Microsoft Purview Data Governance Reviews

Our IT team, data engineering team, and data science team all rely on Microsoft Purview for a unified data repository. We maintain a table for storing sensitive data with segregated access. To readily understand the data types within, anyone can simply leverage Microsoft Purview's classification system. By selecting a specific classification, users gain access to relevant table details.

If we create keys for non-Microsoft data sources, we can leverage Purview's data connector platform to connect and ingest the data.

It is good that Purview takes into account critical regulations from around the world.

Microsoft Purview has greatly improved our organization's ability to view and share permissions with minimal human intervention. Searching for desired information is now a breeze. However, integrating permissions for access in large environments can be a stumbling block. With ten departments, granting access to a single table for one department is straightforward. But when access to multiple tables is required, they must go through the main administrator for verification.

Microsoft Purview shows us compliance in real-time.

Data segregation is the most valuable feature. This provides clear visibility into the hierarchy of data flow, including its destinations, loading points, and table updates.

While Microsoft Purview offers data protection across multi-cloud and multi-platform environments, granting access in such complex settings can be lengthy and expensive.

Every scan we perform incurs a charge, making exploration quite costly.

I would like to have complete video documentation for training.

I have been using Microsoft Purview for six months.

In my experience with Microsoft Purview for our data governance project, I'd rate its stability at a seven out of ten. While it excels during exploration phases with use cases and demos, we encountered some challenges during implementation.

Each time we contact Microsoft support, the support person seems new and has to look into the issue because they've never encountered it before.

Neutral

Deploying initially is simple. It only takes as long as creating a storage account in the Azure portal, which is quick.

Microsoft Purview is expensive.

I would rate Microsoft Purview a seven out of ten.

Our current clients are medium-sized businesses.

In the six months we have been using Microsoft Purview it has not required any maintenance.

I see many customers these days looking into Microsoft Purview syntax and mainly using the solution for data lineage and data governance. The customer wants to be able to understand data a bit more within the organization and be able to classify and protect sensitive data and understand what it is. 

My company works with the healthcare and financial sectors.

Microsoft Purview can give good information on the cause of the breach, and that comes into the forefront of many organizations nowadays to know how to protect data not only from external sources but also internally as well.

Much of the feedback I get from customers on how Microsoft Purview improves organizations is around the visibility factor at the end of the day. It's all about protecting data and ensuring you don't lose data externally and internally.

Many customers also say that Microsoft Purview also helps simplify the management of data governance policies, as it gives you visibility, automation, and authentication. For example, you can now see classifications whether your documents meet specific criteria or not, through Microsoft Purview.

From my experience and customer feedback, one of the most valuable features of Microsoft Purview is ease of use, especially for content hosted within Microsoft 365 and Azure. You can connect Microsoft Purview to different sources.

I also like that the pricing model for the solution is reasonable, though that would depend on how much you use. That makes it much easier for people to have that initial setup, get started, and see all of the information straight away. If you want a more complex Microsoft Purview setup, you may have to contact a consultant for more technical aspects to enable the solution. Still, one of the most significant selling points for me is the setup, including the automation experience.

Microsoft Purview delivers data protection across multi-cloud and multiple-platform environments, including AWS and GCP, which I find very important because if you look at the percentage of customers that have multiple automated channels or multiple-platform setups, it's very, very high, primarily because customers don't put eggs in one basket.

It's also essential for me that Microsoft Purview can connect to iOS, Mac, and Android devices, including other SaaS apps, as I spend quite a lot of my time using my iPhone and iPad, whether for a webinar at the end of the day while I'm preparing dinner, and that's still the same information on my company laptop or desktop, which means I still need to ensure that the data I access is still very secure. 

Though you can protect yourself with multifactor authentication, people find ways to get past that, so you have to ensure that even if someone's getting into your organization now, the location within is siloed, and you could see the different classification levels that could easily be applied, making it more difficult for that person to get what he needs easily, compared to SharePoint that's open to everyone, making it a walk in the park, so what Microsoft Purview is able to provide is very important in this hybrid age.

I find Microsoft Purview very important in its natively integrated compliance across Azure, Dynamics 365, and Office 365, as you'll have sensitive content stored these days, especially if you're an organization with a lot of customer data in your database. Microsoft Purview helps secure customer records and also has a data loss prevention feature, plus data governance and compliance features that I find very important for organizations.

Microsoft Purview has also helped reduce the number of solutions my company needed. The solution is part of the project Microsoft has rapidly been developing, and over the years, the components of the Microsoft services went through a confusing renaming cycle. There were a lot of different services, but I've found out how each should be used, such as for security and compliance, some complementing technologies for identification, classification, traffic, and AI, for example, that I'm continuing to evaluate. At first, there was a bit of confusion, but now it all makes sense.

The simplicity of the number of solutions made data governance a lot easier. With Microsoft Purview, you won't have to interact with a substantial amount of systems, and I'm a firm believer that more risk could arise when you introduce more complexity into a solution or system you're developing. The services you make use of could sometimes deprecate and change features. Hence, having compliance, governance, automation, and data discovery features in one solution, such as Microsoft Purview, makes my life and the customer's life easier.

A key feature of Microsoft Purview for me is that it was built while considering critical regulations worldwide. My company works with organizations where there's usually a requirement for compliance, such as GDPR. I also work with many Germany-based customers that require GWC compliance, and there's strictness with the way data is stored and classified. You must advise and know all regulations, which Microsoft Purview enables you to do. For example, if you look at the amount of data in terms of size, such as the terabytes being housed in various websites, there's no way you could get the information without Microsoft Purview. There's too much data within organizations now, and all it takes is a tiny percentage of that data to be shared in the wrong way or be leaked, which could incur substantial fines, so Microsoft Purview is a product that justifies itself in that very premise.

Microsoft Purview has also enabled visibility, giving customers an overview of how much data is compliant. The solution also provides visibility into the quality of data, movement, and performance, so visibility is another valuable feature of Microsoft Purview.

My company uses the AI and automation features of Microsoft Purview, which I find very critical within the solution. The speed and accuracy of risk detection improved with  AI and automation features because classifying data is easier now, giving me a headstart. The AI can do essential, light work, going around all of the various containers within the organization, so the team only does twenty percent of the work now, such as management, reviews, and reports.

Microsoft Purview AI and automation make it less admin-intensive from a data protection and compliance point of view. If you look into a role within an organization, for example, I'm a DPO, which is a relatively new role. With Microsoft Purview, you'd only need one to two people full-time, another key benefit of the solution. The rest of the work would continue to fall on the shoulders of the IT team, which is stretched in organizations today.

The solution enables you to show real-time compliance. Microsoft Purview gives you the necessary data because it ties into the compliance scores when you eliminate instances. Right now, there are a lot of backlog reports in terms of compliance on static IPs, data leakage, lineage, and backup.

Real-time compliance data provided by Microsoft Purview has helped organizations, especially in terms of meeting with compliance regulators. I helped organizations with technical enablement, mainly stakeholders who requested assistance, and the reporting in Microsoft Purview has taken so much responsibility from the hands of stakeholders. The solution has better reporting that has broken down data for organizations, giving headlines and figures you usually won't easily catch, which makes successful deployment a lot easier.

Microsoft Purview has also helped reduce the time to action on insider threats, whether fraud or rest protection. Organizations, especially huge financial organizations, are bothered by threats, and Microsoft Purview has been beneficial. In terms of how much the solution reduced the time to action on insider threats, based on all industries I've worked with, it's twenty to twenty-five percent. I'm basing this figure on the fact that the automation from Microsoft Purview is very powerful, and the solution gives accurate protection. If you get an alert from Microsoft Purview, it's usually for valid reasons.

Overall, Microsoft Purview has affected the ability of customers or organizations to stay on top of compliance. You see many good products in the market, but if you have a customer  mainly using Microsoft products, such as Dynamics 365, CRM, etc., and the customer belongs to the financial industry or the public sector, for example, that's dealing with information, it's a no-brainer to have Microsoft Purview in the organization.

One drawback of Microsoft Purview, though it's beneficial and easy to use, is that when you start plugging in connectors for third-party sources when setting the solution up for data collection, it becomes a bit more tricky. There's limited documentation, so it's not as intuitive as setting up other parts of Microsoft Purview. If the process of connecting with third-party cloud providers and other SaaS products could be simplified, that would make Microsoft Purview a better product.

In terms of how Microsoft Purview supports ingestion from non-Microsoft data sources, from a user experience point of view, it's a bit more challenging and results in a bit more struggle in that area. Overall, it's decent, but it would benefit customers if Microsoft spent more time and energy improving that experience and getting it on par with other Microsoft products. Microsoft could make it a lot easier to build connections with other cloud vendors, such as AWS and GCS. Microsoft will get there eventually, but it needs to understand its customer base and look at the percentage.

I've been using Microsoft Purview for a year and a half, particularly getting up to speed with the current version. However, Microsoft had different iterations of the solution that my company used in the past two years.

Microsoft Purview is a very stable solution.

Microsoft Purview is a scalable solution, and that's the beauty of a cloud-based solution. It doesn't matter if you bring more files and documents tomorrow. You won't have to go to the data center and deploy server loads. You just have to pay, and that's the beauty of it.

I'd give Microsoft Purview technical support a rating of seven out of ten because it's tricky to get to the correct department, such as the product support team, for example, when you contact Microsoft Support. I do like that there's user documentation that helps get a lot out of the way, and my experience with Microsoft user documentation is pretty good.

Neutral

Some customers used different setups before using Microsoft Purview, but those were outdated and designed for file sharing and on-premises storage. Now, they are on Microsoft Purview.

Microsoft Purview, as a solution, is set apart by being baked into the Microsoft Stack.

Deploying Microsoft Purview is pretty straightforward, though an organization may have to contact a partner or consultant to assist with deploying the tool because my company doesn't deal with critical business situations. There's a need to ensure that the website is set up proactively, works with the tool, and also covers information on how to address possible issues that could arise in the future.

The deployment itself isn't too tricky and can be done quickly, but you must ensure that the organization has adopted it. It's not merely about deploying Microsoft Purview, and then that's it. You must ensure the proper psychology is there and that you're continuing to scan new data sources if you're buying into a new service. You have to keep the solution up-to-date and also know what to do if a disaster occurs. Microsoft Purview isn't a tool you can just turn off. Each organization goes through a pilot, and my company does a phased approach, such as a pre-production environment. My company shows the customer how the tool works and what it would do in different scenarios and lets the customer practice using Microsoft Purview.

You get ROI from Microsoft Purview because its cost is entirely justified, considering the value it brings back to your organization from the data insights the tool provides. The significant decrease in the percentage of risks, particularly from insider frauds and data loss, whether maliciously or unintentionally, or by accident, helps the organization enjoy ROI from Microsoft Purview.

The solution also helps my company uphold its reputation of abiding by European legislation, such as the GDPR, knowing that the company can keep data secure and that Microsoft Purview can help prevent organizations or companies from being out of business by decreasing data loss and insider fraud risks, so I'd say the ROI can be pretty high from the solution.

Microsoft Purview has reasonable pricing. The solution helps save money, and its cost is justified, at least for the organizations I've worked with. Microsoft Purview has a pay-per-use pricing model, so it's one of the most cost-effective tools, as your cost will be based on your usage. It's a pricing model that Microsoft has nailed down, making it great that whether you're a small organization or a multinational, giant organization, the pricing model for Microsoft Purview works. If you look into the cost of the breach versus the ongoing learning cost over a year or so, the solution's price is more than justified. However, I'm unable to give the exact figure on how much money Microsoft Purview can save an organization, as I'm a consultant who doesn't have precise information.

I don't use Microsoft Purview for data loss protection within the company, but I've seen its use case, so I understand where you would use that feature.

Regarding how Microsoft Purview AI and automation features affected the quality of insights my customers have, it's hard to say currently because there's not much of a benchmark to go off. The AI isn't going to be as accurate as a person who's been in the organization for ten years, for example, who knows the data and types of data the organization has. If you look at the way AI is developing, it's not fair to rate it yet, but if it keeps going in the same trajectory, it will be possible in the not-so-distant future.

Microsoft Purview has a cloud-based deployment on Azure.

The customers I've worked with vary from multinational data organizations with fifty thousand people to organizations with five hundred to less than a thousand people.

In terms of maintenance, my recommendation is to always keep on top of it, such as continuously scanning and being on top of it when building new apps and doing data migrations, but not necessarily in terms of updates. You should ensure encrypting your data as well, but from a maintenance point of view, Microsoft Purview is pretty self-sufficient, but you'd have to monitor it and not forget about it if you want to keep reaping the benefits.

I would recommend Microsoft Purview to others, but my advice is to ensure that the data layer underneath your organization is solid and that you're building a solid foundation. The success of any product or solution is dependent on a good foundation. You also have to ensure that you have the right people, the deployment is based on your industry, and you're meeting the standards, whether setting the solution up within a year or so. It's similar to building a house. Without the proper foundation, you're never going to finish building properly. Issues will crop up, and your home won't be properly aligned. However, if you build it entirely on a concrete, perfectly flat base, then it will be maintained well, and you can go forward with it.

My rating for Microsoft Purview is eight out of ten because it only requires limited improvement, and you won't find another solution better than Microsoft Purview in the market.

I'm a Microsoft consultant involved in the technical enablement of various Microsoft services.

We use Microsoft Purview to protect and govern our information.

It is important for Microsoft Purview to provide data protection across multi-cloud and multi-platform environments, including AWS and GCP. I have been a consultant for a year and a half, advising mostly European enterprise customers. All customers, from mid-sized to larger, have diverse storage solutions. Therefore, it is important for Microsoft Purview to be flexible enough to be applied to various environments, such as multi-cloud. Although the product is not yet there, it is important to many business customers.

The enterprise IT landscape is diverse, with various devices, SaaS applications, and multi-cloud solutions. Protecting and governing information is a need that spans all of these touchpoints and Microsoft Purview helps us do that.

Purview's native integration with Azure Dynamics 365 and Office 365 is essential because many organizations use these Microsoft products. This native integration is unmatched by other solutions.

Purview DataOps Protection does a great job of remediating policy violations. It has a comprehensive reporting and fine-tuning integration that allows us to track policy violations effectively. Overall, I think it does a great job of protecting data.

Purview recently improved in the area of DLP. These tips are now available across different platforms, such as Office and Outlook, and they are getting better. This is helpful in educating users about policies. 

Microsoft Purview helped us control the growth of data, reduce dark data, and better protect against the filtration of data.

Purview increased our visibility into our other Microsoft solutions.

We use AI and automation sparingly. This is not part of Purview directly, but an AI tool that helps us determine if data is redundant or has business value before we move it to Azure or Microsoft 365. We use the AI tool in a very limited way, such as trainable classifiers. We also have the option to use another product called Syntex in collaboration with Purview, but this has not been explored much.

Technically Purview can enable us to show our compliance in real-time.

Purview reduced the time it takes us to act on insider threats by almost 90 percent. Previously, many violations were not reported or took months to be reported. Now, we can act on violations almost instantly, or within days.

Microsoft Purview partially helps organizations stay on top of compliance. The platform provides a number of technical features that can be used to manage compliance, but it is up to organizations to implement these features and take the necessary steps to ensure compliance.

Microsoft Information Protection uses sensitivity labels to classify and protect sensitive information. MIP works together with Data Loss Prevention to prevent sensitive information from being leaked outside of the organization. MIP also helps to mitigate insider risk by preventing unauthorized users from accessing sensitive information.

Purview's data connectivity platform has a good set of connectors for ingesting data from non-Microsoft data sources. However, it still falls short in terms of coverage of other systems. It is mostly integrated with the Microsoft stack, but there are connectors to other systems and sources of information. Overall, Purview is not a one-stop shop for protecting company information.

I am not sure that Purview was built with compliance guidelines in mind. It does have a component called Compliance Manager, which allows us to track our adherence to different standards, such as security and privacy standards around the globe. However, this is more of an add-on. I think there is still a significant gap between the technical capabilities of Purview and the ability to drive compliance or prove compliance through its use. I think this is a major gap that Microsoft does not adequately address. Purview is not a GRC tool. It is a set of security features, labeling features, and lifecycle features that do not come close to GRC tooling in terms of functionality. Additionally, there is no strong integration with the compliance framework, either in terms of rolling it out or proving our adherence to it.

I would like to see improvements to the compliance manager, such as making it easier to start small and grow over time. This is not possible at this time.

The current event-based retention management is very poor. This is an area that needs improvement. We need to be able to more natively or near natively label content for retention and sensitivity across other lines of business systems like Workday and ServiceNow. This would allow us to extend labeling to those applications and make it native. This would be of great benefit to our clients.

Purview's DLP protection has some downsides. One downside is that the tips only appear in native applications. This means that users will not see them in other applications, such as web browsers. Another downside is that the tips only cover a subset of all the information. This means that users may still need to seek out additional information elsewhere.

The technical support has room for improvement.

I have been using Microsoft Purview for a year and a half.

Microsoft Purview is extremely stable.

Microsoft Purview is highly scalable.

The first level of support is not very knowledgeable and it is hard to get proper support because of the procedures in place.

Neutral

The initial deployment was complex, but not because of technical difficulties. The main challenge was engaging end users and getting them to adopt the new system. This was because the system required them to think about information in a new way. The deployment took around 12 months and required five to ten people working two days a week.

The implementation was completed in-house.

The return on investment is very good for what Purview offers, but it does lack some of the features that other solutions have. For example, if we're replacing something that already exists, we could do something cheaper or quicker. However, the value of this solution is in its ability to mitigate risk. If we don't have any type of classification and security in place, we're always opening ourselves up to risks. The cost of this solution is high, but the cost of not having it could be much higher. The return on investment is around 200 percent.

Some people find the tier licensing system complicated, but it offers a lot of value for money if we use the features. In fact, many clients who use the E5 licenses find that they can get a better return on investment on those licenses. Once they do, they find that the tier licensing system is very fairly priced.

I give Microsoft Purview an eight out of ten.

Time to value is quite long, especially when it impacts end users and requires new skills and knowledge. This is especially true in IT departments and on the business side. However, once the value is realized, the return on investment can be very good.

This type of solution is deployed across the entire Microsoft 365 tenant. It also has an Azure side, which is two things across that tenant as well. There is no area where it is used more or less. However, there is more interest in the areas of security and privacy. Therefore, legal, HR and IT are the most likely places to deploy this solution. Finance and merger and acquisition are also areas where people have more interest in deploying Purview. However, it is normally deployed across the entire organization.

We have around 30 clients consisting of anywhere between 20,000 and 50,000 users.

The maintenance is overseen by a full-time compliance technical person and a compliance business person.

I would advise assessing the maturity of the people and processes before using these types of tools. The technical side of things is not too complicated but we need to have the people and processes in place to classify all of our information and to ensure that our policies are being triggered. This can be a challenge for many organizations, as most have dark data, especially on structured clients. Ultimately, it is the people and the processes that make the success of these tools, not the technology itself.

We use it for the text of emails. We use it to keep track of groups as well. We also use it to go through the mailbox of a former employee to retrieve the mailbox for a new employee. We use it for e-discovery and content search in emails across our organization.

We use it internally for just a few use cases. I know there are a lot of connections between it and other Microsoft applications and multiple clouds, but we don't have those use cases currently.

We carry out implementations for customers on these particular solutions. For example, if we're selling a Microsoft 365 solution to them, we use it to secure their data, especially their emails through backup, and SharePoint.

It has improved our ability to retain data and retrieve the data that we need at a future date.

We are also able to see how sensitive data flows across the organization, so it has been very helpful in telling us where that data is originally from and where it is being sent to. We have the ability to track it and control and restrict it from going outside our organization. We've benefited from that a lot.

Purview also enables us to show compliance in real time. We can see what the requirements are and then we can apply them across the organization. That has been very helpful.

It has also helped us to stay updated and make sure that we are not out of compliance. It keeps us updated with any new policies that are required for organizations like ours. That's of great value to us.

Another advantage is that it has definitely reduced the time-to-action on insider threats, although we don't measure that at the moment. But from experience, we can tell how much it is saving us in investigations, compared to before we had the solution.

The most valuable feature is the information protection, the way we're able to retain emails.

Another aspect that is very important is that Purview has been built to take critical regulations from around the world into account. It gives us trust that all of the compliance requirements are being met and that we just have to take care of our data. We don't have to worry about whether the regulations are being met around the infrastructure and we can just focus on our data. It's very important to us to have that level of trust in our systems.

Also, Purview's data loss protection for remediating policy violations is very good. It gives you the opportunity to know your data and apply policies around it. If those policies are flouted, you can always track what's happening. You have options such as alerting the person who is committing that action, or you can take automatic action by blocking, for example, an email that is being sent externally. It's very useful.

I've been using it since as far back as when it was Security and Compliance Center, before there was a separation between compliance and security. That happened around 2019, so I've been using it since 2019.

The stability is great. Like every SaaS application, there are infrastructure issues, maybe once a year. Overall, it's good.

The scalability is also great.

The service level agreement is excellent and the support follow-up is also great. They have good knowledge.

Positive

In terms of ROI, my bosses take care of that calculation, but I know we are getting benefit and value from Purview.

The categorization within the licensing could be improved. There are a lot of solutions within Microsoft Purview. If the licensing could be a bit clearer and the solutions could be better categorized according to function and across multiple environments, that would be excellent. The licensing is very confusing.

The pricing, for the solutions and value being provided, is fair. But that ties back to what I said about the licensing. There are a lot of standalone solutions you can get, and there are different licensing options for them. Depending on what you need, you can have a cost-effective solution; you can figure out your cost and benefit. It's affordable.

We are still exploring whether Purview can help reduce the number of solutions that we have interacting with each other. There are a lot of solutions within Microsoft Purview, but we still have some data that is on-prem and we are still looking at how we can expand and connect to those areas. It's something that is in progress.

In terms of maintenance, it's a SaaS solution, so the applications are automatically updated. There's almost zero maintenance. We do have to take care of configuration and updating preferences. I am able to handle that myself.

My advice is to develop a clear use case and a roadmap, perhaps from a consultant if you don't have the time, or spend some time doing research on it, because there are a lot of great solutions within Microsoft Purview. You need to have a strategy for the way you combine the solutions together.

Microsoft recently changed the name of this solution. It was previously called Microsoft Compliance Center. Purview has multiple functions, but I primarily use it for records management. I also use the Audit Center for getting audit details about various aspects of the Microsoft 365 platform.

Purview protects against litigation by meeting our compliance requirements and helping us manage the reports. You can realize the benefits once it's set up correctly. Every day, you'll get new audits and inputs from the tool and access the data quite easily. 

The organization didn't have any solution in the first place, so that's a huge challenge. From the perspective of Indian compliance use cases, we see a lot of benefits from Purview's storage. 

This custom solution gives you more power compared to what it used to. Previously, all the other data and SaaS products were running in silos. Having this customized environment and a single pane improves the smoothness of the experience. The visibility has improved greatly in terms of the scalability and elasticity of the content. Purview enables us to demonstrate compliance in real time.

Purview has helped us deal quickly with insider threats because we can implement extended file solutions and see what's happening with raw shared content from various users. We can get a sense of what's being deleted and take action. At least 80 percent of our cases are getting solved.

The audit log has been a lifesaver for a lot of reasons. Historically, when using SaaS products, there were always questions about how the audit was going and whether we were sufficient out of the box. Purview has many capabilities available through centralized reporting that provide a view of a specific segment. 

The audit log capability enables us to observe things like changes in file sizes. At the same time, it simplifies management and control over the entire infrastructure, but it's specifically effective for Microsoft platforms. 

Purview's coverage of multi-cloud environments is essential. In today's world, we cannot stick to a single cloud provider because each one has a different set of benefits and advantages over the other. Many organizations typically try to interconnectivity and a cross-cloud platform, so it makes sense to have a single centralized compliance center and repository where you can track all activity at once. 

You can integrate iOS, Mac, and Android devices and data in other SaaS apps, which is important because we have a plethora of users using various devices across various operating systems. It makes a huge difference to have a centralized data solution for us. Purview natively integrates compliance across Azure Dynamics 365 and Office 365, which is quite important because Office 365 represents the new digital transformation. Purview covers the complete ecosystem, encompassing a lot of use cases and custom applications.

The solution takes into account critical regulations from around the world, which is vital for global organizations operating in countries that each have separate sets of rules and regulations, like GDPR. 

Running eDiscovery once a day takes quite a long time because it has to fetch your data. I also want the eDiscovery results to be improved. At the same time, I would like to get a centralized page where I could see records management applied to my Office 365 tenant visualized instead of waiting for a custom script to run through the complete tenant. 

I want to see how many records there are,  how many files will be affected when we apply a change, and when the next retention cycle is going to run again. It would be helpful to have that integrated into the process.

I have used Purview for around four years now.

Purview is 99 percent stable. 

Purview is highly scalable.

I rate Microsoft support seven out of 10. The response times could be quicker. 

Neutral

We had previously used custom solutions, but Purview is quite effective for the problems we are trying to solve. 

Setting up Purview is straightforward. The deployment steps depend on the features you are using and what you want to target. I don't recall any major challenges setting this up. It takes a couple of engineers.

Purview is reasonably priced. We're working with so much data, and there are many jobs on the back end that might increase the cost, but it isn't a problem right now. 

I rate Microsoft Purview seven out of 10. It's important to consider how your end users will integrate and establish a process for your data. 

I use their information protection labels. 

Information protection labels help us classify and protect data from unauthorized access.

An organization architect has to design the labels to describe the criticality of the data.

For example, we'd put labels and restrictions on certain data, like salary details, which would only be available to HR and certain managers. 

We can also classify policies based on the organization. Workloads and attachments are labeled so that they can not be shared outside of the classification label. 

Data sensitivity is a crucial issue for everyone, especially with remote and hybrid work. Everything has moved to the cloud in the last five or six years. We need to protect our data and the cloud and we do that with our own managed key to ensure DLP.

The labeling is excellent.

The endpoint DLP is very good. They are doing a lot of enhancements there. The DLP features consist of restricting copy-paste, network sharing, and blocking. We can take actions like blocking and warning with custom messaging to the end users. We are able to effectively reduce the data loss through endpoint DLP. 

We also don't have to pay for third-party DLP solutions. 

The OCR feature is really great. They've been improving it. If there is sensitive information in an image, it can be scanned and protected. 

We can prevent, block, or audit however we like. There are activity explorer audit logs that are available for 90 days. 

The solution can be used across Mac, Android and iOS. The support is there if you use those. MacOS does have some different settings, however, I haven't really explored it too much.

Purview is natively integrated with Azure and 365 workloads. We can classify the Azure Infra as well. 

We're using the solution at a large scale. It's important that Purview takes into account critical integrations from around the world. The labeling will automatically classify data that will cover sensitive data. We can make our own classifications on top of that if we need more security. Once the data classification happens in Purview, we can take an extra step if we like. 

The data loss protection is great for remediating policy violations. We have policies configured via labels. We can check in with individual users to see if there are any malicious activities happening. We're extremely confident no one can take data off-site. Even the labels are encrypted. Even if someone takes the data, it's encrypted and safe. 

DLP comes into the picture when a data classification happens. We have to educate the users that we've classified the data based on sensitivity. We enforce DLP policies by forcing users to use labels. If they do not use labels, they cannot, for example, use files for their day-to-day work. We've imposed classification on them. They cannot share or take data without the proper label or access.

Purview has helped us reduce the number of solutions we need to interact with. This fits perfectly with today's data privacy and security concerns. Corporate devices are completely managed through the support of this solution.

Purview has positively affected the visibility we have into our estate. Once the data is classified, you get a complete 360-degree view of it, including where it is and the labels associated with it. With the content explorer, we have eyes on the entirety of our data as it's hosted on the cloud. 

It helps us ensure compliance in real-time. We don't face any issues right now with compliance. Security and compliance are completely in sync, and we've defined the necessary policies. We're audit-ready.  

The solution has helped us know of any insider threats. It's helped us reduce time to action on insider threats by 40%.

While the product doesn't exactly save us money, it does save us time. It's reduced time spent on security by two to three hours. 

There are some non-Microsoft file formats that are not supported. 

While they seem to be focused on Sharepoint and OneDrive, I'd advise that if somebody saves something locally to their hard drive, this should also be classified and protected. 

The DLP has to become more mature now that there are other competitors present in the market.

While the solution went through a name change two years ago, however, I used the compliance security portal for the last three to four years.

The solution isn't completely stable. It's not mature. I'd rate stability six out of ten. There are bugs and glitches. The product is also evolving. They're always adding new features based on feedback and the experience of the customer. They deploy a ton of fixes. 

We have the solution across multiple locations and departments. We have about 2,200 people in the organization, and around 1,700 people use it. 

The solution isn't completely scalable. They are working on it. 

I'm not sure what happened. However, I've noticed, after getting very good support for the last ten years, that, in the last two, the support level has gotten worse. Their engineers don't know the basics of their products. They need to be more knowledgeable and offer a better response time. 

Negative

We did not use anything previously. 

We did testing and a POC for three months until the rollout. We had three to four people working on it. However, one engineer is sufficient with some guidance from Microsoft. One or two engineers would be enough for a complete deployment.  

The implementation process is straightforward. It's not overly complex. 

There is no maintenance needed. Microsoft supports it; if there is any service interruption, they will cover you.

We have witnessed an ROI. We save on costs and do not need to do too much manual work. We've seen an ROI of 17% to 18%.

If you are an organization using Microsoft 365 solutions, it's okay. If you are on Google Solutions and using Google Cloud, it might be costly. Having the complete Microsoft bundle makes it feasible and cost-effective. 

I've heard that Purview and Forcepoint are similar and very comparable.

We're a Microsoft customer.

If an organization doesn't want to spend money on other solutions in the market, I'd recommend Microsoft. Instead of nothing, you'll have something. 

I'd rate the solution seven out of ten. 

We are using Microsoft Purview for Azure Information Protection and DLP to create automatic labeling and policies for sensitive labels. We are also using Insider Risk Management, Communication Compliance, and Records Management for our client.

Microsoft Purview provides data protection across multi-cloud and multi-platform environments, which is essential. Some of our clients require these measures because their systems must be secure and their data must be protected from loss for auditing purposes. Therefore, the client is requesting that we enable all of these features for the system.

It is important that Microsoft Purview was built taking into account critical regulations from around the world.

The data loss protection helps remediate policy violations.

Data loss protection helps educate users on how to handle sensitive data.

It improved our visibility into our environment.

Microsoft Purview helps us show our compliance in real time.

Microsoft Purview helps reduce our time to action against threats. It takes some time for the initial configuration, but it detects as soon as the configuration is enabled.

Microsoft Purview integrations with non-Microsoft products have room for improvement.

The technical support has room for improvement.

I have been using Microsoft Purview for four months.

Microsoft Purview is generally stable, but some of our clients occasionally experience accessibility issues when connecting to the cloud.

Microsoft Purview is scalable.

From a technical support standpoint, I have raised many tickets to date. Within this format, I have raised more than fifteen tickets for various purposes. I feel that few technical team members have a good understanding of the problems we are trying to explain. The rest of them waste our time. Typically, they say they will get back to us after two or three days, but then they come back to the same place they left off. Only a few technical team members are knowledgeable about Microsoft Purview. We still have tickets that are open to this date.

Neutral

The price is reasonable because most of our clients already have an E3 license, which makes implementation easy. For other clients who do not have an E3 license, the cost is higher because they must purchase the package.

I would rate Microsoft Purview seven out of ten.

Maintenance is done by the vendor.

I recommend Microsoft Purview for organizations with an existing E3 license, rather than spending money on a third-party DLP.

Microsoft Purview has several built-in solutions, including data loss prevention, e-discovery, life cycle management, and information protection. It functions as a DLP tool and includes a compliance portal that enables integration with various other solutions to ensure compliance. Therefore, it provides readily available integrations.

The solution deployed as a SaaS.

It is crucial for Microsoft Purview to offer data protection across various cloud platforms because many customers are now utilizing cloud technology. It is not always the case that everyone will use Azure exclusively, as many customers may have multiple cloud vendors. Therefore, it is essential to support multifunctional or multi-vendor flows to meet the needs of these customers.

To ensure proper functionality and data security, we need to accommodate a wide range of operating systems. Therefore, our solution must support multiple vendors or be multi-tenant, allowing us to have visibility over all devices within our network.

It is important that Microsoft Purview is globally compliant. The solution comes with pre-defined rules and policies, providing us with a wide range of capabilities to manage multiple geolocations simultaneously.

Microsoft Purview's data loss protection feature is helpful in remediating policy violations as it provides extensive forensic data. This includes information such as the user, the activity performed, the starting point, and the flow path of the activity. Additionally, the tool has forensic analytics capabilities that enable us to identify and prioritize policy violations effectively.

Educating users on data loss protection can be straightforward. For example, Microsoft's product includes integrated guides on the console. Whether the user is an individual or an administrator, if they are unsure how to use the product, there are supported guides and links available to assist them. This makes the experience easier and ensures that best practices are followed when managing data loss protection.

It was important that Microsoft extended Purview's data loss prevention to Mac OS endpoints because it enables us to manage all devices on our network through a single console.

Microsoft Purview has simplified my work with its effortless deployment.

Microsoft Purview has decreased the need for multiple solutions to communicate with each other. If we were to discuss other DLP solutions, an additional agent would need to be installed. However, Purview utilizes Defender, which enables it to capture data and obtain all necessary information without requiring the deployment of any other agents. Therefore, there is no need for any additional agents to be installed.

The solution provides visibility into the state of our organization by giving us inventory details and maintaining an updated version or list of the inventories that are currently in use. This allows us to have clear visibility of the devices we are using, specifically end devices. It also enables us to easily manage non-active or disconnected devices.

Microsoft Purview enables us to show our compliance in real-time. 

Microsoft Purview includes multiple predefined sets of compliance rules that can be compared to our specific compliance requirements. We can then map these rules to our policies.

The agent saves us the time and effort of manual reporting. When the device is active, the agents also become active and start reporting. The reporting process takes the same amount of time regardless of which policy we use.

Microsoft Purview helps us to maintain compliance by providing a checklist of tasks that need to be completed, along with mapping.

The ease of integration with other Microsoft solutions is the most valuable feature. 

The availability of pre-designed policies tailored to specific geolocations and customer requirements is also a valuable feature.

The Microsoft Purview data connector platform, which supports ingestion from non-Microsoft data sources, can be somewhat complex. For instance, when using Linux or Mac OS, additional agents are required. However, deploying these agents can lead to high resource consumption, such as increased CPU, hard disk, and RAM usage.

The performance has room for improvement. 

I have been using the solution for three months.

Microsoft Purview is a SaaS platform, so its stability is very good.

The scalability is all based on the license. 

The initial setup is straightforward. For our implementation strategy, we began by collecting inventory details. We then identified the supported devices by their operating systems, separating them into Windows, Mac OS, and Linux. For Linux devices, we created software packages offline and deployed them to the IT assistance team. After the agents started reporting on the console, we restarted the Linux devices. For Windows devices, we were able to connect directly. First, we were in the POC phase, testing a few devices and developing the rules and policies, followed by applying the rules to all the devices.

The number of people required for the deployment depends on our infrastructure and the size of our environment.

The implementation was completed in-house.

I give the solution a seven out of ten.

As a consulting firm, we utilize several Data Loss Prevention solutions such as Symantec DLP, Forcepoint DLP, and Microsoft Purview. Our recommendations to clients are based on their specific needs and financial plan.

Microsoft Purview comprises various solutions, and I recommend acquainting oneself with all of its aspects to make the most of the tool.