have been using Microsoft Purview for a year and a half.

Microsoft Purview is extremely stable.

Microsoft Purview is highly scalable.

The first level of support is not very knowledgeable and it is hard to get proper support because of the procedures in place.

Neutral

The initial deployment was complex, but not because of technical difficulties. The main challenge was engaging end users and getting them to adopt the new system. This was because the system required them to think about information in a new way. The deployment took around 12 months and required five to ten people working two days a week.

The implementation was completed in-house.

The return on investment is very good for what Purview offers, but it does lack some of the features that other solutions have. For example, if we're replacing something that already exists, we could do something cheaper or quicker. However, the value of this solution is in its ability to mitigate risk. If we don't have any type of classification and security in place, we're always opening ourselves up to risks. The cost of this solution is high, but the cost of not having it could be much higher. The return on investment is around 200 percent.

Some people find the tier licensing system complicated, but it offers a lot of value for money if we use the features. In fact, many clients who use the E5 licenses find that they can get a better return on investment on those licenses. Once they do, they find that the tier licensing system is very fairly priced.

I give Microsoft Purview an eight out of ten.

Time to value is quite long, especially when it impacts end users and requires new skills and knowledge. This is especially true in IT departments and on the business side. However, once the value is realized, the return on investment can be very good.

This type of solution is deployed across the entire Microsoft 365 tenant. It also has an Azure side, which is two things across that tenant as well. There is no area where it is used more or less. However, there is more interest in the areas of security and privacy. Therefore, legal, HR and IT are the most likely places to deploy this solution. Finance and merger and acquisition are also areas where people have more interest in deploying Purview. However, it is normally deployed across the entire organization.

We have around 30 clients consisting of anywhere between 20,000 and 50,000 users.

The maintenance is overseen by a full-time compliance technical person and a compliance business person.

I would advise assessing the maturity of the people and processes before using these types of tools. The technical side of things is not too complicated but we need to have the people and processes in place to classify all of our information and to ensure that our policies are being triggered. This can be a challenge for many organizations, as most have dark data, especially on structured clients. Ultimately, it is the people and the processes that make the success of these tools, not the technology itself.

We use the solution to defend endpoint workloads and prevent data loss. We also use it for governance.

One of the biggest benefits of the solution is visibility. Previously, we had a myriad of different solutions for compliance and to look at different workloads. Microsoft Purview brings all those things together in a very similar look and feel.

It also enables access management. We can provide an elevated privilege for a limited time. If the user needs privileged access, they can request it on an ad-hoc basis. We have workflows to provide access depending on different approval models. We can do all such things without elevating the risk posture.

The time to onboard is pretty short. It comes with a whole bunch of recommendations for somebody who has a small crew like me. It gives the ability to onboard the product and have a really good baseline to begin with. All I have to do is three or four clicks, and it's off and running. It is one of the greatest removers of barriers to entry. We have to be generalists, being a small shop. It's important for us to begin from a great place.

The tool's Windows PC offerings are far better compared to the granularity on the Mac side. The product must provide better integrations with OS X and iOS. There must be feature parity. The product must also provide better integrations with other ecosystems. I'd love to see Microsoft integrating with Google Workspace, at least in the EDU K-12 space. Most people in the EDU space use Google Workspace and Microsoft. Extending the capabilities of Purview would be phenomenal.

I have been using the solution for three years.

The tool is stable.

The tool is scalable.

The support must be improved. Unfortunately, a lot of times, it's a hit or miss. With the breadth of their customer base, much of it must be diverted to third-party consultants. I almost dread it when I see an email from a third-party vendor. When you're an insider, you have much better access to resources than a consultant.

We were using Barracuda DLP for email filtering and file sharing. We switched to Microsoft Purview to bring it all under one umbrella.

The initial setup was straightforward.

I have a few friends in the industry who've done this. We did a proof of concept, began small, looked at the pros and cons, and expanded it.

The product saves us time and effort. We can easily access Microsoft Exchange or Microsoft 365 and see the violations. It has easier and fewer workflows. Otherwise, we would have had to go into individual users' file systems and look for violations.

The solution is extremely affordable for the K-12 space.

We evaluated solutions for individual silos, but we did not evaluate a cohesive unit like Microsoft Purview. Microsoft is extremely affordable for the K-12 space. It was a no-brainer to onboard Purview to peer across different workloads.

Barracuda Email Security was pretty good. The problem was that it was a single solution. It doesn't extend across our data estate. Purview has a vast and rich ecosystem.

It is extremely important that Purview delivers data protection across multi-cloud environments. They currently do GCP and AWS, but not necessarily Google Workspace. I'm hoping that it'll be their next natural extension.

It is very important to us that Purview was built taking into account critical regulations from around the world. Since we work in the K-12 space, we deal with minors. It is important to protect their identity and privacy and have their well-being and the nationwide and statewide regulations at the forefront. It's very important for us to be compliant, not just from a compliance perspective, but also to protect the needs of children.

Insider risk is a big challenge. Many people want to share and communicate. There's a balance between communicating and oversharing confidential information. It's reasonable to expect a teacher to know all those nuances. A policy that can oversee and provide guardrails to users is very important. A feedback mechanism for the end user to act on would be very helpful.

We can see across different systems without too much effort. It is very important to us. Purview enables us to show our compliance in real-time. The security score helps me compare myself to other organizations. Being able to identify a gap and fill it is super helpful. As a small organization, our audits are more financial in nature.

More than time and money, the tool has increased accountability within the organization. We can have proactive conversations about data security. The product provides me with a 300% return on investment.

It is critical for us that Purview connects to iOS, Mac, and Android devices. Large organizations can have separate IT sections for different departments. As a smaller organization, our ability to support different needs across different SaaS applications and platforms through Purview is important.

The ability to peer more into heterogeneous environments is an area of growth for the solution. It is a must-have.

Overall, I rate the product a seven out of ten.

Our primary use case for Microsoft Purview Data Governance was to classify documents and ensure that people were getting the information they were supposed to. We initially adopted it internally before working with customers. We use it for both internal purposes and as a selling point.

It has helped to ensure that employees don't access content they shouldn't and has improved our organizational processes. Familiarity with Microsoft Purview also helps us sell the product.

The visibility has helped tremendously. We can see where documents are stored and the security that has been applied. It helps to see where things are from one place.

The reporting is excellent. Limiting what people can see is also valuable, especially when tagging documents. Purview's ability to connect to iOS, Mac, and Android devices is critical. This is a huge selling point because people use various devices in their companies. 

The solution's multi-cloud capabilities will be increasingly essential as we expand into AWS. We don't do a lot of GCP, but using Purview as a single point of truth is huge. 

The fact that Purview is built based on critical regulations is crucial because we deal with so many kinds of customers. We have to talk to them about what they can and can't do according to their requirements and the regulations they're under.

Auto-tagging should be available at lower levels of licensing. Right now, a high level of licensing is needed for auto-tagging, and this feature should be made available at a lower license level.

I have been using Microsoft Purview Data Governance for at least five years.

The stability is great.

Scalability is also great. We haven't encountered any issues.

I try to avoid opening tickets with Microsoft due to long response times, which is frustrating. We tend to use Microsoft documentation and Microsoft Learn instead.

Positive

Previously, we relied on permissions in Windows on file shares, but Microsoft Purview works much better.

The initial setup was pretty straightforward, but manual tagging was challenging because people needed to get used to it.

We did not use an integrator.

We don't specifically look at ROI in a traditional sense. What's crucial is keeping information secure and accessible.

The auto-tagging feature should be available at a lower licensing level.

We did not evaluate other solutions. Microsoft Purview's inclusion in licensing made it an obvious choice.

I rate Microsoft Purview Data Governance eight out of 10. It loses points because auto-tagging is only available at higher licensing levels.

We utilize Microsoft Purview to manage our data classifications, identify sensitive information in our documents for certification protection and data loss prevention, and we anticipate employing insider risk management. While we haven't yet implemented insider risk management, it is part of our strategic plan and compliance assessment.

From an access management standpoint, we have users accessing our data from various mobile devices, including Android, iOS, and iPad, as well as Windows and MacBook computers. Therefore, it is crucial to implement consistent policies and safeguards across all platforms, regardless of the operating system or device type.

We are a heavily Microsoft shop so all Microsoft platforms are important to us and Purview's natively integrated compliance is great.

It is important and useful for us that Purview was built taking into account critical regulations from around the world.

We report on all of our DLP policy violations. We have alerts set up to notify our security team to take action when violations occur.

Microsoft Purview Data Loss Prevention is an effective tool for educating users on how to best handle sensitive data. It can detect and identify various types of sensitive data, although we have observed that not all of the built-in detection mechanisms function flawlessly. Consequently, we have had to modify some of the detection modules. Additionally, certain detection rules specific to New Zealand have not performed as expected. Despite these limitations, the ability to detect sensitive data and utilize prompts to guide users in correctly classifying documents is quite valuable. We intend to expand our use of these features as we progressively deploy Purview across our organization.

We have several Mac OS users in our business, so it is important that Purview can and does extend policies regardless of the platform being used.

Since implementing Purview, the compliance assessment process has been effective. The expansion of country-specific regulations has been a crucial development. In New Zealand, we've utilized built-in privacy act laws and regulations, which have been beneficial. However, I believe the integration of the Copilot tool and advancements in AI will likely bring about continuous changes to the compliance landscape.

With Purview, we can continue using native Microsoft products for scalability, eliminating the need to rely on external vendors. This approach reduces the number of vendors in our environment.

The visibility Purview provides into our estate is useful. We have had a privacy campaign running for the last year and using Purview to essentially see where our data and sensor data are.

Purview enables us to show our compliance in real-time. We would use it to help demonstrate our compliance to regulators.

Purview enables us to save approximately 30 percent of our security team's time by providing visibility into previously obscured areas of our environment. Moreover, Purview is seamlessly integrated into our existing Microsoft licenses, eliminating any additional costs.

Purview helps us stay on top of compliance.

Data authentication enables us to classify documents based on whether they should be restricted for internal consumption or permitted for external sharing. This classification allows us to apply appropriate policies to each document type.

The DLP is also a valuable feature that we use.

The reporting is limited and has room for improvement.

Privacy features should be integrated into the core product rather than offered as optional add-ons, as privacy is not a luxury but a fundamental requirement.

I have been using Microsoft Purview for six months.

I would rate the stability of Purview a nine out of ten.

Purview can meet our scalability needs.

The technical support used to be more reliable and consistently good. Now, while it's still possible to get assistance from a knowledgeable representative, the overall quality of support has declined.

Neutral

We previously used Azure Information Protection and Symantec DLP. We switched to Microsoft Purview because of the cost savings.

Initial deployment is straightforward as we are a Microsoft shop, facilitating seamless integration with the native platform.

The deployment of Purview involved three individuals: one primary engineer and one architect. The initial deployment phase spanned six weeks, followed by an ongoing tuning process to maintain Purview's up-to-date status.

We have seen a return on investment, but it is too early to quantify the exact savings.

Purview is included in our Microsoft E5 licensing. There is no additional cost, but it does require us to maintain an E5 license to continue using Purview.

To fully justify the cost of Purview, it is important to leverage all of its capabilities.

I would rate Microsoft Purview a seven out of ten. While Purview is gradually improving, its reporting capabilities remain subpar. As we introduce additional products like Copilot and others, there will likely be a need for more robust integration plans that outline how these products will interact and the benefits they will provide.

We only use Microsoft Purview in our Microsoft 365 workload environment.

We are currently evaluating AI products like Copilot and several chatGPT-style tools for potential implementation within our organization. However, we are proceeding cautiously until we have fully implemented Purview to address our concerns regarding potential data loss associated with AI product usage. Once we are satisfied with Purview's effectiveness in mitigating these risks, we will accelerate our evaluation and adoption of AI products.

We have 5,000 users who were using Purview for the software, and we have a two-person support team. Every corporate user in our organization has a license to use the solution.

Purview requires regular maintenance because there is an ongoing need to review components like DLP rules and data classification. This ongoing maintenance ensures that the system continues to function effectively and accurately. Additionally, ongoing tuning helps to minimize false positives and false negatives, ensuring that the system accurately detects potential issues.

Ensure clear communication regarding the desired grouping of data classifications and the functioning of the data loss prevention policy. Understanding these aspects is crucial for effective product utilization. User training and communication are essential around the implementation of the data loss prevention policy as it impacts user behavior. Senior leadership should take the lead in championing this initiative, possibly as part of a broader privacy or border protection campaign. Our involvement in this process can be minimal.

Microsoft Purview helps our business identify valuable information across various data types by using machine learning and customizable tags. It then allows users to export this data with PowerShell and combine it with metadata from other Microsoft products, facilitating both data analysis and migration processes.

While I haven't used Purview's cross-platform capabilities, I'm impressed by Microsoft's integration of its various solutions, including ComplianceOne and SharePoint, which cater to large enterprises. A deep dive into the functionality confirmed this positive impression.

The ability of Microsoft Purview to connect across devices, including Macs like mine, is a major benefit. While I was surprised to find PowerShell running smoothly on Mac, Purview itself has been user-friendly and avoided the issues I've read about online. This ease of use is crucial for me.

My previous projects focused on M365, but the next step is integrating Azure Virtual Machines into our solutions. In this context, Purview's ability to natively integrate compliance across both Azure Dynamics and Office 365 is crucial for ensuring our work scales effectively.

The biggest advantage of Purview is its ability to centralize data management. This multi-platform tool integrates data assets from across the company, providing a reliable and unified way to handle data procedures. This consistency, a hallmark of Microsoft products, is valuable for many users.

Designed for our regulated environment, Purview offers a variety of features that enable us to develop compliant solutions even when limitations seem to restrict what's achievable.

Purview has helped save us time through automation.

The most valuable aspect of Purview is its PowerShell connectivity, enabling automation. The content explorer helps visualize how classifiers, including custom-sensitive information types, identify content. Purview even allows testing these custom types with a dedicated button. Overall, PowerShell governance and export capabilities significantly improve our workflow by automating tasks and simplifying data extraction.

While Microsoft Purview addresses global regulations, it lacks out-of-the-box functionality. Extensive development is needed to define sensitive information types and train rectifiers for each customer. Most importantly, Purview currently lacks multi-language support, hindering its use in multilingual environments. Since communication compliance is the only exception, future updates should include sensitive information types and keywords in major languages, especially those relevant to the European Union. This would require customization efforts to create equivalents for these information types and keywords in other languages.

The rapid pace of feature changes in Purview, including marketing shifts, retirements, merges, and splits, creates challenges. Documentation struggles to keep up, leaving users behind. Further compounding this issue is the inconsistency of PowerShell modules. While some, like the SAP exporter, function well, others, like the trainable classifier's missing fetch module, significantly limit the usability of a potentially valuable feature. This lack of polish hinders automation efforts and makes data governance assessments more difficult.

Setting up Purview in a production tenant proved challenging due to a lack of clear documentation on permission requirements. While Purview offers role-based access with custom role creation, there's no built-in explanation of each role's function and associated permissions. Microsoft Learn documentation wasn't helpful either. Ideally, Purview should provide in-context information about each role within the portal, eliminating the need for cryptic names and extensive external research.

I have been using Microsoft Purview for under one year.

Microsoft Purview seems to be functioning, but there's a lack of clarity on how it analyzes data. The content explorer shows inconsistencies, with Microsoft acknowledging that the actual document count might differ from what's displayed. This suggests limitations in the current setup. While improvement is desirable, it's still a usable tool.

I submitted a support request in the test tenant, possibly specific to that environment. However, the Purview quality was lacking. Automatic replies didn't address my question, which seemed misplaced within the chosen topic. It felt like I contacted the wrong department. Instead of offering real support, they suggested I write a public blog post seeking help online. This was essentially non-existent support, potentially due to limited resources for test tenant users. It's unclear if this reflects the quality of support for the expensive enterprise licenses.

While deploying Purview itself was easy for me after I had spent significant time getting a Microsoft certification, onboarding junior colleagues who haven't had that preparation is proving more challenging. Despite their initial confusion, the overall structure and features of Purview seem well-organized and at least decent.

While a single person could deploy Purview in this instance because it's a test tenant, it's important to clarify that this ease of deployment applies only to the test environment and wouldn't be representative of the process for a production tenant.

The implementation was completed in-house.

Microsoft Purview is a subscription-based service, so we need either an E3 or E5 license to use it. The specific features we have access to within Purview depend on which of these licenses we have.

I would rate Microsoft Purview eight out of ten.

To choose the best Purview subscription for your needs, I recommend using a test tenant to explore Purview's features and value proposition. This will help you identify the most critical functionalities and choose the subscription that best aligns with your business requirements.

We use Purview for data cataloging and to build the DME (Data Management Environment) for enterprise data. We also use it to understand the insights of how data is flowing across systems, from ERP systems to our data warehouse and the installation layer. This helps us to look at data classifications and where exactly sensor data is being used. It gives us a bird-eye view. 

There are two primary use cases. One is to build the data catalog for our enterprise data, and the other one is to build the lineage. These serve to provide a clearer understanding of the data aspect.

There are two things: I'm more specific about data for Purview. There are two types of tools in Purview, but I have exclusively used data Purview. Purview is basically the one for data governance, and there is for enterprise-level security. I am more involved in the data governance aspect.

Purview has helped to reduce the number of solutions we need to interact with each other. That's the best thing with Purview: we can have a lot of options to get a view to identifying data that not only helps directly have access, but we can still have access to the data catalog and have a view of all the data access across the system. 

We can also look at certified assets. I'll also look at ratings and tags so that we can find the right valuable data or trusted data that we can go for without anyone's help here. Based on the feedback, even from a few of the data supports or the experts, that would definitely help because it stops building the dependency with a specific person, and we can contribute once in the data catalog, and we could use those extensively across the org.

There are multiple aspects that it helps. It's not specific to security, it's not specific to what we call data classification. Another thing is we can have visibility across not specific to one area. We can explore all on-prem systems, cloud, multi-cloud platforms, and data in our data lake, SQL database, and Power BI. We have visibility of everything. We don't need access to the actual sources, but we can have just a view of our enterprise data, which is definitely the best thing I can say in terms of visibility. For example, if any chief data officers want to look at the enterprise data or the data estate completely, it would definitely help a lot in looking at what data is in-house and sensitivity where exactly the sensitivity data is being placed. That's the best thing I can say in terms of giving visibility to data officers and data storage.

There are a few audits we had. We used to track all the sensitive information, and in most cases, I can select Excel or any spreadsheets we have. Purview would help us with a single scan of our data sets, giving me the availability of where exactly the sensitive information is by just adding data classifications at one time. 

Purview has defaulted a lot of our classes already enrolled, but on top of it, we can tweak it based on our custom needs. Then, scan data and get insights, which will definitely be a better way of doing data governance because if we want to perform any audit, it takes a lot of time. But with Purview, once we define our requirement and then scan it, we'll have the data before any audits that we want to perform. It's definitely helpful, especially in terms of data audits. 

Purview will give us the classification of where data sits and then show us how it is being curated, how it is being stored across systems, who the end users are, and how it is being used. It definitely helps a lot in terms of complaints and staying on top of compliance. The important thing to say is that we can predefine and use it and have it ready to use. That's important. It scans the data frequently, so we get the insights updated frequently.

The most valuable features are lineage, data cataloging, glossaries, and the new access delegation feature. This feature will make it quicker to delegate access to all the data with a single request button.

On Azure, it's definitely important that Purview delivers data protection across multi-platform environments. It gives us complete visibility of where our security data resides and what types of data we have. 

This is useful because we store data across multiple platforms, including databases, storage, spreadsheets, Excel, CSS, and caching. Purview helps us to see where exactly our data is stored across the system, especially in Azure. This is a great advantage because it helps us to feel more secure when moving our data to the cloud.

Moreover, Purview's data connector platform is getting valid day-to-day. It has connectivity to major cloud platforms, like GCP and AWS, and also it has a couple of areas. So it supports multi-platform and a couple of on-premise systems. It also connects a few of the heterogeneous databases.

It gives us insights. There are two aspects of it—one is about data governance and one is about security. Since I'm part of data governance, it does not deal much with threats because that's a different tool that will give us more insights about the threats. But in terms of data threats, I'll have visibility on who and how to stop it.

As we are looking at Purview as an enterprise-level tool, there are two areas where I still see that there is something that can be improved.

One is about disaster recovery. Purview has not matured in the way of building the tool without having disaster recovery. We don't have disaster recovery or high availability. If anything goes wrong, like, there are any changes happening, and I want to roll back, there is no way that I can roll back in the existing system.

For example, I have a data source in which one of the users has dropped or deleted the data unknowingly or accidentally. In that case, there is no way to roll back those changes. That's one place where Purview can improve it.  

I have been using this solution for a year. 

I have never experienced a crashing issue so far but lagging happens. It depends on our network traffic from where we are using it. 

Our overall experience is good. I have never seen any issues with Purview.

As it's consumption-based, it's easily scalable because Microsoft takes care of it, and I don't need to look at any hyperscaler for this.

We are good with the scalability but, the cost factor is involved here. Once you scale up, the cost is higher, so we have to be more cautious about it.

The customer service and support are good. The support team was quite helpful in many of cases. For example, when I want to contact any person, like a Microsoft client partner, they help me with one of the requirements, and we had some workshops and a few guidelines given to us. That was very helpful for us. 

Since Purview is a new product, it has multiple features being adopted.

Positive

It was more of manual work that we used to do, like doing the audit and building the data catalogs.

Since we are a Microsoft shop, that's one reason why we are going with Purview. We have other tools like Collibra, but that will be costly and may not. It requires a lot of effort compared to Purview to implement. That's the reason we chose Purview.

The initial setup was straightforward, with minimal dependency on the administrators.

We didn't get help from the integrator, reseller, or consultant.

Purview helped to save time and money. If we are looking for an enterprise-level solution, Purview would be the best tool. 

We have invested around $22k per month. But we have to work more on showing a return on investment because I see only a few users using this because data lineage is one area we are focusing more on, but still, there are a lot of issues in getting it. Down the line, I can say this is going to give us a return on investment but we are not there. Right now, we are trusting that we will get that soon.

Since it's more consumption-based, the pricing looks good, but we should have a few options to limit Purview. 

In terms of usage or size and limit the price. Right now, we don't have control over it because it depends on the volume of data IT stores and the number of users being used concurrently. So those are a few areas we don't have control over because it's completely on the consumption base now.

Overall, I would rate the solution a seven out of ten.  

We use the platform to comply with regulations, and our specific use cases are information protection, information governance, data loss prevention, and insider risk mitigation.

The information protection and data loss prevention functions help our end users be fully aware of the sensitivity of certain information. From a management and CISO perspective, they have insight into where sensitive data is stored and whether we are required by law to delete it after a certain period. That's an invaluable overview of the situation, so our users are more aware, and Purview took our information governance to the next level. It also supports our certifications because it helps us comply with regulations, including ISO/IEC 27001, which are essential to our functioning.

The solution increased visibility into our estate; we had a problem with GDPR-related personal information stored in our environment, which we didn't have any insight into. When we used some of Purview's data governance, data lifecycle management, and content search features, we could rapidly go after that information and resolve compliance issues. The tool also provides management with much better oversight of our stored data.  

Purview enables us to show our compliance in real-time and supports it via the compliance manager and compliance score. The assessment templates within the latter allow us to provide an overview of what we have done within the Microsoft 365 and Dynamics environments to our auditors, which is very handy. We're an ISO-certified company, amongst others. In meetings with compliance regulators, we can show that we're using information protection, DLP, data governance, and data lifecycle management functions to comply with regulations fully. The solution dramatically speeds up the process of talking with external auditors. 

Purview saves us time and money. We're an information-intensive organization; seeing where our sensitive information is stored is a significant time-saver. In addition, showing we're safeguarding that data also saves us a great deal of time. From an efficiency standpoint, AI and auto-classification of information is another big time-saver, as the staff members working for our clients don't want to spend time considering how long data needs to be stored, whether it should be archived, how sensitive it is and so on. I can't quantify exactly how much, but all of the above reasons save us a significant amount of time and money.

The data classification part of the solution is excellent, especially as it gives us an insight into our sensitive data within Microsoft 365. 

Data loss prevention is an extremely useful feature. 

The built-in information protection function is another that stands out. 

Purview delivering data protection across multi-cloud and multi-platform environments, including AWS and GCP, is becoming increasingly important. It's a relatively new functionality, and I see the importance of it growing even more over the coming years. This kind of functionality is highly appreciated for organizations operating a multi-cloud environment. 

It's very important to us that Purview can connect to iOS, Mac, and Android devices and data in other SaaS apps. From information protection and data loss prevention perspectives, information is accessed using many different devices, and extending that protection to iOS and Android is a must-have for any platform.   

The product's natively integrated compliance across Azure, Dynamics 365, and Office 365 is essential. The ability to classify information across workloads, and have a holistic view over our entire data estate where sensitive information is stored and handled, is excellent, especially from a CISO perspective. This is a capability we didn't previously have. Having that overview of where data is stored, plus the multi-platform/multi-cloud approach is the future for data classification and information protection. Wherever our data is stored, we have an overview of which is sensitive and which isn't. 

I greatly appreciate that Purview was built considering critical regulations worldwide, especially the international standards within the compliance manager. There are ISO and NIST standards, ideal for larger countries such as the USA and extensive international organizations.  

We use Purview for data loss prevention (DLP), and we're confident that we can detect and remediate policy violations. Microsoft improved its solution with recent additions, including advanced conditions, and the product is coming of age. The DLP is reaching a maturity level where we can confidently compare it with competitors like Symantec. It goes beyond DLP on emails, documents, on-premise, and endpoints; governmental organizations especially need to detect if sensitive information is being handled on devices. In this respect, Purview offers comprehensive protection.  

Used correctly, Purview is essential in staying on top of compliance. One of the best features in this regard is the solution's compliance manager, which helps us effectively comply with all the regulations. Many organizations should start using the platform because it will keep them on top of their compliance stances, and Microsoft periodically updates the assessments. We must be aware of updates and changes, as we can miss them if we do not pay attention. We can't just run the solution, walk away, and think we're compliant; it requires some monitoring of the developments from a roadmap perspective.   

Microsoft is doing an excellent job improving the platform, and they have a lot coming out shortly. However, the licensing around compliance could be much more transparent; it isn't clear for many organizations what kind of license they need to use, whether that's E5, E5 compliance, an information protection license, user-based, or platform-based. More information here would be a welcome improvement.

Blueprints and landing zones like we have in Azure would be great to see in Purview. The solution could offer a baseline or blueprint of recommended settings for compliance regulations such as GDPR and ISO, which could be applied with a simple switch in the options. 

Some dashboard centralization, like one overview dashboard instead of many loosely connected ones, could be a good improvement.

We must build our own assessments to comply with Dutch regulations, a mix of international and EU standards, as they aren't native to the solution. Many of our clients in the Netherlands require adherence to Dutch regulations, and as well as Purview covers the international aspect, the Dutch side is covered less than we would like.

There's room for improvement regarding Purview's data loss prevention for educating users on how best to handle sensitive data. Microsoft is working on improving the policy tips. Still, from a user's perspective, I want to see more information in the case of a policy violation, such as context or details on why a specific rule is triggered. There are ways to tweak the DLP options, but a significant improvement would be real-time notifications when working on an email or message within Teams, for example. DLP is only triggered when sending or saving, so real-time notifications would be great. The basic functionality is there, but there's room for improvement. 

We've been using Purview for around a year since Microsoft changed the name, but we've used the functionality within Purview for five to ten years.

We haven't had much experience with customer support as we didn't encounter many problems. However, the response is usually rapid, and the expertise depends on the technical knowledge of the agent we speak to.

Neutral

We didn't use different solutions, but some of our clients did and still do, mostly DLP and data classification platforms. The trend is that more have been moving to Purview because many are already paying for it within their licenses and not using it. We're an IT company focusing on Microsoft technology, so we went straight for Purview.

My colleague carried out the initial setup, and I'm primarily involved in deploying the solution's functions to our clients. Setup requires some planning, a discussion with the stakeholders, and a good sense of the data, but it's mostly very straightforward from an admin's perspective.

Our use case is mainly to do with GDPR-related data, and being able to get an overview of that information and act on it led to a speedy return on investment for us. Other organizations in the Netherlands bound by specific government regulations will also see a quick return on their investment when they discover they can classify their information and comply with regulations.

Aside from the complexity of the pricing model, the price itself is realistic. Features like AI components and automatic classification require additional licenses. Still, anyone can start using Purview with a basic E3 license if they're using Microsoft 365 and grow with additional licenses as needed. Overall, we're satisfied with the price.

With the way information is being used and the growth of data, the need for additional licenses for auto-classification etc., will become more and more apparent. I wouldn't be surprised if Microsoft incorporated those into the basic license in the future.

I rate the solution eight out of ten. 

Regarding Purview's data connector platform for supporting ingestion from non-Microsoft data sources, I have yet to work with it much. In highly regulated environments such as government organizations, it's very relevant, but I have yet to see it used much. The main reason is that the data connector platform is a relatively unknown component within the solution. It has its merits, but the use cases are limited.

If this were a year ago, I would have said the solution is getting there but hasn't reached maturity. However, Purview is now a very comprehensive solution; with all the enhancements, it's one of the best products available.

As Purview reached a maturity level where it could compete with third-party DLP solutions, some of our clients were able to move away from specific endpoint DLP products like Symantec DLP. Going with Purview also allowed these clients to fully leverage their existing licenses within Microsoft 365 and simplify their data governance. It provides a holistic view of the data estate, enables Defender for Cloud in Azure, and offers an integrated overview in one pane of glass.

Regarding automation, we use some limited functions using the solution's trainable classifiers and auto-classification of information. This notifies the user when working with certain kinds of sensitive data, GDPR and otherwise, so we use some basic AI functions within the platform.  

We're not currently using the product for insider risk management. Still, we are in the process of looking into implementing those features and how we could leverage them within our environment.

We migrated everything to the Azure cloud. Microsoft Purview was coming up at the time, and we also started looking into their other products such as Microsoft Power Platform, particularly Power BI. We wanted to see how these particular tools can go head to head and how they would be useful. This is when we started with Microsoft Purview. The POC itself took more than a year because it was not easy. The tool was growing. It took a long time to get their product support help to fix some of the issues and features. 

In the last year, we started using it for a few things. One is mainly data protection. We mainly targeted the scenarios where when someone is sending a document in an email or labeling a document as confidential, what the person receiving the document can do. 

We are trying to cover Microsoft 365-related products. We are trying to use it for the data discovery process. That is the end goal. Across the organization, we want people to be able to find the data easily. There is a kind of data marketplace, and we started to use it for data discovery.

Data discovery is one of the beautiful things of Microsoft Purview. We mostly have Microsoft products, so it has been helpful, but we are continuously growing. We are still in the learning stage with this product. We are trying to onboard only a small amount of data, and then we will see how we can curate the data so that it is meaningful. Slowly, and probably after a year, we will come to know how efficiently we are using Microsoft Purview as a part of the data discovery phase.

Microsoft Purview is a cloud-native app. So far, we have only used it with Windows with Chrome or Edge browser, and it works seamlessly. It is not a problem. We have not used it with other OSs, but it should work with them.

Microsoft Purview was built taking into account critical regulations from around the world. Data classification is one of the beautiful features. It works seamlessly.

Microsoft Purview's natively integrated compliance across Azure, Dynamics 365, and Office 365 is perfect.

Microsoft Purview enables you to show your compliance in real time. There is the Insights dashboard, which is particularly for security officers. They can always go and have a look. If there are any compliance issues with the portal, they can always go and check anytime.

Microsoft Purview has helped to reduce the time to action on insider threats, but I do not have the metrics. We are in the discovery phase. After a year, we should be able to provide exact metrics. As of now, we just look into the issue and take action. It is helping to reduce the errors. In terms of percentage, there are about 20% savings.

Microsoft Purview will save us time and overall product delivery costs. Product data discovery should be easy, which will reduce the overall product delivery time. This is something that we are working on. There should be at least 10% savings on the project delivery time.

There are several features. Their data labeling or data classification is particularly valuable because we want to categorize all of our data into confidential, public, or internal. Microsoft Purview works seamlessly with the Microsoft product suite, including Office 365, to schematize the data assets, so data labeling and classification have been helpful.

Microsoft Purview can connect with all of our security-related things across Office 365. It easily connects with Microsoft Defender. The integration with Microsoft Defender is good.

It works well for schematized data assets for lineage tracking. Overall, it works well if someone is using mostly Microsoft products.

It is still growing. It does not meet all the requirements from the security point of view. It supports only a limited number of tools and technologies that pertain to Microsoft products. If you want to leverage other solutions such as Workday or Oracle Fusion, features will be coming up, but as of now, it is for the Microsoft suite. 

It is still growing as a data connector platform for supporting ingestion from non-Microsoft data sources, so not all the products are supported as of now. 

As a data catalog tool, it needs to have a connection with all the sources. This improvement is definitely needed because they are supporting only Microsoft-related products but not third-party products.

We started to explore Microsoft Purview when they launched it. It was the end of 2021.

It is a stable product, and continuous improvements are always coming in. After a year, it probably will be a complete tool for all sorts of uses. I would rate it an eight out of ten for stability.

It is unlimited. I would rate it a ten out of ten in terms of scalability.

We currently have 10 to 20 people using the tool. It is deployed as part of information technology from the IT management, and we try to circulate it by onboarding various sets of users from various departments.

Last week, I raised an issue with technical support. It issue was a priority for us. Within a couple of hours, they got back. They were efficient with this particular product. I would rate them a nine out of ten.

Positive

We used some of the manual processes. We built a data catalog using Vast data services.

It is deployed on the cloud. The deployment time is much less, but because it is a data cataloging tool, curating the data takes time. Spinning of the environment and starting it can be done in a couple of hours.

It definitely requires maintenance from the data security and data scanning point of view.

We have a data governance team. 

It is cheap. It is based on consumption. If somebody wants to start using it, the price is definitely cheaper than a tool like Collibra.

I would definitely recommend Microsoft Purview. However, it is not good for data quality. If you are not looking for data quality and you only want a complete security and data cataloging tool, it is perfect.

It is still maturing. At this time, I would rate Microsoft Purview a six out of ten.