My previous project used Microsoft Purview Information Protection for end users and data discovery. It was a new implementation, and the customer was unsure how to proceed with Data Loss Prevention (DLP) due to new security policies. I discussed the requirements with the customer to understand where encryption was needed and what labels were required. After identifying these, I created data security labels and applied them to a small group of IT department users for testing. Once testing was complete, we rolled it out to a limited set of users from different departments and gathered feedback. For example, HR needed a specific label for their data, accessible only to HR users. We then created and applied labels globally to all users. Initially, we didn't force label application or content-based detection; users applied labels based on judgment. Next, we implemented content-based detection by creating Sensitive Information Types (SITs) with keywords and regex patterns based on discussions with the data security team. We created four main labels: public, internal, confidential, and restricted. SITs were added to specific labels, like financial data for the restricted label and internal confidential data for the confidential label. The system would detect content and recommend labels but not force their application. After applying labels to end users and achieving some maturity in the process, including fine-tuning and adding appropriate Sensitive Information Types (SITs), we moved on to existing data in on-premises file shares. This data volume was huge. We used the Azure Information Protection scanner, which is the scanner, to conduct a proof of concept. After the POC, we performed performance testing on the complex environment, which had many devices like antivirus, firewall, proxy, and network components. I had to ensure the scanning wouldn't impact the environment's performance. We took a sample of about one terabyte of data for scanning, noting different timings during and off-production hours. This helped determine the best time for scanning and how long it would take to scan one terabyte of unstructured data. Once completed, we defined an approach to handle the full 375 terabytes of data that needed scanning and labeling where appropriate. We calculated the number of servers needed for the scan, considering this wasn't just a one-time process. We also had to plan for ongoing scans of new files. After deciding on the approach, we began scanning the data. Once the scanning process started, we handed it over to the Business As Usual team for ongoing management.
I use Microsoft Purview Information Protection to ensure the secure management and protection of my organization's data. It allows me to automate governance processes, safeguard sensitive information, and exert control over email and document security.
We are a Microsoft partner specializing in Microsoft Purview Information Protection which is used for digital rights management. Essentially, we integrate Microsoft Purview Information Protection into our own software products that we develop and currently deploy in various customer locations. As a small organization, we have a handful of developers who are highly productive, thanks to Microsoft Purview Information Protection. We utilize the Microsoft Purview Information Protection SDK, which is a software development kit provided by Microsoft, to integrate solutions such as SAP with the ERP, a system used by many enterprise customers. This integration allows us to maintain good communication with Microsoft as a partner, as we work alongside them on Purview Information Protection.
I am essentially a consultant, working freelance with various clients. Some of these clients need help understanding and organizing sensitive data in their environments across different clouds, applications, and devices. For Microsoft-centric clients, we often recommend using Microsoft Purview as a go-to tool to drive their information protection strategy. This tool allows us to integrate, examine, and analyze data in all these areas, breaking down the process when discussing it with customers. When speaking to customers, I usually focus on four specific categories of use cases: knowing their data, protecting their data, preventing data loss, and governing their data. Microsoft Purview information protection is capable of addressing all of these use cases.
Learn what your peers think about Microsoft Purview Information Protection. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
Implement Microsoft Information Protection (MIP) to help you discover, classify, and protect sensitive information wherever it lives or travels.
MIP capabilities are included with Microsoft 365 Compliance and give you the tools to know your data, protect your data, and prevent data loss.
To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.
My previous project used Microsoft Purview Information Protection for end users and data discovery. It was a new implementation, and the customer was unsure how to proceed with Data Loss Prevention (DLP) due to new security policies. I discussed the requirements with the customer to understand where encryption was needed and what labels were required. After identifying these, I created data security labels and applied them to a small group of IT department users for testing. Once testing was complete, we rolled it out to a limited set of users from different departments and gathered feedback. For example, HR needed a specific label for their data, accessible only to HR users. We then created and applied labels globally to all users. Initially, we didn't force label application or content-based detection; users applied labels based on judgment. Next, we implemented content-based detection by creating Sensitive Information Types (SITs) with keywords and regex patterns based on discussions with the data security team. We created four main labels: public, internal, confidential, and restricted. SITs were added to specific labels, like financial data for the restricted label and internal confidential data for the confidential label. The system would detect content and recommend labels but not force their application. After applying labels to end users and achieving some maturity in the process, including fine-tuning and adding appropriate Sensitive Information Types (SITs), we moved on to existing data in on-premises file shares. This data volume was huge. We used the Azure Information Protection scanner, which is the scanner, to conduct a proof of concept. After the POC, we performed performance testing on the complex environment, which had many devices like antivirus, firewall, proxy, and network components. I had to ensure the scanning wouldn't impact the environment's performance. We took a sample of about one terabyte of data for scanning, noting different timings during and off-production hours. This helped determine the best time for scanning and how long it would take to scan one terabyte of unstructured data. Once completed, we defined an approach to handle the full 375 terabytes of data that needed scanning and labeling where appropriate. We calculated the number of servers needed for the scan, considering this wasn't just a one-time process. We also had to plan for ongoing scans of new files. After deciding on the approach, we began scanning the data. Once the scanning process started, we handed it over to the Business As Usual team for ongoing management.
I use Microsoft Purview Information Protection to ensure the secure management and protection of my organization's data. It allows me to automate governance processes, safeguard sensitive information, and exert control over email and document security.
We primarily use it for data labeling, specifically for labeling documents and emails.
We are a Microsoft partner specializing in Microsoft Purview Information Protection which is used for digital rights management. Essentially, we integrate Microsoft Purview Information Protection into our own software products that we develop and currently deploy in various customer locations. As a small organization, we have a handful of developers who are highly productive, thanks to Microsoft Purview Information Protection. We utilize the Microsoft Purview Information Protection SDK, which is a software development kit provided by Microsoft, to integrate solutions such as SAP with the ERP, a system used by many enterprise customers. This integration allows us to maintain good communication with Microsoft as a partner, as we work alongside them on Purview Information Protection.
I am essentially a consultant, working freelance with various clients. Some of these clients need help understanding and organizing sensitive data in their environments across different clouds, applications, and devices. For Microsoft-centric clients, we often recommend using Microsoft Purview as a go-to tool to drive their information protection strategy. This tool allows us to integrate, examine, and analyze data in all these areas, breaking down the process when discussing it with customers. When speaking to customers, I usually focus on four specific categories of use cases: knowing their data, protecting their data, preventing data loss, and governing their data. Microsoft Purview information protection is capable of addressing all of these use cases.
Our primary use case is for applying sensitivity labels to sensitive content, including in emails, OneDrive, and SharePoint.