Microsoft Purview Data Governance Reviews

I'm a cloud consultant and prefer Azure Purview as a governance tool. A few of my clients are in the banking sector, including global and Indian banks. They need a centralized solution for compliance and governance. 

I haven't used Purview much for SaaS or device management, but I have explored the SaaS services and PaaS in terms of other tools that can be integrated with Azure Purview. Our clients often have an ETL solution that's in Azure directly. Most of our clients use Synapse Analytics or Databricks. One of our energy clients in Australia has the same use case for data platform implementation. They have some unstructured data on-premises, and it goes back to the Azure storage account as raw data. They do some transformation with the help of an ETL tool. For agentless forecasting, they do model training with the help of Databricks or Azure machine learning. They'll use Power BI for visualization, but Purview is the centralized governance tool.

Purview improves compliance and governance with data source and auto-scanning features. All those data assets would be in a centralized repo that pulls from different sources and databases that hold the bank data or the customer's data. The solution enhances compliance in terms of security factors and issues like duplication. It scans for new data coming in and older data that already exists. Purview collects the metadata to get a clearer visualization of all the compliance aspects. 

Another benefit is accelerated migration. Purview facilitates smooth migrations by giving clients insights into their data, which data is useful, and what kind of data is non-compliant, so you can classify data based on compliance, priority, and utility. It helps clients decide which data is essential and should be migrated. Identifying non-compliant data can help clients improve security and privacy.

Data analysis and classification isn't a two-day or two-week job. It's a long-term process. It might take two or three months to gather feedback on what kind of data is the most beneficial, like structural data, static data, etc. The data lineage doesn't come in one or two days. It takes some time to get a complete picture of your source and destination and the data cycle from start to finish. You can say that the data was in this phase six months ago, and now it is in this phase. Six months is enough to get a clear picture of the data flow and the kinds of data that are most beneficial.  Purview is helpful for long-term data management and classification.

Purview improves visibility. If I go back to a year ago, when I was learning Purview, my perspective was different. There were fewer features, and Purview has grown at a rapid pace. I was originally a network engineer, but I am now a cloud consultant, so it was challenging to work with the Azure version initially. I started seeing the benefits of its data classification features once I started consulting, seeing everything that comes into a client's bucket, and receiving feedback. Now, I can see the solution's strengths in governance and compliance.

The auto-scanning functionality and automation features in Azure have a positive impact when connecting data sources. When there are multiple data sources, we can make connections and start discovery. Manual discovery will take so long, and we don't know when the new data is coming in, so automation is useful. When new data comes into the databases, Purview triggers that auto-discovery part so the data stays updated. It's more efficient and more accurate.

For example, we have let's say we have data coming in this month. We have a discovery scan, and some new data comes into the databases after a day or two. If we don't run the auto-scanning feature, the data will get outdated. It would affect if we need to present something or calculate something. We can discover data quickly and get accurate data. It isn't completely in real-time. It still takes time to refresh things, but we haven't 

Automated discovery reduces the amount of time needed to take action on insider threats. If discovery is already done, it's easier to classify the data and import it into a data visualization tool like Power BI. We need to complete the discovery before moving on to the data lineage component or the Data Factory pipeline. It reduces the time by about 12 to 15 percent.

My favorite Purview feature is auto-scanning. Once we set up Purview, we can automatically scan multiple data sources when new data comes into specific databases, like SQL and Oracle. We don't need to rediscover the new data or do anything manually because it automatically happens.

Purview also offers some additional integration capabilities if you use the Azure edition. We can seamlessly integrate tools like Azure Data Factory and Synapse Analytics to provide analytics and data transformation services in a customer's ETL pipeline. Organizations want to structure that data, so they use a basic ETL tool, which is commonly Azure Data Factory. Purview provides us with all the connectors needed to integrate these data tools. Another feature I like is data lineage. Purview tracks the data from its source to the destination. 

I haven't seen many challenges with integrating or supporting native Microsoft solutions like Office 365. We haven't come across anything in Microsoft 365 that's unsupported out of compliance with HIPAA regulations in the health sector or banking and finance regulations. It conforms to PCI DSS compliance methodology or GDPR.

We have multiple clients in the energy and banking sectors. Purview is vital in data platform implementation projects involving ETL transformations and model training. It's our default tool for governance when we're pitching our organization during presales. However, our smaller customers often don't need that much governance, or they're good with Azure Monitor. They may also prefer some other governance tool or might have an on-premise tool that they are already using. They don't want to change it despite the integration and features. Our big customers may have existing governance tools, but they want to use Purview because it offers additional features. It provides them security, compliance, and the flexibility to integrate with third-party and Azure native tools. 

Two features are unsupported—custom insights and the DLP component—that would be beneficial to me as a consultant and for the customer in terms of security and monitoring. Regarding security, DLP would provide a more granular level of data masking. Custom insights would offer more detailed monitoring and alerts that can notify customers of failures or anything requiring urgent action. 

DLP is not a part of Purview. Our larger customers require some advanced features, such as dynamic data masking, encryption, and decryption. For example, some of our projects in Dubai involve machine learning use cases and encrypted critical data on-premise. It varies. Data encryption and masking are not priorities for some customers.  

Microsoft has some built-in data masking tools. Some customers believe that masked data is safe, and they don't want to move it. We tell the clients that Purview doesn't move the actual data, only the metadata. The customer is convinced that DLP is not part of Purview, but that is not a concern because it's all about metadata. The original data is not transferred from on-premise to Azure. Purview is not storing the actual data. It takes the data to perform discovery and provide better data classifications. If DLP is added, then Purview will be stronger.

When I talk to clients about these DLP features, they say it still lags behind in data integration and support. It does not affect the sales side or prevent us as consultants from convincing them to switch because of these two unsupported features. However, Purview does need some improvements in data security and third-party integrations.

I have worked with Purview for a year. 

I rate Purview six out of 10 for stability. It is stable, but they're constantly adding new features, so it needs more stability in the future. 

Purview is a scalable solution because Microsoft manages everything on the back end. We don't need to handle any databases or servers. We can talk about the general scalability of Azure services, not Purview specifically. The SLA gives an uptime of 99.99 percent. I have not had any scalability issues with Azure services, and this goes for Purview as well.

I rate Microsoft support seven out of 10. They respond quickly and follow up fast after the issue has been closed to see if the problem is resolved. 

Neutral

I have not used GCP, but the AWS centralized governance tool lags in terms of authentication and authorization. AWS also has features like data lineage it can provide. However, Purview stands out for security protections and role-based access control. Purview offers better granularity compared to the AWS or GCP governance tools. The access control list enables granular levels of access to its users. 

Deploying Purview isn't too complex. The initial installation takes about eight hours. Setting up a data governance solution involves configuring the networking components. The networking part can be done in parallel with deploying other services. However, you must completely implement the data platform before connecting the data sources and performing data discovery. Later, you can begin the data analysis and classification on Purview. 

The data deployment and networking configuration is similar to deploying other Azure services. I imagine on-prem Purview requires more time to set up. If we are giving a client an estimate of the time it would take to complete the project, the deployment and networking part would not additional time. However, the data discovery, classification, lineage, and data source connectivity, require two more weeks. The total deployment takes five to eight weeks plus an additional two weeks for the discovery phase.

The networking engineer who deployed Databricks, Azure Data Factory, Synapse Analytics, etc. can easily deploy Purview because it's the same. However, we require a dedicated Purview engineer for the discovery phase. We haven't had to do much maintenance so far. 

Microsoft Purview is priced in the middle. It isn't the cheapest, but it isn't the most expensive. It's affordable compared to other public cloud services. Purview costs about 20 percent less than AWS, but it is still expensive compared to other Azure services and governance tools. 

I rate Microsoft Purview seven out of 10. I recommend Purview over other governance features because it has multiple features that make it stand out from the rest. Once it is updated with features like DLP and custom insights, Purview will be a market leader. These additional features will help the solution earn more enterprise-scale customers. 

Microsoft recently changed the name of this solution. It was previously called Microsoft Compliance Center. Purview has multiple functions, but I primarily use it for records management. I also use the Audit Center for getting audit details about various aspects of the Microsoft 365 platform.

Purview protects against litigation by meeting our compliance requirements and helping us manage the reports. You can realize the benefits once it's set up correctly. Every day, you'll get new audits and inputs from the tool and access the data quite easily. 

The organization didn't have any solution in the first place, so that's a huge challenge. From the perspective of Indian compliance use cases, we see a lot of benefits from Purview's storage. 

This custom solution gives you more power compared to what it used to. Previously, all the other data and SaaS products were running in silos. Having this customized environment and a single pane improves the smoothness of the experience. The visibility has improved greatly in terms of the scalability and elasticity of the content. Purview enables us to demonstrate compliance in real time.

Purview has helped us deal quickly with insider threats because we can implement extended file solutions and see what's happening with raw shared content from various users. We can get a sense of what's being deleted and take action. At least 80 percent of our cases are getting solved.

The audit log has been a lifesaver for a lot of reasons. Historically, when using SaaS products, there were always questions about how the audit was going and whether we were sufficient out of the box. Purview has many capabilities available through centralized reporting that provide a view of a specific segment. 

The audit log capability enables us to observe things like changes in file sizes. At the same time, it simplifies management and control over the entire infrastructure, but it's specifically effective for Microsoft platforms. 

Purview's coverage of multi-cloud environments is essential. In today's world, we cannot stick to a single cloud provider because each one has a different set of benefits and advantages over the other. Many organizations typically try to interconnectivity and a cross-cloud platform, so it makes sense to have a single centralized compliance center and repository where you can track all activity at once. 

You can integrate iOS, Mac, and Android devices and data in other SaaS apps, which is important because we have a plethora of users using various devices across various operating systems. It makes a huge difference to have a centralized data solution for us. Purview natively integrates compliance across Azure Dynamics 365 and Office 365, which is quite important because Office 365 represents the new digital transformation. Purview covers the complete ecosystem, encompassing a lot of use cases and custom applications.

The solution takes into account critical regulations from around the world, which is vital for global organizations operating in countries that each have separate sets of rules and regulations, like GDPR. 

Running eDiscovery once a day takes quite a long time because it has to fetch your data. I also want the eDiscovery results to be improved. At the same time, I would like to get a centralized page where I could see records management applied to my Office 365 tenant visualized instead of waiting for a custom script to run through the complete tenant. 

I want to see how many records there are,  how many files will be affected when we apply a change, and when the next retention cycle is going to run again. It would be helpful to have that integrated into the process.

I have used Purview for around four years now.

Purview is 99 percent stable. 

Purview is highly scalable.

I rate Microsoft support seven out of 10. The response times could be quicker. 

Neutral

We had previously used custom solutions, but Purview is quite effective for the problems we are trying to solve. 

Setting up Purview is straightforward. The deployment steps depend on the features you are using and what you want to target. I don't recall any major challenges setting this up. It takes a couple of engineers.

Purview is reasonably priced. We're working with so much data, and there are many jobs on the back end that might increase the cost, but it isn't a problem right now. 

I rate Microsoft Purview seven out of 10. It's important to consider how your end users will integrate and establish a process for your data. 

I use their information protection labels. 

Information protection labels help us classify and protect data from unauthorized access.

An organization architect has to design the labels to describe the criticality of the data.

For example, we'd put labels and restrictions on certain data, like salary details, which would only be available to HR and certain managers. 

We can also classify policies based on the organization. Workloads and attachments are labeled so that they can not be shared outside of the classification label. 

Data sensitivity is a crucial issue for everyone, especially with remote and hybrid work. Everything has moved to the cloud in the last five or six years. We need to protect our data and the cloud and we do that with our own managed key to ensure DLP.

The labeling is excellent.

The endpoint DLP is very good. They are doing a lot of enhancements there. The DLP features consist of restricting copy-paste, network sharing, and blocking. We can take actions like blocking and warning with custom messaging to the end users. We are able to effectively reduce the data loss through endpoint DLP. 

We also don't have to pay for third-party DLP solutions. 

The OCR feature is really great. They've been improving it. If there is sensitive information in an image, it can be scanned and protected. 

We can prevent, block, or audit however we like. There are activity explorer audit logs that are available for 90 days. 

The solution can be used across Mac, Android and iOS. The support is there if you use those. MacOS does have some different settings, however, I haven't really explored it too much.

Purview is natively integrated with Azure and 365 workloads. We can classify the Azure Infra as well. 

We're using the solution at a large scale. It's important that Purview takes into account critical integrations from around the world. The labeling will automatically classify data that will cover sensitive data. We can make our own classifications on top of that if we need more security. Once the data classification happens in Purview, we can take an extra step if we like. 

The data loss protection is great for remediating policy violations. We have policies configured via labels. We can check in with individual users to see if there are any malicious activities happening. We're extremely confident no one can take data off-site. Even the labels are encrypted. Even if someone takes the data, it's encrypted and safe. 

DLP comes into the picture when a data classification happens. We have to educate the users that we've classified the data based on sensitivity. We enforce DLP policies by forcing users to use labels. If they do not use labels, they cannot, for example, use files for their day-to-day work. We've imposed classification on them. They cannot share or take data without the proper label or access.

Purview has helped us reduce the number of solutions we need to interact with. This fits perfectly with today's data privacy and security concerns. Corporate devices are completely managed through the support of this solution.

Purview has positively affected the visibility we have into our estate. Once the data is classified, you get a complete 360-degree view of it, including where it is and the labels associated with it. With the content explorer, we have eyes on the entirety of our data as it's hosted on the cloud. 

It helps us ensure compliance in real-time. We don't face any issues right now with compliance. Security and compliance are completely in sync, and we've defined the necessary policies. We're audit-ready.  

The solution has helped us know of any insider threats. It's helped us reduce time to action on insider threats by 40%.

While the product doesn't exactly save us money, it does save us time. It's reduced time spent on security by two to three hours. 

There are some non-Microsoft file formats that are not supported. 

While they seem to be focused on Sharepoint and OneDrive, I'd advise that if somebody saves something locally to their hard drive, this should also be classified and protected. 

The DLP has to become more mature now that there are other competitors present in the market.

While the solution went through a name change two years ago, however, I used the compliance security portal for the last three to four years.

The solution isn't completely stable. It's not mature. I'd rate stability six out of ten. There are bugs and glitches. The product is also evolving. They're always adding new features based on feedback and the experience of the customer. They deploy a ton of fixes. 

We have the solution across multiple locations and departments. We have about 2,200 people in the organization, and around 1,700 people use it. 

The solution isn't completely scalable. They are working on it. 

I'm not sure what happened. However, I've noticed, after getting very good support for the last ten years, that, in the last two, the support level has gotten worse. Their engineers don't know the basics of their products. They need to be more knowledgeable and offer a better response time. 

Negative

We did not use anything previously. 

We did testing and a POC for three months until the rollout. We had three to four people working on it. However, one engineer is sufficient with some guidance from Microsoft. One or two engineers would be enough for a complete deployment.  

The implementation process is straightforward. It's not overly complex. 

There is no maintenance needed. Microsoft supports it; if there is any service interruption, they will cover you.

We have witnessed an ROI. We save on costs and do not need to do too much manual work. We've seen an ROI of 17% to 18%.

If you are an organization using Microsoft 365 solutions, it's okay. If you are on Google Solutions and using Google Cloud, it might be costly. Having the complete Microsoft bundle makes it feasible and cost-effective. 

I've heard that Purview and Forcepoint are similar and very comparable.

We're a Microsoft customer.

If an organization doesn't want to spend money on other solutions in the market, I'd recommend Microsoft. Instead of nothing, you'll have something. 

I'd rate the solution seven out of ten. 

We are using it for governance on the cloud data migration. When people want to see legacy application Hadoop to Azure, we use the solution to gain some governance aspects and integrate it with Synapse on the final layer, which is the transform layer of the data lake. 

Purview was included at a single location in eastern Canada. There are close to 1,000 users.

It strengthens governance and provides visibility. It gives you better control and reports, then it integrates them with the Microsoft reporting solution. It integrates very well and helps provide visibility, but you need to do a lot of homework before you gain visibility. You need to understand the limitations in each of the data sets to gain visibility from a governance perspective.

For a tech organization, it gives them the ability to lower maintenance costs because it is natively integrated. So, it reduces the number of solutions that need to interact with each other. It is far easier for clients to operate and maintain that solution rather than be worried about a custom or hybrid solution, or even a best-of-breed. This solution makes it tougher because then you can hire people with different skill sets. 

Depending on the pipeline, it enables us to show compliance in real-time. This has sped up the decision-making cycle, making clients more proactive. They can do more internally before responding to compliance requests. For the banks, it is very important for them to be compliant with the standards that they are expected to adopt, e.g., GDPR. This gives them more time to prepare and figure out what the root cause could be if there are gaps.

Because governance analysts have these reports and dashboards out-of-the-box from Purview, they now have more time. For example, in a 40-hour work week, they would gain back three to four hours. So, the decision-making is faster.

Purview gives you more visibility and has native integration. It gives you a heat map regarding your risks. For example, where could there be potential exposure? It can very quickly identify non-compliance. Since it is natively integrated, the catalog tracker can quickly scan it.

It natively integrates. It gives you a lot of controls, awareness, features, and best good practices, making conversations a lot easier with the clients. Features are pre-built. All you have to do is configure it properly, and you get the correct tables and names of the entities with data. This reduces effort and gains efficiency, both for the clients and for SIs (like us). 

It is critical that Purview delivers data protection across multi-cloud and multi-platform environments. That is the number one reason that people are adopting hybrid and best-of-the-breed approaches. Especially in banking, it is critical because people want to protect, govern, and secure their data. This is one of the first conversations that happen with security and the architecture group on the client side.

It is a heterogeneous environment. That is a desire that the clients are asking for increasingly. So, the feature that provides data protection for iOS, Mac, Android, and data in other SaaS apps is pretty important.

Batch sources can connect well.

It works very well, but there are some limitations because it is a new product. For a lot of features, you need to wait until the time that Microsoft announces that they are generally available. Or, a lot of times, some features are not even available. Then, you need to go through their support channel. So, it's a mixed bag.

The API needs some improvement when connecting to non-Microsoft API sources. This is a limiting factor.

The integration with modern data warehouses needs a lot more traction. Because clients will not always adopt Microsoft Azure as their cloud, as they can choose to be in a heterogeneous environment. For example, I have three warehouses: Synapse, Snowflake, and Amazon Redshift. In this case, I would hesitate to adopt Purview, as it is not the best choice at this point in time.

I have been using it since it was launched in 2021.

The reliability is very good, but the stability is evolving as Microsoft is trying to challenge the established leaders with new features.

It is middleweight from a maintenance perspective, as there are two people from the client side at one site maintaining this, technically and functionally. There is a lot of leg work needed on the functional side. 

You need to keep an eye on it when applying a new patch or version from the cloud. You need to be very careful of how you upgrade that so it does not undo your customizations.

It scales without issues. In terms of performance, it scales pretty well.

Out-of-the-box, it is fairly easy to use the features. The clients have been happy overall, but they struggled when they tried to extend it to other applications in the cloud. This is getting better, from what I understand, as they release more feature enhancements.

The technical support is good. They respond quickly, though it depends on your license. If you have Premier Support, they will respond. On a scale of 1 to 10, I would rate them between eight and nine. They are trying to improve.

Positive

We did previously use another solution.

We had a client who decided to move to a single platform in the cloud. Azure was chosen because of its native dataset and proximity, e.g., the platform closest to the existing state of affairs. That is why Azure was chosen and the major reason for Purview to get adopted.

The initial setup is pretty complex. When you make it a private cloud, the security makes the setup complex. The public cloud is far easier. With a private cloud, you do the configuration to the right security standards and norms. You have to do the extra groundwork to make that happen. That took us a long time, but that is okay. Once it was done, it worked fine.

The first step is migration, making it visible and gaining efficiency. Then, you let it stabilize and clients get it. Phase two might be more automated, having some intelligence with AI for more decision-making.

I did the implementation with a Purview team of eight to 10 people. This included a governance analyst, data analyst, Purview expert, SMA, developer, and functional analyst. I was the overall delivery lead overseeing the effort, then there was a lead on governance.

Clients are happy and seeing the benefits. However, it is too early to determine ROI.

We also evaluated Collibra and AWS.

We haven't explored data loss protection at this point in time because the client has a very specific, in-house utility tool that they wanted to retain for DLP.

Make your case. Do your homework. Know your roadmap, which is critical with Microsoft and adopting Purview. 

I would rate the solution somewhere between an eight and nine out of 10.

I've been using it to help track data from employees or messages. I can use it to see the routing of ongoing and outgoing confidential data. We can audit logs to see the history of particular mailboxes. Auditing has been a very helpful feature. 

It helps with the discovery of overall licenses and security labels. You can find out if any type of security has been triggered or if any type of particular content is being shared with specific users. Using content search, we can manually search for all types of things and see different types of details. 

It helps us with data loss prevention to make sure that nobody actually is accidentally sharing any confidential information, such as legal documents, health information, and personal identity verification numbers. 

They are improving the platform every day, and they are doing a wonderful job now. 

They also include different features. We can pre-enable classification and use enhanced labels. You can create labels to define your data class notifications, such as confidential information. You can create a system keyboard list and a dictionary with sensitivity labels.  

Microsoft introduced a compliance manager to help you find all sorts of things you can do to improve your environment to achieve a higher security score. 

Purview delivers data protection across multi-cloud and multi-platform environments. It is very important. In today's world, most of the things we do are over the cloud. We use many APIs and additional apps in our environment from different vendors. Some of these APIs and apps are being configured over hybrid or multiple clouds. You can audit and monitor all data connectors, and you can configure your database and your database connectors, and all these APIs can be ported to Purview so you can monitor all the information to make sure that it does not leak. You can also encrypt such information to keep it safer.

Purview can connect to iOS, Mac, and Android devices, as well as data and other SaaS apps. We have multiple users who are comfortable with different platforms. Some are on Windows. However, most of the planning teams have iOS-based devices. We like that it is supporting all these platforms and making all those devices and data flow to it. 

It is very easy to learn the interface, and it is very user-friendly. It is really helpful for us to be able to monitor and use Microsoft since it is such a strong tool for analyzing our database.

We use the solution for data loss prevention. One of the features includes this configuration template that we can use for default government policies. You can create a policy for server migration that needs some of the custom configurations, and we do have templates for payroll and inventory. We can use the DLP to educate users on policies and let them know what shouldn't be shared. We can send suggestions about how they can send certain information.

Purview enables you to handle compliance in real-time. It runs in the background and you can engage with it when you get real-time alerts. It's helped us reduce the time needed to act on threats. Instead of manually auditing, we get notifications and can see things highlighted in our dashboards. We've reduced the time to action by about 20%.

I'd like to see them improve the training for implementing this type of solution. If we need particular things, we need to be able to understand how to implement them right away, and not wait days or weeks. 

I've been using the solution for the last four years in different companies. 

It's very stable. 

We have the solution across multiple locations in India. We have ten to 15 engineers working directly with the solution. Then we have around 2,000 active users and are scaling up.

The level of support you get depends on various scenarios. Sometimes you need help from engineers in a different time zone, like the US for infrastructure. 

Positive

The solution is deployed completely on the cloud. We have an enterprise subscription. It's a pretty standard implementation. However, there are some configurations you need to handle initially. For us, we did a migration and then handled some configurations since we moved over to the cloud. 

Implementations are easy, and I appreciate the support Microsoft provides.

For some features, you do need a specific license. For smaller organizations with 200 to 300 employees, it might not make sense to get an enterprise license. However, the pricing is good for the requirements it meets. 

I'm a customer. 

We're not using the AIfunctionality yet. However, we are leaning into it to see how we can implement it in the future. 

I'd rate the solution nine out of ten. 

We use the platform to comply with regulations, and our specific use cases are information protection, information governance, data loss prevention, and insider risk mitigation.

The information protection and data loss prevention functions help our end users be fully aware of the sensitivity of certain information. From a management and CISO perspective, they have insight into where sensitive data is stored and whether we are required by law to delete it after a certain period. That's an invaluable overview of the situation, so our users are more aware, and Purview took our information governance to the next level. It also supports our certifications because it helps us comply with regulations, including ISO/IEC 27001, which are essential to our functioning.

The solution increased visibility into our estate; we had a problem with GDPR-related personal information stored in our environment, which we didn't have any insight into. When we used some of Purview's data governance, data lifecycle management, and content search features, we could rapidly go after that information and resolve compliance issues. The tool also provides management with much better oversight of our stored data.  

Purview enables us to show our compliance in real-time and supports it via the compliance manager and compliance score. The assessment templates within the latter allow us to provide an overview of what we have done within the Microsoft 365 and Dynamics environments to our auditors, which is very handy. We're an ISO-certified company, amongst others. In meetings with compliance regulators, we can show that we're using information protection, DLP, data governance, and data lifecycle management functions to comply with regulations fully. The solution dramatically speeds up the process of talking with external auditors. 

Purview saves us time and money. We're an information-intensive organization; seeing where our sensitive information is stored is a significant time-saver. In addition, showing we're safeguarding that data also saves us a great deal of time. From an efficiency standpoint, AI and auto-classification of information is another big time-saver, as the staff members working for our clients don't want to spend time considering how long data needs to be stored, whether it should be archived, how sensitive it is and so on. I can't quantify exactly how much, but all of the above reasons save us a significant amount of time and money.

The data classification part of the solution is excellent, especially as it gives us an insight into our sensitive data within Microsoft 365. 

Data loss prevention is an extremely useful feature. 

The built-in information protection function is another that stands out. 

Purview delivering data protection across multi-cloud and multi-platform environments, including AWS and GCP, is becoming increasingly important. It's a relatively new functionality, and I see the importance of it growing even more over the coming years. This kind of functionality is highly appreciated for organizations operating a multi-cloud environment. 

It's very important to us that Purview can connect to iOS, Mac, and Android devices and data in other SaaS apps. From information protection and data loss prevention perspectives, information is accessed using many different devices, and extending that protection to iOS and Android is a must-have for any platform.   

The product's natively integrated compliance across Azure, Dynamics 365, and Office 365 is essential. The ability to classify information across workloads, and have a holistic view over our entire data estate where sensitive information is stored and handled, is excellent, especially from a CISO perspective. This is a capability we didn't previously have. Having that overview of where data is stored, plus the multi-platform/multi-cloud approach is the future for data classification and information protection. Wherever our data is stored, we have an overview of which is sensitive and which isn't. 

I greatly appreciate that Purview was built considering critical regulations worldwide, especially the international standards within the compliance manager. There are ISO and NIST standards, ideal for larger countries such as the USA and extensive international organizations.  

We use Purview for data loss prevention (DLP), and we're confident that we can detect and remediate policy violations. Microsoft improved its solution with recent additions, including advanced conditions, and the product is coming of age. The DLP is reaching a maturity level where we can confidently compare it with competitors like Symantec. It goes beyond DLP on emails, documents, on-premise, and endpoints; governmental organizations especially need to detect if sensitive information is being handled on devices. In this respect, Purview offers comprehensive protection.  

Used correctly, Purview is essential in staying on top of compliance. One of the best features in this regard is the solution's compliance manager, which helps us effectively comply with all the regulations. Many organizations should start using the platform because it will keep them on top of their compliance stances, and Microsoft periodically updates the assessments. We must be aware of updates and changes, as we can miss them if we do not pay attention. We can't just run the solution, walk away, and think we're compliant; it requires some monitoring of the developments from a roadmap perspective.   

Microsoft is doing an excellent job improving the platform, and they have a lot coming out shortly. However, the licensing around compliance could be much more transparent; it isn't clear for many organizations what kind of license they need to use, whether that's E5, E5 compliance, an information protection license, user-based, or platform-based. More information here would be a welcome improvement.

Blueprints and landing zones like we have in Azure would be great to see in Purview. The solution could offer a baseline or blueprint of recommended settings for compliance regulations such as GDPR and ISO, which could be applied with a simple switch in the options. 

Some dashboard centralization, like one overview dashboard instead of many loosely connected ones, could be a good improvement.

We must build our own assessments to comply with Dutch regulations, a mix of international and EU standards, as they aren't native to the solution. Many of our clients in the Netherlands require adherence to Dutch regulations, and as well as Purview covers the international aspect, the Dutch side is covered less than we would like.

There's room for improvement regarding Purview's data loss prevention for educating users on how best to handle sensitive data. Microsoft is working on improving the policy tips. Still, from a user's perspective, I want to see more information in the case of a policy violation, such as context or details on why a specific rule is triggered. There are ways to tweak the DLP options, but a significant improvement would be real-time notifications when working on an email or message within Teams, for example. DLP is only triggered when sending or saving, so real-time notifications would be great. The basic functionality is there, but there's room for improvement. 

We've been using Purview for around a year since Microsoft changed the name, but we've used the functionality within Purview for five to ten years.

We haven't had much experience with customer support as we didn't encounter many problems. However, the response is usually rapid, and the expertise depends on the technical knowledge of the agent we speak to.

Neutral

We didn't use different solutions, but some of our clients did and still do, mostly DLP and data classification platforms. The trend is that more have been moving to Purview because many are already paying for it within their licenses and not using it. We're an IT company focusing on Microsoft technology, so we went straight for Purview.

My colleague carried out the initial setup, and I'm primarily involved in deploying the solution's functions to our clients. Setup requires some planning, a discussion with the stakeholders, and a good sense of the data, but it's mostly very straightforward from an admin's perspective.

Our use case is mainly to do with GDPR-related data, and being able to get an overview of that information and act on it led to a speedy return on investment for us. Other organizations in the Netherlands bound by specific government regulations will also see a quick return on their investment when they discover they can classify their information and comply with regulations.

Aside from the complexity of the pricing model, the price itself is realistic. Features like AI components and automatic classification require additional licenses. Still, anyone can start using Purview with a basic E3 license if they're using Microsoft 365 and grow with additional licenses as needed. Overall, we're satisfied with the price.

With the way information is being used and the growth of data, the need for additional licenses for auto-classification etc., will become more and more apparent. I wouldn't be surprised if Microsoft incorporated those into the basic license in the future.

I rate the solution eight out of ten. 

Regarding Purview's data connector platform for supporting ingestion from non-Microsoft data sources, I have yet to work with it much. In highly regulated environments such as government organizations, it's very relevant, but I have yet to see it used much. The main reason is that the data connector platform is a relatively unknown component within the solution. It has its merits, but the use cases are limited.

If this were a year ago, I would have said the solution is getting there but hasn't reached maturity. However, Purview is now a very comprehensive solution; with all the enhancements, it's one of the best products available.

As Purview reached a maturity level where it could compete with third-party DLP solutions, some of our clients were able to move away from specific endpoint DLP products like Symantec DLP. Going with Purview also allowed these clients to fully leverage their existing licenses within Microsoft 365 and simplify their data governance. It provides a holistic view of the data estate, enables Defender for Cloud in Azure, and offers an integrated overview in one pane of glass.

Regarding automation, we use some limited functions using the solution's trainable classifiers and auto-classification of information. This notifies the user when working with certain kinds of sensitive data, GDPR and otherwise, so we use some basic AI functions within the platform.  

We're not currently using the product for insider risk management. Still, we are in the process of looking into implementing those features and how we could leverage them within our environment.

As a financial institution, our objective is to replace our existing in-house project with a comprehensive solution for data cataloging, data provenance, scanning, drift detection, and overall data governance. We use Microsoft Purview to fulfill these requirements and enhance our data management capabilities.

We haven't witnessed the full impact yet, mainly because it took us a considerable amount of time to effectively integrate Microsoft Purview into our system. Additionally, there are critical features that are currently lacking, hindering the platform from realizing its complete value. However, we have confidence in the roadmap and the commitment of the development team.

The most significant value lies in its seamless integration into the Azure ecosystem, automating various processes and reducing operational burdens. The ability to consolidate metadata from diverse services and databases into a centralized repository is crucial. Moreover, the flexibility of exchanging data through APIs allows us to extend and build upon the platform to meet our specific needs. The openness to supporting customers across various environments and the potential of a comprehensive data strategy are key factors that keep us committed to Microsoft.

Overcoming certain control issues would significantly enhance our overall satisfaction. We encountered challenges in building a custom subscription, and certain essential Azure financial control functions, like customer-managed keys, were not implemented.

I have been working with it for approximately two years.

We have around ten thousand users, and the scale might not necessitate the same level of custom development as larger companies. Despite our size, there are instances where building and hosting certain systems, like a database, provides us with greater control over our data.

I find it to be quite good. The enterprise culture and support we receive are appealing aspects. While our operational support may not match the industry leader, it surpasses what we've experienced with the third-ranked provider. I would rate it seven out of ten.

Neutral

Regarding choosing Microsoft over competitors, our decision was heavily influenced by corporate alignment. We already had a significant business relationship with Microsoft, and there was strong alignment at the senior leadership level between our institution and Microsoft. Despite acknowledging that Microsoft is behind AWS in terms of service maturity, especially in areas like data databases, authentication, authorization, and management automation, we recognized the benefits of our existing alignment.

While it may take another year to reach the desired level of functionality, we believe in the platform's potential and anticipate improvements in its feature set.

In the long run, using Purview may be more cost-effective than building and operating our own solution.

I currently rate it a five out of ten, and I believe there's potential for it to reach a seven within the next year.

We are integrating Purview with Copilot. We are creating prompts in Copilot for whatever we require from Purview. There are multiple scenarios where we create something in Purview: eDiscovery, auditing, labels, and data loss protection alerts. It is something like the parent application for the data loss alerts.

The major benefit is the workflow inside Purview. While creating policies, we can add an organization's security groups and, for those particular users, we can control the user data or exfiltration. We can control the workflow of those users. If we want to exclude a particular channel that they use to communicate about sensitive data, we don't need to monitor it. We can just exclude it. That means we can include or exclude every individual step in their workflow. Based on our customers' requirements, because there are a lot of features in Purview, we can easily include, exclude, enable, or disable things. That is the major advantage of Purview.

Also, it has reduced false-positive alerts for data loss protection. Why? Because the policies or detection patterns are based on the normal or generic concepts that apply within each organization. Each will have its own set of policies. And that generates fewer alerts. An organization can have particular data monitored, and that can be changed from organization to organization. As a result, there is a lower chance of false-positive scenarios.

My favorite features are eDiscovery and insider risk management, because these are the major threats to an organization that can't be easily traced.

Also, there are multiple rules within Purview related to cloud applications. Purview's major focus is on Microsoft Azure and its Microsoft cloud-related applications, such as Exchange, OneDrive, SharePoint, et cetera. They have created a set of rules and added workflows to the policies as well. That means we can directly add those particular cloud workflows to the policies. Alerts can be triggered and workflows implemented based on the rules that we set while creating a policy inside Purview.

We also use Copilot, the next generation of ChatGPT. If you ask it: "According to Purview, what were the DLP alerts that were generating today?" it will take just five seconds to generate the data—whatever is available in the backend of Purview. Copilot is integrated with Purview. If a person is using Purview but doesn't have any idea how to operate it—meaning they don't know how to search for alerts—they can easily ask Copilot. They can create a prompt. That way, a non-technical person can get the data.

Also, all the required security products are integrated with Purview, including endpoint DLP.

I would like to see them simplify advanced hunting. There are differences when looking at an incident in the M365 portal versus Purview, and the main one is the advanced hunting. In the M365 portal, you can write KQL queries and fetch data. If that was available in Purview, it would be very good.

Another issue is that for incidents, only DLP alerts are available in Purview, not the incidents themselves. An incident consists of multiple categories of alerts belonging to multiple products. But in Purview, we can only see DLP alerts, yet those alerts could be part of an incident in the incident portal. We are not able to see if a particular alert ID is part of a given incident.

For example, if an exfiltration happens, the exfiltration-related alert will only be triggered inside of Purview. But it's possible that before the exfiltration, there was a kill chain there, such as initial access, privilege escalation, a user being compromised, or a brute-force attack. Those types of alerts are not available inside Purview. They are covered in other Microsoft products. All those products' alerts will combine into one case and generate an incident as a single story. But in Purview, the incident is not available.

I have been using Microsoft Purview since it was introduced. I am part of our Purview team.

With Purview itself, I have not faced any issues, but there have been some with Copilot.

The scalability of Purview is eight to nine out of 10.

The price is a little bit high, but it's worth the money because it has a lot of features. And there will be more features in the future.

My advice is that you need to understand the architecture of Purview first. Play with it and go through the data loss policies. Whoever is using Purview should have some idea about data loss protection policies. If you have these things, you can easily do things in Purview, such as labeling and IRM.

There is no maintenance. As a user, you just see the alerts, while the protection is taken care of by the Microsoft team.