Microsoft Purview Data Governance Reviews

We utilize Microsoft Purview to manage our data classifications, identify sensitive information in our documents for certification protection and data loss prevention, and we anticipate employing insider risk management. While we haven't yet implemented insider risk management, it is part of our strategic plan and compliance assessment.

From an access management standpoint, we have users accessing our data from various mobile devices, including Android, iOS, and iPad, as well as Windows and MacBook computers. Therefore, it is crucial to implement consistent policies and safeguards across all platforms, regardless of the operating system or device type.

We are a heavily Microsoft shop so all Microsoft platforms are important to us and Purview's natively integrated compliance is great.

It is important and useful for us that Purview was built taking into account critical regulations from around the world.

We report on all of our DLP policy violations. We have alerts set up to notify our security team to take action when violations occur.

Microsoft Purview Data Loss Prevention is an effective tool for educating users on how to best handle sensitive data. It can detect and identify various types of sensitive data, although we have observed that not all of the built-in detection mechanisms function flawlessly. Consequently, we have had to modify some of the detection modules. Additionally, certain detection rules specific to New Zealand have not performed as expected. Despite these limitations, the ability to detect sensitive data and utilize prompts to guide users in correctly classifying documents is quite valuable. We intend to expand our use of these features as we progressively deploy Purview across our organization.

We have several Mac OS users in our business, so it is important that Purview can and does extend policies regardless of the platform being used.

Since implementing Purview, the compliance assessment process has been effective. The expansion of country-specific regulations has been a crucial development. In New Zealand, we've utilized built-in privacy act laws and regulations, which have been beneficial. However, I believe the integration of the Copilot tool and advancements in AI will likely bring about continuous changes to the compliance landscape.

With Purview, we can continue using native Microsoft products for scalability, eliminating the need to rely on external vendors. This approach reduces the number of vendors in our environment.

The visibility Purview provides into our estate is useful. We have had a privacy campaign running for the last year and using Purview to essentially see where our data and sensor data are.

Purview enables us to show our compliance in real-time. We would use it to help demonstrate our compliance to regulators.

Purview enables us to save approximately 30 percent of our security team's time by providing visibility into previously obscured areas of our environment. Moreover, Purview is seamlessly integrated into our existing Microsoft licenses, eliminating any additional costs.

Purview helps us stay on top of compliance.

Data authentication enables us to classify documents based on whether they should be restricted for internal consumption or permitted for external sharing. This classification allows us to apply appropriate policies to each document type.

The DLP is also a valuable feature that we use.

The reporting is limited and has room for improvement.

Privacy features should be integrated into the core product rather than offered as optional add-ons, as privacy is not a luxury but a fundamental requirement.

I have been using Microsoft Purview for six months.

I would rate the stability of Purview a nine out of ten.

Purview can meet our scalability needs.

The technical support used to be more reliable and consistently good. Now, while it's still possible to get assistance from a knowledgeable representative, the overall quality of support has declined.

Neutral

We previously used Azure Information Protection and Symantec DLP. We switched to Microsoft Purview because of the cost savings.

Initial deployment is straightforward as we are a Microsoft shop, facilitating seamless integration with the native platform.

The deployment of Purview involved three individuals: one primary engineer and one architect. The initial deployment phase spanned six weeks, followed by an ongoing tuning process to maintain Purview's up-to-date status.

We have seen a return on investment, but it is too early to quantify the exact savings.

Purview is included in our Microsoft E5 licensing. There is no additional cost, but it does require us to maintain an E5 license to continue using Purview.

To fully justify the cost of Purview, it is important to leverage all of its capabilities.

I would rate Microsoft Purview a seven out of ten. While Purview is gradually improving, its reporting capabilities remain subpar. As we introduce additional products like Copilot and others, there will likely be a need for more robust integration plans that outline how these products will interact and the benefits they will provide.

We only use Microsoft Purview in our Microsoft 365 workload environment.

We are currently evaluating AI products like Copilot and several chatGPT-style tools for potential implementation within our organization. However, we are proceeding cautiously until we have fully implemented Purview to address our concerns regarding potential data loss associated with AI product usage. Once we are satisfied with Purview's effectiveness in mitigating these risks, we will accelerate our evaluation and adoption of AI products.

We have 5,000 users who were using Purview for the software, and we have a two-person support team. Every corporate user in our organization has a license to use the solution.

Purview requires regular maintenance because there is an ongoing need to review components like DLP rules and data classification. This ongoing maintenance ensures that the system continues to function effectively and accurately. Additionally, ongoing tuning helps to minimize false positives and false negatives, ensuring that the system accurately detects potential issues.

Ensure clear communication regarding the desired grouping of data classifications and the functioning of the data loss prevention policy. Understanding these aspects is crucial for effective product utilization. User training and communication are essential around the implementation of the data loss prevention policy as it impacts user behavior. Senior leadership should take the lead in championing this initiative, possibly as part of a broader privacy or border protection campaign. Our involvement in this process can be minimal.

Data loss prevention is a significant use case for us. I'm not on the security team, so I don't know exactly what kicked it off, but I believe we wanted Purview for the DLP capabilities first, and that led to us taking advantage of the other aspects of the solution. We have Azure, Purview, Defender, and all of the other Microsoft products. We're trying to leverage and use all of them. 

We have Intune for deployments and things like that. We're rolling out the zero-trust model right now. We use Jamf to manage our Macs because I'm not knowledgeable enough to Intune correctly, and it doesn't have the functionality that Jamf does. We can move over to Intune or whatever. So I think they're definitely trying to push me that way.

I don't know if I've gotten much value out of Purview personally, but our security team loves it. Our biggest concern is leakage or theft of our data because we have a lot of PII and stuff that has not been released. We like the insights Purview provides and the way the solution can track and manage things. I'd say that was probably their favorite piece of it so far. From everything the security team has told me, the policy management and DLP features are working spectacularly.

We have had some issues automating our document management with Power Apps. I haven't been super-disappointed with anything except for Power Apps, which kinda drives me nuts. I think it's because I am a coder who can do things properly, and I keep trying to do things there, but it's not working out the way. The security team is pretty quick. I'm kind of a thorn in their side. I always try to get around stuff. They haven't come to me for anything saying, "Hey, I can't find this information." They're pretty good. Maybe, there's a lack of documentation, but that doesn't seem to be an issue for our team. 

Another thing involves SharePoint. We have everything in SharePoint up on the cloud, and we want to ensure it's secure, so we have blocked all external access. You need to have one of our devices and our codes. But the C suite wasn't pleased because it was accessible externally for a while. And we have a penetration company that does testing. They were able to harass one of our users enough that they finally clicked the button that says "Approve this Login," so it just takes one time. 

They find red flags everywhere in organizations. The gut reaction was to cut off external access for now and figure out what we can do down the road after that, but this is a stopgap measure. However, the C suite told us that it wasn't good enough, but there was no way somebody outside could access our systems. You need to be on a trusted IP or our VPN. We have conditional access configured.  

We hired an actual outside consultant company to come in And I've been working with them for close to a year now. We're trying to leverage Purview and Power Apps to automate our document management. We have a ticket open with Microsoft because that's one more thing we're struggling with. It's supposed to go through and look for any PII data, like Social Security numbers, etc. We also have really low retention policies. For example, our emails are retained for only six months maximum. Team conversations are saved for two days. They're they're brutal. Legal discovery can be expensive, so they want to make sure we don't have anything to discover. 

I'm wondering if Purview can do some of the things that we're struggling with, and we're tripping over ourselves because the other thing we did was configure it so you have to be in a special group to even access those files. I might be wrong, but I'm pretty sure that Purview Information Protection has a labeling component. Still, I don't know how much it organizes labeled documents, and I think it also includes labeling after detecting user behavior that the system tracks.  They talked about something similar in one of the keynotes I recently listened to. I'm like, "Why are we not doing that?"  I'm looking at how we're just beating our heads against the wall. Even if we get this in place, it would still be very challenging. 

We like this In terms of usability and security. It will be difficult for our teams to do their jobs with all this other garbage in place. At this point, we've got it almost always set up, but it isn't working the way we need it to on the Power Apps side of things. 

And we've got a ticket open with the Power Apps team to figure out why it isn't working because it's supposed to be on a scheduled thing, but we've let it sit for weeks at a time, and nothing ever happens. It doesn't run. And there's no way to monitor. We don't know if it's doing anything, or we can look at our files to make sure that could be improved. 

We started using Purview in the last six months.

We are a new company. We broke off from a much larger organization three years ago, but we had about 3,000 people in the last organization, and we're down to 300. Before Purview, I don't think we had anything for DLP because there was so much to do. It was all hands on deck for about a year and a half where we were just trying to get that stuff done.

We have dev and production environments in AWS, and we're using native AWS tools to monitor the applications over there. I don't know how effective they are compared to Purview. We outsourced all of that to another company. The guy who owns it used to work with us.

I am not involved in purchasing. My company is willing to throw as much money as needed to be as secure as possible. Security is our priority, so we'd probably pay for it even if it was pretty expensive.

I rate Microsoft Purview eight out of 10. 

To ensure compliance with numerous regulations for our data governance initiative, we employ Microsoft Purview for data classification.

In our specific case, we only have on-premises servers and the same Microsoft cloud platform, Azure. I have not used Microsoft Purview with any other cloud providers like AWS or anything like that. However, it appears that Purview can be used to protect data across multiple clouds and platforms.

In the future, it could be important for us that Purview can connect to iOS, Mac, and Android devices. We will be onboarding data that requires updating some of the tables, descriptions, and other aspects. In that case, it would be beneficial for users to be able to access it from different devices. However, in my case and for the people in IT, we will always be using computers.

Microsoft Purview's native integration with Azure Dynamics and Office compliance is good. We have utilized it with Synapse Analytics and Data Factory, both Microsoft products. The integration is seamless and efficient. However, in the context of Synapse Analytics, its value proposition is less evident. While it is a nice feature, I cannot fully grasp its significance.

It is crucial that Purview was built with consideration for critical regulations from around the world. This is an integral part of the classification rules and it simplifies our work. However, I haven't seen specific references to regulations such as GDPR or PII. There are numerous laws in different states, as well as preferences here in Canada, but I haven't come across specific examples. Nevertheless, the classifications encompass a wide range of government information, sensitive data like financial information, and personal information based on various formats that we can even adjust or create our own. So, it's a positive aspect.

Purview has assisted us in creating an updated catalog that is more realistic. It has also enabled us to quickly classify our data. Additionally, we aim to enrich the data catalog with more metadata, both now and in the future. While this process is primarily manual, we are exploring ways to involve business users to streamline it.

It has improved the visibility into our estate.

Purview allows us to demonstrate our compliance on a near real-time basis. While executing a single scan will provide updated information, it doesn't provide true real-time visibility. To achieve the closest to real-time compliance monitoring, we can execute data extraction processes every four hours.

We have saved around 40 hours per month on some of our projects, which also leads to cost savings.

The ability to classify data quickly and effortlessly is arguably Microsoft Purview's most valuable feature. It can scan all tables and columns, identifying those that contain personal names, date builds, or other sensitive information.

I am interested in exploring the process of data scanning to identify data lines that do not contain stored procedures. This would allow us to detect potential black boxes within our data, where we are unable to trace the flow of information and identify all instances of stored procedures. Additionally, we would like to expand the reporting capabilities beyond Power BI to encompass other visualization tools such as Tableau, Looker, and others.

Reflecting organizational changes within Purview is impractical. Any such changes necessitate discarding existing data and starting anew, which increases both the cost and time required for maintenance. Therefore, I believe that enhancing Purview's maintainability is crucial.

I have been using Microsoft Purview for one year.

I would rate the stability of Purview a nine out of ten.

Purview is easily scalable in the cloud.

The technical support team was readily available for a Zoom call and was able to view my screen and provide assistance. The only downside was that I ultimately resolved the issue myself, which suggests that the local Microsoft support may not be as knowledgeable.

Positive

I have used other solutions other than Purview but it doesn't encompass the entire data management lifecycle. For example, Tableau has a data management suite, but it's primarily focused on analyzing reports, enforcing visualization governance, and managing data within Tableau itself. It doesn't extend to data sources or beyond that. Other data management tools in development offer similar functionality, but they may not have specific classifications for personal information.

The initial deployment was straightforward. The cloud administrator handled the subscription and all the necessary paperwork, while I proceeded with the setup.

The price is reasonable considering its value.

I would rate Microsoft Purview nine out of ten. Purview is a good product but still has some areas to improve.

Thus far, we haven't had any comprehensive maintenance for Purview. While there is maintenance required for scanning new servers, that's essentially the extent of our maintenance efforts. We may need to make significant changes to Purview's structure to enhance its usability. Purview's current structure resembles that of an organizational department. For instance, if a marketing application is mistakenly scanned under HR, I cannot simply move it to the correct location. Instead, I must discard all existing data and start from scratch.

I was working for a nonprofit here in Kansas called Children International. I was a global data engineering manager, and I was tasked specifically with developing a data governance program. And at the same time, that's right when Purview came out. So I spent a year in that realm. I've been very plugged into Purview ever since.

The main use is data governance. Now, not every firm is necessarily at that maturity level when it comes to understanding data as an asset. So, a lot of companies can use it just as a data dictionary, a business glossary, which is nice, but it doesn't give the entire picture of what Purview can actually do, and so, actually, there were a dozen of implementations of Purview that I have been a part of in the past. I've led as a consultant and an architect. I'd say maybe I have used twenty-five percent of every feature that it has to offer. I am still kind of catching up with the rest of the features.

Microsoft Purview breaks down barriers to sharing information, accessing data, understanding what a piece of data means, how it is defined, how it's interpreted, and then how the end user uses it. So, with Purview, when it's best used, and it is at its best when the end users are the ones that are very involved because they're the ones who are going to be using it. Its users can see the support, and it grows year over year, you know, a kind of revenue measure. I don't know how exactly this is created. Also, I don't know what fields it uses. I don't know exactly what this means. We have a different department in the company that may need this. So they feel the need to go out and then hop to Purview. So it definitely knocks down a lot of barriers. It eliminates a lot of needless communication between different departments, and it just centralizes all information about an organization's data assets.

Speaking of the valuable features, I would speak on behalf of my clients, considering how it seemed when it was implemented. So, the sensitivity labels are big. The insights are also very nice as it gives the visual representation of being able to look at what or how the data storage is performing, especially monitoring if they are tagging technical assets or if they are adding business glossary terms. So, that's big, along with the basic features of Microsoft Purview. I'd say the last one that is very big with most clients is data lineage and being able to integrate that end-to-end flow component kind of so they can see that this is data from a Power BI dataset, and then they can follow where that dataset is coming from like it's from a SQL query in a Power BI report itself and data coming from a SQL Server, etcetera, etcetera.

The out-of-the-box connectors and being able to connect to third-party apps and data storage were some of the areas where they started off strong, but that's something that I think needs to continuously be at the forefront of the developers and the engineers for Purview to make sure that it is constantly up to date and can talk with any data source that it may need within a data state. So I would say that's not necessarily a con, but it's a possible weak point that could be strengthened.

I've been implementing Microsoft Purview with my clients for three and a half years. I'm a consultant for a Microsoft partner.

I think Purview, in terms of its stability, a lot of people think Purview itself is for data governance. Whereas data governance is something that is more like how we now view, let's say, Toyota six sigma or Agile, where it's kind of embedded in an organization and kind of culturally and throughout the work that's being done, it's kind of embedded in the network. I think Purview is kind of the same way. So, data governance operates in the same way. It first needs to be adopted and agreed upon by those that will be using it. Purview is the tool, and that's, like, the actual interface, and that's the actual, you know, that's the tool that allows it to be done. But in terms of stability, I think Purview does as good a job as it can of providing a foundation to make stability with data governance as easy as possible for those that manage it, but it does come down to those that are in charge of Purview itself to make sure that it stays stable. Well, I won't just say stable. I'll say that it is as stable as the data governance maturity that exists within an organization. It can't be more stable than that.

Scalability is fantastic considering their pricing since it addresses their pricing where it can have your incremental scans, which can cut down on your computing costs. That's great for scalability. So, if you have more data and you need to scan more and more, you don't need to scan the exact same data again and again and again. You may be okay only scanning the entire database maybe once a week, and then, let's say daily, you have incremental refreshers that help very much, or that help a lot with scalability. I think as more an organization scales and the more that it uses Purview with that scaling, the more you can get out of it, and the more it'll end up helping the organization, the more the stewards that are in their tagging things, the more that data is suggested, and that triggers are set up for ingestion runs. The more it scales, the better it is.

I have spoken with Purview's product team consisting of engineers who created Purview that writes the documentation that will work on bugs hands-on. Also, I've been a part of a lot of conversations, and I provided a lot of feedback in terms of improving Purview itself as a product and how we use it with our clients. So, there's been a lot of collaboration on that.

Considering Purview, I rate technical support a ten out of ten.

Positive

There was not one solution. There were multiple solutions like Profisee involved. We also had Atlas and kind of a lot of commingling of those two and kind of piecemeal together solutions between a lot of those to do a Purview does. So not a whole lot, I guess, is what I'm trying to say.

The deployment of the solution was done on Azure. A majority of our deployments for our clients are through a private cloud, and they're locked down with private DNS zones and custom DNS records on the back end if they're on their own servers and private endpoints as well. So fairly locked down, especially with where we talked about a lot of the data being sensitive and a need for it to be protected and monitored. Well, if data needs to be protected and monitored, then it likely is going to be needing something to be secure. So it's all been on a private cloud so far.

I was involved in the initial deployment of Purview. The initial deployments were actually straightforward because we were figuring out about the features, and found that it was a little less feature-rich, so there was less of a question. And it hasn't given us the time to figure out where it works well or where it doesn't work well, and if we need to bring in consultants or can we do this in-house. As Microsoft Purview got a little more mature, the deployments got a little more complex, as we were kind of seeing that there are a lot of ways, like there were a hundred ways to do one thing or less. I think that applies to anything in software. But it applies to Purview as well and where we control access to a given data source while figuring out if we should use the policies and governance features within Purview. We also thought if we should do it in Azure portal using RBAC or should it be elsewhere. So I think we passed that part, and then now we're going to get back to some smooth deployments, and a lot of them will be templatized, you know, whether it be in ARM templates or Bicep like Terraform. Overall, at first, the setup process was fairly smooth to moderate.

I have not been able to conduct any actual ROI analysis on Purview just because it is hard to measure those kinds of intangibles of how those results show up. But they absolutely show up if we consider data to be an asset. Also then, it can also be a liability, just like something that would be like a can of soup on the shelf in a restaurant. That's an asset as it exists then, but also there can be hazards. So, if it's a large pallet, it could fall and cause damage. So, data cost would be a liability. I think that it is not something that currently appears on the balance sheet and can be cut to draw that line, but I think it'll be made much clearer in the near future, especially as we've become more and more data-saturated and we'll be more conscious of the value of data. Regarding ROI, I have not done any analysis in that realm, but I have full confidence that there are real ROIs that do exist and that will show up one way or another in the future.

Price-wise, I think it's very generous and accessible to not just enterprises but small to medium-sized companies as well. I think it's very fair in terms of how they break apart the storage and the actual computing, and that makes it very accessible. So, that is a very big plus for Purview. I think a lot of clients and organizations would feel that way as well.

On the time front, I can absolutely speak about the cost of the solution since time is money. Saving analysts or developers, or engineers time can add or translate into actual savings if you can do the right calculation. But just to stick on that time front, I've seen it cut down, let's say, a given team, or a data governance team, I'd say, in a reduction of fifty to sixty percent of the time that would be spent answering maybe questions for other parts of the business about what a certain data means or where this data lives, they can just point them into certain directions, and they can point them to Purview and have those answers or have or have this questions answered. So that's a big part. And then also being able to have those ties from the business to IT and being able to bridge that gap and being able to have a technical asset ingested from the data side or, from the technical side, and then being able to get the business to interact with that as well. I would say that total savings in terms of on a team-to-team basis, I could see anywhere from fifty to seventy-five percent reduction in time spent on those activities just by having Purview.

After looking through other options, we decided for our clients that in these situations where they're already in a Microsoft data environment in terms of their data, whether it's living in Azure or on-prem, but the analytics that they're doing, whether it be with Power BI, with Synapse and Data Factory, it integrated so well.

Speaking about the importance that Purview delivers data protection across multi-cloud and multi-platform environments, including AWS and Google Cloud Platform, I would say that it's very important, and I am going to lean on the side of this that has to do with data protection in terms of international data protection and various laws that kind of force data to stay in certain places. For example, I have one of my clients, which is a Fortune 100 company, and they have three different main regions around the world, including Asia Pacific, the EU, and the US. They had a lot of financial data that were in these three regions, but they couldn't cross each other even though it was the same data that was being used in the same applications, but it was difficult due to various barriers and regulations for the actual data control. Hence, they couldn't pass between each other. So that was kind of an issue. We had to actually go and deploy multiple instances of Purview. We had a dev and a prod instance in these three regions. That was definitely very important, and that was because of not only regulations but because of their desire to keep their data private, secure, and kind of locked down.

Speaking of how important it is for me that Purview can connect to iOS, Mac, and Android devices and data in other SaaS apps, it is not very important as it's typically with legacy databases and data warehouses.

Regarding Purview's data connector platform for supporting ingestion from non-Microsoft data sources, I think it's very robust, and out of the gate, they included a data connector that you can plug in straight to Amazon and SAP. I believe now that they have some connectors for Salesforce and things like that and Snowflake. So they are absolutely staying right on or ahead of the curve when it comes to making this kind of making sure that the interoperability between other vendors as well is taken into account, which is awesome.

Speaking of how important is Purview's natively integrated compliance across Azure Dynamics and Office, I think it's very important, and it does it very well. I mean, literally without a problem. It's completely seamless, and so it does that perfectly.

Speaking of how important it is to me that Purview was built taking into account critical regulations from around the world, I think that it is very important. So, that's what kind of gave birth to the original classifications for 200 or so out-of-the-box classifications for a lot of data for possible credit card numbers, passport data, and ZIP codes in different countries. They were definitely aware of that, and you could tell from their design process they keep updating those. And so that was definitely built with that in mind for sure.

I have never used Purview for data loss protection. Typically, in these solutions, when we're deploying Purview, they're usually at a stage in their data platform maturity where they already kind of have that taken care of elsewhere.

Speaking of whether Purview helped reduce the number of solutions I need to interact with, I would say that I don't think so because I think data governance exists kind of outside the solution's architecture for these kinds of things. So, I'll say no, but that's not in a bad way. It's just not its job, in my opinion.

In terms of Purview's visibility, I think visibility is the most significant part since that's kind of what it does as long as it's set up correctly and maintained by the data stewards and the business experts. The domain experts that actually know how to interpret these business glossary terms and can link them to data assets, then it is the most useful tool out there.

I haven't used Microsoft Purview's automation. However, I have used Purview's AI since we have had a few situations. While not many organizations have had to do this, we had two instances of Purview in a given tenant, which would be dev and prod. So, we would use some APIs and some Purview CLI. We automated a lot of those processes. Also, it's workflow automation in terms of approvals and sign-offs from a given definition being changed or a term being added and being able to send that to the right people, especially by sending an email to the right group for approval. So the automation piece is huge. I have not yet been a part of, or I have not, used any of the AI-related features.

Speaking of how automation affected my speed and accuracy of risk detection, I would say it went very well, especially when dealing with financial data or when dealing with possible credit card data, personal information, and health data. In PII or PHI, being able to have those classifications kind of flag that data if it comes through, and then being able to mask it or identify those is something huge. So, that's probably one of my favorite features considering how it's integrated into the various protection services that Microsoft and Azure have to offer.

Speaking of how automation affected the quality of the insights I have, I would say it has more to do with speed on that front. Also, it's going to be as good as the developers, data stewards, and experts working on it. As you know, it'll be as good as the effort that they put in to constantly go through and curate or update a certain classification, including what the threshold may be to make sure it's catching all of where it needs to cache for risk detection or risk mitigation. And there's definitely a one-to-one relationship that is a very linear relationship. So the more end users and stewards are involved, the more you get out of it in terms of every feature that it has to offer.

Regarding Purview enabling me to show my compliance in real-time, I would say that I believe that there are some integrations that I have not personally, which I think came out in Purview the last time when I was very heavily involved with Purview, which is maybe four or five months back. So, I have not used those yet. But in terms of real-time, I don't think we have used it yet. But I'm sure we'll do that eventually.

Regarding whether Purview helped to reduce the time to action needed for insider threats, I would say it has, especially in the context of early detection for possible sensitive data, like health data, credit card information, and things like that, and being able to alert the right parties. So, they can make decisions on whether they need a mask or not or if there was a problem with the actual data source, whether the data kind of slipped through, and if it should have been taken out. So, definitely, it works in that kind of early detection there and in terms of the speed of making those decisions.

I would say that Purview has helped save time and money for my clients. So, it's definitely a long road for data governance, and a lot of the benefits aren't necessarily very tangible, so they might not show up on the balance sheet. However, data is an asset and needs to be treated as such. Hence, those who implement these data governance programs and who use Purview to do that are absolutely gonna be ahead of the curve, and we'll save countless dollars and time. I mean, the savings start immediately. So, down the road is when you really see those effects come up.

I would agree that Purview has affected my ability to stay on top of compliance.

Regarding others who are looking into evaluating the solution, I think they should prepare by making sure that the individuals or the teams that internally exist that are in charge of or that have a very large say, and how data governance is or functions within that organization, they need to be on board and they need to be willing to kind of to go through the motions and be okay with having an iterative process once Purview is deployed. It's not all going to be solved on day one, and they're not going to have everything that they need right away. Again, it's a tool that their data storage and domain experts can use, I would say.

As I am trying to be as unbiased as possible, I would suggest those planning to use the solution contact Microsoft since there are a lot of financial incentives and reimbursements, and discounts that exist right now, also in the past, and in the future, I would assume that for Purview's demos and PoC engagements. So, trying to find or just having the first part, which is the internal understanding of what data governance is and what they want out of it, while the second part is Microsoft does very well by tucking in partners that can show them ropes.

Since there were some features recently that maybe I haven't been able to test, I rate the overall solution a nine out of ten.

We migrated everything to the Azure cloud. Microsoft Purview was coming up at the time, and we also started looking into their other products such as Microsoft Power Platform, particularly Power BI. We wanted to see how these particular tools can go head to head and how they would be useful. This is when we started with Microsoft Purview. The POC itself took more than a year because it was not easy. The tool was growing. It took a long time to get their product support help to fix some of the issues and features. 

In the last year, we started using it for a few things. One is mainly data protection. We mainly targeted the scenarios where when someone is sending a document in an email or labeling a document as confidential, what the person receiving the document can do. 

We are trying to cover Microsoft 365-related products. We are trying to use it for the data discovery process. That is the end goal. Across the organization, we want people to be able to find the data easily. There is a kind of data marketplace, and we started to use it for data discovery.

Data discovery is one of the beautiful things of Microsoft Purview. We mostly have Microsoft products, so it has been helpful, but we are continuously growing. We are still in the learning stage with this product. We are trying to onboard only a small amount of data, and then we will see how we can curate the data so that it is meaningful. Slowly, and probably after a year, we will come to know how efficiently we are using Microsoft Purview as a part of the data discovery phase.

Microsoft Purview is a cloud-native app. So far, we have only used it with Windows with Chrome or Edge browser, and it works seamlessly. It is not a problem. We have not used it with other OSs, but it should work with them.

Microsoft Purview was built taking into account critical regulations from around the world. Data classification is one of the beautiful features. It works seamlessly.

Microsoft Purview's natively integrated compliance across Azure, Dynamics 365, and Office 365 is perfect.

Microsoft Purview enables you to show your compliance in real time. There is the Insights dashboard, which is particularly for security officers. They can always go and have a look. If there are any compliance issues with the portal, they can always go and check anytime.

Microsoft Purview has helped to reduce the time to action on insider threats, but I do not have the metrics. We are in the discovery phase. After a year, we should be able to provide exact metrics. As of now, we just look into the issue and take action. It is helping to reduce the errors. In terms of percentage, there are about 20% savings.

Microsoft Purview will save us time and overall product delivery costs. Product data discovery should be easy, which will reduce the overall product delivery time. This is something that we are working on. There should be at least 10% savings on the project delivery time.

There are several features. Their data labeling or data classification is particularly valuable because we want to categorize all of our data into confidential, public, or internal. Microsoft Purview works seamlessly with the Microsoft product suite, including Office 365, to schematize the data assets, so data labeling and classification have been helpful.

Microsoft Purview can connect with all of our security-related things across Office 365. It easily connects with Microsoft Defender. The integration with Microsoft Defender is good.

It works well for schematized data assets for lineage tracking. Overall, it works well if someone is using mostly Microsoft products.

It is still growing. It does not meet all the requirements from the security point of view. It supports only a limited number of tools and technologies that pertain to Microsoft products. If you want to leverage other solutions such as Workday or Oracle Fusion, features will be coming up, but as of now, it is for the Microsoft suite. 

It is still growing as a data connector platform for supporting ingestion from non-Microsoft data sources, so not all the products are supported as of now. 

As a data catalog tool, it needs to have a connection with all the sources. This improvement is definitely needed because they are supporting only Microsoft-related products but not third-party products.

We started to explore Microsoft Purview when they launched it. It was the end of 2021.

It is a stable product, and continuous improvements are always coming in. After a year, it probably will be a complete tool for all sorts of uses. I would rate it an eight out of ten for stability.

It is unlimited. I would rate it a ten out of ten in terms of scalability.

We currently have 10 to 20 people using the tool. It is deployed as part of information technology from the IT management, and we try to circulate it by onboarding various sets of users from various departments.

Last week, I raised an issue with technical support. It issue was a priority for us. Within a couple of hours, they got back. They were efficient with this particular product. I would rate them a nine out of ten.

Positive

We used some of the manual processes. We built a data catalog using Vast data services.

It is deployed on the cloud. The deployment time is much less, but because it is a data cataloging tool, curating the data takes time. Spinning of the environment and starting it can be done in a couple of hours.

It definitely requires maintenance from the data security and data scanning point of view.

We have a data governance team. 

It is cheap. It is based on consumption. If somebody wants to start using it, the price is definitely cheaper than a tool like Collibra.

I would definitely recommend Microsoft Purview. However, it is not good for data quality. If you are not looking for data quality and you only want a complete security and data cataloging tool, it is perfect.

It is still maturing. At this time, I would rate Microsoft Purview a six out of ten.

We use Microsoft Purview to protect sensitive transactional data. We can control organizational policies such as who can monitor the system and how data is shared between managed apps and enrolled devices. We create the data loss prevention policy.

Purview can deliver data protection across multi-cloud and multi-platform environments. For example, we can set up a multitenant environment across different vendors and control Purview through Azure. Our enterprise licensing allows us to extend the connectors and tokens to other vendors. Once the connectors are active, they streamline the same functionalities and policies across the data on the other clouds.

Purview can connect to iOS, Mac, Android devices, and other SaaS apps, provided that we have created enrollment profiles for the other devices in Microsoft Azure. We can then monitor those devices from a central Microsoft location.

Microsoft Purview's natively integrated compliance across Azure Dynamics 365 and Office 365 is important because all escalation auto breaches from Microsoft or our data loss prevention policy will be highlighted to our program manager and portfolio manager. Therefore, we must treat this as a service-level agreement breach. The most important thing is to ensure that we are alerted whenever sensitive data is sent across 18 servers, Microsoft Office 365, or by people using their hybrid environment to connect to Office 365.

It is important that Purview was built taking into account the critical regulations from around the world because one of the accounts I support is a financial institution from the UK with offices in Europe. As a result, we have new regulations to comply with. We had a different region-wide DLP setup for the UK and Europe, but we needed to ensure that it was within the new Purview system and that data could not move out of it. To achieve this, we have people in Europe working on certain governance and risk portfolios that we have created using Microsoft Azure and Purview. We also share this information with our audit team, which comes in from outside to verify it every quarter.

We have an in-house process for handling policy violations. Purview's DLP for remediating policy violations helps us. For certain categories of transactional and social ethics violations, we capture data on any copying of sensitive data. This is because sensitive data should not be shared. We capture this data using our exchange server. It is difficult to share sensitive data, but we can capture it. We then share this data with our ombudsman team. The ombudsman team will review the data, including the timestamps and users involved, and determine what action to take. In rare cases, the person responsible for the violation may be removed from the team or organization.

Awareness of mobile device monitoring must be shared across the organization, especially with end users who may not be aware that their actions are being monitored. Training should be provided to all users of enrolled devices, regardless of whether they use Intune or another endpoint server. There are three sets of training, End-user training, Admin training, and Global provider user training.

Over the past two years, we have improved our relationship with external auditors. In the first year, it was challenging to implement DLP policies. However, in the second and third years, we have had fewer than ten violations. These violations were typically due to users accidentally accessing sensitive data without their knowledge. We have been able to significantly reduce our policy violations in the past three years using Microsoft Purview.

Purview has helped us reduce the number of solutions we need to interact with each other. We used to have a lot of L1 tickets that came in earlier, where there was a policy change or configuration change being done. And then we didn't have a proper change process or control over the data that had been accessed, because it was in a shared model. This led to SharePoint violations. Now that this has been reduced, we have proper version control, and anyone accessing these resources must check IAM. As a result, those L1 tickets, which were more than a thousand in the first year, have been reduced to less than a hundred or so, in terms of SharePoint access violations. So, this is one area where we have seen a significant drop because the IAM and the user's profile now determine whether they have read and write access.

Our visibility into our estate has improved significantly with Purview. We started a pilot project, and the project manager who owns this portfolio is already running the show, even before the policy is set for the organization itself. This level of visibility was tested in a small pilot project, and now the project manager has full visibility.

Microsoft Purview allows us to demonstrate our compliance in real time. On the default dashboard, we can see the number of phones that have violated the DLP policy that we created. We can then determine which standard was breached, such as ISO or BIS. We use Purview for weekly compliance calls with the client as well.

Purview helped streamline our meetings with compliance regulators by making it easier to share data with them.

Microsoft Purview has helped us reduce our time to action on insider threats. Before Purview, we manually managed our insider threat detection process using a weekly Excel report with a macro. This meant that if a breach occurred on Monday, we would not review the report until the following Monday, resulting in a one-week time to action. With Purview, we can now take action as soon as Purview detects the violation.

Purview has saved our admin teams 99 percent of their time spent investigating violations. In terms of cost savings, Purview is included with our E5 license. The savings are significant.

Purview helps us maintain compliance. It gives us full control over our data, and when there is a violation, we can follow our established procedures to decide whether to call the ombudsman or if the process setup is sufficient.

Purview helps mitigate risk and allows us to govern the information being shared among apps and devices. Purview can restrict access from even the smallest threats, such as a mobile device trying to access and manage apps.

I would like to have AI functionality on the dashboard to help me analyze and report on the data that we capture using Purview on a daily basis.

I have been using Microsoft Purview for three years.

Purview is stable and always available because it is a SaaS service, which means we don't have to worry about the infrastructure.

Purview is scalable depending on the number of transactions we want to monitor per day. 

Whenever we had an issue with Purview during the test phase of setting up DLP, we would call Microsoft Premium Support. They responded immediately and assigned a support engineer to our case right away. The support engineer would escalate the issue to their internal product group team, who would update Purview on the backend with a patch. The product group team would then let us know that our feedback on the product had been accepted and that they had worked on a solution, which would be released within the next week or quarter along with other updates. Overall, we were very pleased with their support.

Positive

Before Microsoft Purview, we used a feature in Intune called data analytics to record what users access and the transactions they perform. However, this data was not meaningful, and there was no way to filter it to identify breaches. As a result, we had to manually review all of the transactions for all users in the organization to see if any were violations.

Microsoft Purview is able to capture breaches because we use tags to properly understand the data and identify violations. For example, we can tag all transactions involving credit card numbers. When we run the ETL tool, it uses the tags to identify transactions that may be violations.

Initially, deployment will occur once the data is confirmed by the ETL team and properly ingested. This process typically takes a few weeks, depending on the volume of data. Once the initial deployment is complete, we will design and test the DLP and UAT systems. This process typically takes two weeks to a month.

Once it is deployed to production, any future changes or updates must be approved by a cabinet review board, and we must have a rollback plan in case anything affects production.

We have eight engineers who work at different levels to ensure that the data is furnished correctly, regardless of whether it is structured or unstructured, how it is being populated, or where the data loss prevention process runs daily. We also have a couple of managers and a scrum leader, as well as a portfolio manager.

When we implemented Purview, we were able to reduce our staff by 60 percent. We no longer need compliance officers to manually check spreadsheets for changes or breaches. In addition to the staff reduction, we have SLAs that require us to pay penalties to our clients if there is a violation. With Purview, the number of SLA breaches has been significantly reduced, saving our organization over one million dollars.

Microsoft Purview requires a Microsoft 365 license and is included with an E5 license. The license is expensive, but it is worth the cost because of all the tools it includes.

I would rate Microsoft Purview nine out of ten.

Purview is a cloud-based SaaS product. We keep our sensitive data on-premises, but we export a de-identified version (.NET) to the cloud in order to review reports for violations.

I recommend Microsoft Purview, especially for organizations that are already using Azure. Purview can be used to extend their risk governance capabilities in a seamless manner. There are other solutions available, but Purview is flexible and offers hybrid, cloud, and on-premises options with connectors for other vendors.

We are a partner and work with different organizations. We go through a number of activity phases, such as initial discovery, understanding their data to see what is and is not sensitive, and then using Microsoft Purview. 

We use Microsoft Purview to provide sensitive information in building out a roadmap in terms of classification, protection, and lifecycle management. We then determine what kind of use case is most common for other work we would look for and fill in the gaps with the customer. Microsoft Purview's vast features and capabilities really depend on what we learn in those workshops and where that organization is looking to go over a period of time. So if one of the key areas is the mitigation or prevention of data breaches, we can help with that. 

We can also help protect content, especially when it is sensitive and involves individuals. We can also help businesses change their processes to help ensure users know what their preferences are and how to use the user tools.

Microsoft Purview's ability to deliver data protection across multi-cloud and multi-platform environments, including AWS and GCP, is very important. It helps organizations realize the investments they have already made and how they can further expand those investments to another remote type of Microsoft workflow. Microsoft Connect has been used to centralize these workflows, and the ability to import existing records management processes and policies into the file plan in Microsoft Purview allows organizations to bring compliance into a central location. This helps to manage costs and improve efficiency, as users can go to one area to leverage basic facilities without having to use separate tools.

It is important for our clients that Microsoft Purview can connect to iOS and Android devices. With many people now working from home and using their own devices, there is a need to manage these devices. Microsoft Purview's conditional access and endpoint management capabilities help organizations to protect their data, regardless of the device being used.

Purview's natively integrated compliance across Azure Dynamics 365 and Office 365 is important. However, it is also important to ensure data privacy with its data as a whole from a compliance perspective. This means ensuring that we can meet the requirements of 2701 controls and that people know the processes, technology, and relevant skills. CRM controls information about potential customers and opportunities, so it is important to ensure that we are compliant when handling this data. We also need to make sure that updates to Purview are made as needed and that our team is able to stay on Office 365. Having a strong compliance program is essential for any organization that handles sensitive data. By taking the necessary steps to ensure compliance, we can protect our data and our customers.

It is critical that Purview is built around global regulations. This is because we have different types of customers, some of whom operate slowly. There is a rack with some regulations, and we have the US. We also have a rack with different regulations that are up-to-date, but they are only safe in some areas. This means that we need to be able to control, face, or bank on system regulations. This is very important to me and the customer because they can be very tricky.

Purview's DLP can be used to remediate policy violations. A number of kinds of DLP rules can be leveraged, such as sensitivity labels, data classification, and sensitive information protection plans. This means that it is not enough to simply provide people with the technology, they also need to be trained on how to use it effectively. Through the use of an ERP system, a number of policies can be set up. This insight can then be used to make meaningful decisions about how to rate the data on the system. This will help to understand how the data is costing the organization. If the organization does not have the necessary internal controls in place, new protection and encryption measures may need to be implemented. This is primarily becoming step one in the process of working policies, understanding how the data is being used, making decisions about how to protect it, and then building a protection layer on top of that.

Data loss prevention education for users is important because it can help them to understand how to best protect sensitive data. This can be done by providing users with training on how to use DLP tools and policies, as well as by educating them about the risks of data loss. DLP tools can help to prevent data loss by monitoring user activity and blocking unauthorized access to sensitive data. DLP policies can help to define what constitutes sensitive data and how it should be protected. By educating users about DLP and the risks of data loss, organizations can help to create a culture of data security. This can help to prevent data breaches and protect the organization's data assets.

Purview helped reduce the number of solutions we need to interact with each other. I used the solution that crosses between Endpoint Data Loss Prevention, Microsoft Defender for Data, and Conditional Access to block specific types of information at different workloads. This made it easier to manage sensitive information. For example, if I have sensitive information today, I can easily block people from uploading it to Teams, SharePoint, or OneDrive.

The reduction in the number of solutions we need to interact with each other has had a significant impact on our pricing. In the past, we had to use a variety of different solutions to manage our portals, which was time-consuming and expensive. Now that everything is coming into Microsoft Purview, we are able to simplify our technical and environmental environment. This allowed us to reduce our costs and improve our efficiency. In addition, Microsoft Purview provides us with a central location to manage our data governance. This made it easier for us to comply with regulations and protect our data. Overall, Microsoft Purview has been a major asset to our organization.

Microsoft Purview expanded our visibility into our state by allowing us to see what is labeled, relabeled, and what is not classified. There are a number of different areas where Purview improved capability and overall cost. These are all different aspects of Purview, which is helpful for organizations. Purview has a point-in-time view, and it also has the ability to explore more granular data from the logs.

Purview helps to reduce the time it takes to take action on insider threats by around 50 percent. It requires planning and configuration, as well as two weeks of setup. The technical configuration is used to identify users and the types of activities they are performing. For example, users who sign into hundreds of documents within a few minutes of each other or delete large numbers of documents can be quickly identified and flagged. This allows security teams to send high-priority emails to the appropriate people in a timely manner.

Purview helps save our clients between 30 to 40 percent of time and money. 

Microsoft Purview's most valuable feature is its ability to identify content across a number of prescribed regulatory frameworks, including Microsoft, GDPR, PII, and UCC Financial. It can also help organizations identify content that is important to them but not specifically regulated. This is done by creating trainable classifiers and sensitive information types. The protection controls components are based on the perspective of the device. Microsoft Purview has been growing in popularity over the past few years, and it offers a number of tools that can help organizations manage their data.

Purview's data loss prevention for macOS endpoints has some limitations, and the end-user experience of recovering from a failure is lacking.

I would like to be able to search for labels using Purview to see what items are affected and the time periods in which they will be active. This would allow us to export the results for specific business areas, which would make our lives a lot easier. We could also use this information to identify sensitive information types and reduce false positives.

The utility system format, the policy tips and user descriptions of sensitivity labels, and the overall policy tips that are shown in the loss prevention policy have room for improvement.

I have been using Microsoft Purview for three years.

The stability of Purview has been good. It takes a bit of time for someone to configure it, but once it is configured, it is responsive. However, there are sometimes delays due to the speed of users' devices and their home network connections. This can be especially true for mobile devices and when users are using multiple apps at the same time. Microsoft also sometimes experiences delays in processing requests, which can lead to further delays in Purview. Overall, Purview is a stable platform with good uptime and resilience.

In terms of scaling Microsoft Purview, there are two main challenges: network load and data ingestion. Network load can be a problem if there are too many requests coming into the system. This can be addressed by adding more servers to handle the load. Data ingestion can also be a challenge if the company is generating a lot of data. This can be addressed by using virtual machines to store and process the data. As the amount of data grows, the number of VMs can be increased to keep up.

Our clients vary in size from 100 all the way up to 6,000.

Each setup is different. We have thousands of workshops, configurations, and design agreements followed by a baseline to mitigate of about 30 percent which we build on top of. The deployments can take anywhere between a few hours to a few months. We need to understand each organization to ensure that they understand the type of people process that is in place. Then, depending on the technology, we need to make sure that they have access to 365. This is implemented as a baseline, and our target operating model is also needed to ensure that they have the necessary functions. This will allow me to deal with the environment. We need a team of people to manage the deployment.

We implement the solution for our clients. Microsoft Purview is managed in a single location.

Microsoft Purview does not require any maintenance.

Our client's have seen a 100 percent return on investment. 

The pricing depends on the client's requirements and the number of applications.

I give Microsoft Purview an eight out of ten.

It is difficult to assess how much AI and automation affect our speed and accuracy of risk detection. This is because the effectiveness of AI and automation depends on how we train the system. There are a lot of sensitive information types that are prescribed by Microsoft. There are also a number of types that fit within another structure of sharing information. So potentially, we have a number of false positives, which means that we are relying solely on the information provided by the system. This is not something that I would push on an organization. Once we start updating the system, we need to make sure that we understand and compare the number of activities to identify and fine-tune the system. We need to do this a number of times before we can be really sure that the system knows our data. We also need to consider the AI side of things, which obviously allows for some risk. The identification of risk seems to be a matter of realizing confidence in the system's predictions.

It is difficult to assess how Microsoft Purview's AI and automation affect the quality of insights that we have. We have run this process effectively a number of times across different organizations, but this has raised some doubts. This is a bit of a shame, especially with the out-of-the-box solution from Microsoft. We are then asked to hold a number of workshops to review the results. This is because the system can operate with different accuracy levels and false positives. It is important to consider how we portray these insights and what the next steps will be. As a result, there are mixed reviews.

Currently, Purview does not enable us to view our compliance in real-time without some additional work to enable us to show compliance. This is because the visual displays rely on the time it takes to update the Microsoft SQL database, which can be delayed. We have seen cases where the displays do not reflect the actual data, and we have had to manually update the database to correct the issue. However, we can clearly see what data is due for disposition, deletion, and retention based on our policies. While it is not always easy to see this information, we have made improvements to make it easier. Overall, it is not a straightforward process, but we are working to improve it.

I recommend Microsoft Purview, but organizations should always conduct a proof of concept to ensure that their requirements can all be met before implementing the solution.

We have implemented Microsoft Purview as a comprehensive DLP solution for our clients across Europe, Africa, and the Middle East to protect their data and help them classify, identify, and investigate who and how the data is being accessed.

Microsoft is aiming to build favorable relationships with other cloud solution providers. On our end, if we have both AWS solutions and Microsoft's cloud solution, implementing the Microsoft Purview dashboard can be a good way to collect and classify our data across both platforms. This could be a strong selling point for Microsoft to explore partnerships with AWS and other public cloud players, allowing them to combine and leverage their global development, sales, and services.

Implementing Purview's integrated compliance across Azure Dynamics 365 and Office 365 is relatively straightforward thanks to available connectors and Microsoft's improved user interface.

Microsoft Purview includes a compliance manager, which simplifies meeting various standards and regulations through integration with companies like ISO, ISCE, and other risk solutions. This feature is an add-on for E5 and E3 licenses. It allows us to create assessments that generate reports with specific recommendations for implementing and configuring ISO 27001 or other standards within our Microsoft 365 environment. This makes compliance significantly easier and, according to Microsoft, can reduce the cost of implementing such measures by approximately 40 percent compared to using other solutions for ISO compliance or other critical regulations.

Given my role as a cybersecurity consultant, I previously created a DLP policy based on the client's needs. Since then, I haven't had further contact with the client. However, I'm now working on a new project for them next year. This project involves developing and implementing a DLP solution with a focus on information protection. My responsibilities include monitoring all user activity and reporting on it in a few months. Based on my observations, there's a significant amount of activity requiring governance. This includes areas like DLP policy enforcement, USB blocking, printer control, copy prevention, file transfer via secure FTP, and external user access restrictions. Purview's data loss protection is helpful for remediating policy violations.

I'm developing a short training guide, about four pages or more, on enabling information protection labeling and related topics. Some clients have suggested automation, but I believe the best approach is to guide users through manual labeling. For instance, we could have a "Sensitive" label for data like personal information, ID numbers, passports, names, passwords, and so on. Information protection can be implemented either by defining detection rules beforehand or by using the system's automated detection capabilities. If sensitive information is detected, the system can then recommend applying the "Non-Confidential" label or whichever equivalent label we prefer.

Microsoft has developed and launched Microsoft Defender for Endpoint for Mac. This agent for macOS is the same agent used for data loss prevention in Endpoint. However, if we don't require DLP for Endpoint, we can simply synchronize our Macs with Microsoft Intune. Intune, a combination of Microsoft Entra ID and an MDM solution, is not just for mobile devices; it's a device management platform for all company devices, including PCs, Macs, mobile devices, and servers. It allows us to synchronize settings and policies across all our devices, manage software deployments, and utilize various other features. Therefore, we have two options: either synchronize our Macs with Intune or install the Microsoft Defender for Endpoint agent to implement DLP for Endpoint. DLP for Endpoint is mandatory if we need to detect and control USB devices, printers, and other data transfer peripherals.

Microsoft Purview's primary benefit lies in safeguarding sensitive and confidential data, thereby mitigating the risk of internal data exfiltration.

Purview does help our customers reduce the number of solutions they interact with. From a cybersecurity engineer and information security expert perspective, consolidating and streamlining technology can be beneficial for IT departments, especially before implementation. Currently, Security Service Edge emerges as a promising solution due to its integration with zero-trust principles and protocols. For example, instead of deploying multiple endpoint detection and response solutions, a single, antivirus-free EDR like CrowdStrike can suffice. Similarly, Microsoft's Defender for Cloud Apps, combined with XDR and other security features, offers a comprehensive solution for Security Operations Centers. My goal is to create a unified MDR solution for clients, allowing for centralized data collection and log analysis. This unified platform, ideally with one or two dashboards, would enable efficient investigation and response, minimizing investigation time and cost. Combining various tools into one interface eliminates the need to jump between dashboards, improving analyst efficiency. Why rely on multiple vendors like CrowdStrike, Proofpoint, Minetest, and MISSP when a single solution can offer comprehensive visibility and data security? Microsoft's Image Security 365, coupled with best practices and anti-phishing strategies, can significantly enhance security. Furthermore, I recommend implementing a DMZ with two firewalls, one internal and one external. This layered security approach, while requiring two vendors, provides redundancy and prevents attackers from exploiting a single firewall and gaining access to the network. However, it's important to remember that cybersecurity solutions are not one-size-fits-all. Each client and scenario requires tailored strategies based on their unique needs and context. Consistency across the industry is crucial, but it's important to acknowledge the lack of standardized approaches in the current landscape.

The Microsoft Purview dashboard is primarily a data security solution, allowing us to implement various layers to safeguard our information. While it can be used for some Endpoint Detection and Response functionalities, its full potential in this area might not be realized without proper configuration and understanding of the underlying processes.

While Purview offers real-time compliance monitoring, it's an add-on feature functioning as a compliance manager. However, due to a lack of clear communication, not all companies fully understand its capabilities. Additionally, it's important to note that while compliance and standards often relate heavily to financial and banking sectors, the scope of regulations has broadened significantly in recent years, extending beyond these specific industries.

Purview helps us stay on top of compliance because Microsoft has tried to build Purview based on the ISC framework.

No single feature stands out as the best because the most effective approach involves combining multiple features. For example, when using information protection, labeling, and classification, a multi-step process is necessary. First, we must classify our data, which requires a thorough understanding of our environment and the nature of the data itself. Once classified, we can apply labels and establish rules governing data sharing through information protection measures. The final step involves implementing and configuring a Data Loss Prevention solution. It's crucial to remember that the goal isn't to find ideal individual features; rather, it's to leverage the synergy of multiple technologies to create a comprehensive and powerful data protection strategy.

I've been working closely with Microsoft support on issues with the Microsoft Purview Information Protection scanner's on-premises services. While it's a solid tool, there's still room for improvement in my opinion. I've submitted numerous recommendations, from solutions to address specific problems to the implementation of new features like bulk scanning across multiple servers, not just individual paths. I've also encountered a high number of false positives in the classifier and made suggestions for resolving them. Microsoft support is currently reviewing my input, and we're collaborating to refine the scanner and minimize false positives. It's important to remember that this is a new technology, and like any newborn business venture, it's prone to growing pains. Errors and mistakes are inevitable along the way, but they're also valuable learning opportunities.

Frequent daily updates from Microsoft can cause interface elements like buttons to appear and disappear, making navigation unpredictable. Additionally, Microsoft also generates new licenses that require investigation to identify each new license.

I have been using Microsoft Purview for one and a half years.

Microsoft Purview is scalable.

Sometimes we have a communication gap or delay but most of the time the technical support is good.

One person can deploy Microsoft Purview.

We implement Purview for our clients.

We are a Microsoft Gold Partner and are currently satisfied with our existing solutions. Therefore, we do not prioritize evaluating other vendors at this time.

I would rate Microsoft Purview a seven out of ten. Purview is a good solution but it takes time to master.