Microsoft Purview Data Governance Reviews

We use it for the creation of enterprise PSA, as well as for our enterprise data catalog and data governance.

This is a type of pilot project or proof of concept. Our organization wants to see how it works, how complex the maintenance side will be, and how effective and efficient it will be.

It enables us to show compliance in real-time. However, because it is a pilot project for us, we are not showing the information to other parties yet.

It has definitely helped us reduce our time to action on insider threats. Finding proper data is always challenging in a big organization and this is a really positive aspect of Purview.

The first thing that we were particularly interested in is data lineage. It makes it pretty easy to connect and scan data sources, and do any kind of additional steps like Synapse or SSIS processing.

Overall, I would laud its ease of use, intuitive interface, and easy navigation. It's a very user-friendly product that is easy to work with.

In addition, we considered the issue of multi-cloud and multi-platform environments when we were trying to identify the best tools that would serve all the requirements of our organization. Currently, we are not directly pulling data from AWS. We are working with Azure. But we have the potential in the future to consider such options. This feature is very valuable because we are planning to establish automated data-pulling from AWS.

And the solution's data connector platform for the ingestion of data from non-Microsoft data sources is very easy to use. I investigated what data sources it can work with. It's certainly easy to work with all Microsoft data sources like SQL Server, Synapse, and data lakes, but it also has great functionality working with Oracle. And of particular interest to us is the ability to pull data from Excel, CVS files, and other types of flat files.

Another particularly nice feature is its integration with other services. This is one of the biggest advantages of the solution. For example, if you need to store a key for database access, it's easy to integrate with key vault services.

And a feature that is very important to us is the fact that Purview was built taking into account critical regulations from around the world. Before we started working with Purview, we put great effort into evaluating its capabilities and functionality. We created a comparative matrix with other tools and this was one of the factors we included. We considered it a big positive for Purview.

The scanning of data sources can be scheduled to execute automatically. That is the only automation we are using within the solution.

One area for improvement is the detection of data types. This is really important. It has some of that functionality, but I consider it very limited. Maybe they can add some custom programming, or machine learning could be particularly useful for the detection of the nature of the data.

If it could tell us, for example, when a given type of data is a social security number, that would be helpful. Currently, we need to open it and determine what the format is. We would like to know if a given type of data is PII data.

I have been using Microsoft Purview for almost two years.

I found some defects, through my interaction with the solution, in the reporting system. Purview has its own reporting and I found a function that apparently is not working. There are some bugs in that section, but other than that, everything looks okay. It works well.

We haven't experimented with scaling it, but my perception is that it's very scalable.

We haven't had to contact Microsoft's tech support.

We didn't have a previous solution.

The setup was pretty straightforward. It took us about one week, but a lot of the dependencies are not directly related to Purview. We had to obtain a password and user and that takes some time.

Microsoft takes care of patching, so I haven't seen any need for maintenance by us. It's on the cloud and they take care of it. We don't need to worry about that part at all and that is one of the big advantages of a cloud system.

We did everything in-house. I had architecture and administrative support, but I did the actual work with Azure alone.

I'm handling the proof of concept work. No other organizations have access to it. We don't want people to start using something that is not really complete yet.

Because this is a proof of concept, we haven't seen direct cost savings, but we see it having a positive impact on development work, particularly for BI folks who are interested in self-service and building reports for themselves. This is a very good exploration tool.

Microsoft Purview is the best option I have encountered when it comes to price. Maybe some of my information is outdated, but Microsoft offered it so that you could use it almost without paying. This was a really nice aspect. 

I don't know how Microsoft's pricing stands today, but for us, it was very cheap and effective. We are still paying some money but it's not significant. 

They should look to keep the pricing moderate in the future.

We compared Purview with other solutions, but not on a practical level. We only compared it with the information we were able to find on the internet, including the documentation and the functionality, but we did not install or do anything with the other solutions.

For a large enterprise, it's very important to have tools like this. It's especially useful for IT people who are dealing with data science or who need to find or investigate data or find out what data an organization has. It's also useful for those who maintain a central data warehouse and for people who want self-servicing business intelligence.

At this point, Purview has not reduced the number of solutions we interact with. In the future, we will consider that option. At this point, it operates as a standalone for us, because it is a pilot project in our organization.

Microsoft Purview is not yet a leader in data cataloging or data governance, but I'm pretty sure it will be, given how the tools are evolving and the functionality it already has. At the same time, I'm certainly looking for some of its functionality to improve, including easier integration with Microsoft Power BI.

We have implemented Microsoft Purview as a comprehensive DLP solution for our clients across Europe, Africa, and the Middle East to protect their data and help them classify, identify, and investigate who and how the data is being accessed.

Microsoft is aiming to build favorable relationships with other cloud solution providers. On our end, if we have both AWS solutions and Microsoft's cloud solution, implementing the Microsoft Purview dashboard can be a good way to collect and classify our data across both platforms. This could be a strong selling point for Microsoft to explore partnerships with AWS and other public cloud players, allowing them to combine and leverage their global development, sales, and services.

Implementing Purview's integrated compliance across Azure Dynamics 365 and Office 365 is relatively straightforward thanks to available connectors and Microsoft's improved user interface.

Microsoft Purview includes a compliance manager, which simplifies meeting various standards and regulations through integration with companies like ISO, ISCE, and other risk solutions. This feature is an add-on for E5 and E3 licenses. It allows us to create assessments that generate reports with specific recommendations for implementing and configuring ISO 27001 or other standards within our Microsoft 365 environment. This makes compliance significantly easier and, according to Microsoft, can reduce the cost of implementing such measures by approximately 40 percent compared to using other solutions for ISO compliance or other critical regulations.

Given my role as a cybersecurity consultant, I previously created a DLP policy based on the client's needs. Since then, I haven't had further contact with the client. However, I'm now working on a new project for them next year. This project involves developing and implementing a DLP solution with a focus on information protection. My responsibilities include monitoring all user activity and reporting on it in a few months. Based on my observations, there's a significant amount of activity requiring governance. This includes areas like DLP policy enforcement, USB blocking, printer control, copy prevention, file transfer via secure FTP, and external user access restrictions. Purview's data loss protection is helpful for remediating policy violations.

I'm developing a short training guide, about four pages or more, on enabling information protection labeling and related topics. Some clients have suggested automation, but I believe the best approach is to guide users through manual labeling. For instance, we could have a "Sensitive" label for data like personal information, ID numbers, passports, names, passwords, and so on. Information protection can be implemented either by defining detection rules beforehand or by using the system's automated detection capabilities. If sensitive information is detected, the system can then recommend applying the "Non-Confidential" label or whichever equivalent label we prefer.

Microsoft has developed and launched Microsoft Defender for Endpoint for Mac. This agent for macOS is the same agent used for data loss prevention in Endpoint. However, if we don't require DLP for Endpoint, we can simply synchronize our Macs with Microsoft Intune. Intune, a combination of Microsoft Entra ID and an MDM solution, is not just for mobile devices; it's a device management platform for all company devices, including PCs, Macs, mobile devices, and servers. It allows us to synchronize settings and policies across all our devices, manage software deployments, and utilize various other features. Therefore, we have two options: either synchronize our Macs with Intune or install the Microsoft Defender for Endpoint agent to implement DLP for Endpoint. DLP for Endpoint is mandatory if we need to detect and control USB devices, printers, and other data transfer peripherals.

Microsoft Purview's primary benefit lies in safeguarding sensitive and confidential data, thereby mitigating the risk of internal data exfiltration.

Purview does help our customers reduce the number of solutions they interact with. From a cybersecurity engineer and information security expert perspective, consolidating and streamlining technology can be beneficial for IT departments, especially before implementation. Currently, Security Service Edge emerges as a promising solution due to its integration with zero-trust principles and protocols. For example, instead of deploying multiple endpoint detection and response solutions, a single, antivirus-free EDR like CrowdStrike can suffice. Similarly, Microsoft's Defender for Cloud Apps, combined with XDR and other security features, offers a comprehensive solution for Security Operations Centers. My goal is to create a unified MDR solution for clients, allowing for centralized data collection and log analysis. This unified platform, ideally with one or two dashboards, would enable efficient investigation and response, minimizing investigation time and cost. Combining various tools into one interface eliminates the need to jump between dashboards, improving analyst efficiency. Why rely on multiple vendors like CrowdStrike, Proofpoint, Minetest, and MISSP when a single solution can offer comprehensive visibility and data security? Microsoft's Image Security 365, coupled with best practices and anti-phishing strategies, can significantly enhance security. Furthermore, I recommend implementing a DMZ with two firewalls, one internal and one external. This layered security approach, while requiring two vendors, provides redundancy and prevents attackers from exploiting a single firewall and gaining access to the network. However, it's important to remember that cybersecurity solutions are not one-size-fits-all. Each client and scenario requires tailored strategies based on their unique needs and context. Consistency across the industry is crucial, but it's important to acknowledge the lack of standardized approaches in the current landscape.

The Microsoft Purview dashboard is primarily a data security solution, allowing us to implement various layers to safeguard our information. While it can be used for some Endpoint Detection and Response functionalities, its full potential in this area might not be realized without proper configuration and understanding of the underlying processes.

While Purview offers real-time compliance monitoring, it's an add-on feature functioning as a compliance manager. However, due to a lack of clear communication, not all companies fully understand its capabilities. Additionally, it's important to note that while compliance and standards often relate heavily to financial and banking sectors, the scope of regulations has broadened significantly in recent years, extending beyond these specific industries.

Purview helps us stay on top of compliance because Microsoft has tried to build Purview based on the ISC framework.

No single feature stands out as the best because the most effective approach involves combining multiple features. For example, when using information protection, labeling, and classification, a multi-step process is necessary. First, we must classify our data, which requires a thorough understanding of our environment and the nature of the data itself. Once classified, we can apply labels and establish rules governing data sharing through information protection measures. The final step involves implementing and configuring a Data Loss Prevention solution. It's crucial to remember that the goal isn't to find ideal individual features; rather, it's to leverage the synergy of multiple technologies to create a comprehensive and powerful data protection strategy.

I've been working closely with Microsoft support on issues with the Microsoft Purview Information Protection scanner's on-premises services. While it's a solid tool, there's still room for improvement in my opinion. I've submitted numerous recommendations, from solutions to address specific problems to the implementation of new features like bulk scanning across multiple servers, not just individual paths. I've also encountered a high number of false positives in the classifier and made suggestions for resolving them. Microsoft support is currently reviewing my input, and we're collaborating to refine the scanner and minimize false positives. It's important to remember that this is a new technology, and like any newborn business venture, it's prone to growing pains. Errors and mistakes are inevitable along the way, but they're also valuable learning opportunities.

Frequent daily updates from Microsoft can cause interface elements like buttons to appear and disappear, making navigation unpredictable. Additionally, Microsoft also generates new licenses that require investigation to identify each new license.

I have been using Microsoft Purview for one and a half years.

Microsoft Purview is scalable.

Sometimes we have a communication gap or delay but most of the time the technical support is good.

One person can deploy Microsoft Purview.

We implement Purview for our clients.

We are a Microsoft Gold Partner and are currently satisfied with our existing solutions. Therefore, we do not prioritize evaluating other vendors at this time.

I would rate Microsoft Purview a seven out of ten. Purview is a good solution but it takes time to master.

I've been using it to help track data from employees or messages. I can use it to see the routing of ongoing and outgoing confidential data. We can audit logs to see the history of particular mailboxes. Auditing has been a very helpful feature. 

It helps with the discovery of overall licenses and security labels. You can find out if any type of security has been triggered or if any type of particular content is being shared with specific users. Using content search, we can manually search for all types of things and see different types of details. 

It helps us with data loss prevention to make sure that nobody actually is accidentally sharing any confidential information, such as legal documents, health information, and personal identity verification numbers. 

They are improving the platform every day, and they are doing a wonderful job now. 

They also include different features. We can pre-enable classification and use enhanced labels. You can create labels to define your data class notifications, such as confidential information. You can create a system keyboard list and a dictionary with sensitivity labels.  

Microsoft introduced a compliance manager to help you find all sorts of things you can do to improve your environment to achieve a higher security score. 

Purview delivers data protection across multi-cloud and multi-platform environments. It is very important. In today's world, most of the things we do are over the cloud. We use many APIs and additional apps in our environment from different vendors. Some of these APIs and apps are being configured over hybrid or multiple clouds. You can audit and monitor all data connectors, and you can configure your database and your database connectors, and all these APIs can be ported to Purview so you can monitor all the information to make sure that it does not leak. You can also encrypt such information to keep it safer.

Purview can connect to iOS, Mac, and Android devices, as well as data and other SaaS apps. We have multiple users who are comfortable with different platforms. Some are on Windows. However, most of the planning teams have iOS-based devices. We like that it is supporting all these platforms and making all those devices and data flow to it. 

It is very easy to learn the interface, and it is very user-friendly. It is really helpful for us to be able to monitor and use Microsoft since it is such a strong tool for analyzing our database.

We use the solution for data loss prevention. One of the features includes this configuration template that we can use for default government policies. You can create a policy for server migration that needs some of the custom configurations, and we do have templates for payroll and inventory. We can use the DLP to educate users on policies and let them know what shouldn't be shared. We can send suggestions about how they can send certain information.

Purview enables you to handle compliance in real-time. It runs in the background and you can engage with it when you get real-time alerts. It's helped us reduce the time needed to act on threats. Instead of manually auditing, we get notifications and can see things highlighted in our dashboards. We've reduced the time to action by about 20%.

I'd like to see them improve the training for implementing this type of solution. If we need particular things, we need to be able to understand how to implement them right away, and not wait days or weeks. 

I've been using the solution for the last four years in different companies. 

It's very stable. 

We have the solution across multiple locations in India. We have ten to 15 engineers working directly with the solution. Then we have around 2,000 active users and are scaling up.

The level of support you get depends on various scenarios. Sometimes you need help from engineers in a different time zone, like the US for infrastructure. 

Positive

The solution is deployed completely on the cloud. We have an enterprise subscription. It's a pretty standard implementation. However, there are some configurations you need to handle initially. For us, we did a migration and then handled some configurations since we moved over to the cloud. 

Implementations are easy, and I appreciate the support Microsoft provides.

For some features, you do need a specific license. For smaller organizations with 200 to 300 employees, it might not make sense to get an enterprise license. However, the pricing is good for the requirements it meets. 

I'm a customer. 

We're not using the AIfunctionality yet. However, we are leaning into it to see how we can implement it in the future. 

I'd rate the solution nine out of ten. 

We use Microsoft Purview for DLP capabilities and email encryption.

Ensuring data protection across multi-cloud and multi-platform environments through Purview is crucial for us. Currently operating on Azure and AWS, we plan to migrate a portion of our on-premises workloads to the cloud. To achieve this, we will leverage Purview for data loss prevention on our virtual machines and utilize Azure Arc for centralized management of all our platforms.

Purview's ability to connect to a wide range of devices, including iOS, Android, and others, enhances our visibility into BYOD devices deployed across our environments.

As a public organization, we are bound by policies and regulations. To ensure compliance across Azure Dynamics 365 and Office 365, both locally and internationally, we leverage the native compliance capabilities of Purview, which integrates seamlessly with both platforms.

The DLP for remediating policy violations works well. We can easily view the details and conduct investigations from a single dashboard.

We recently started using Purview for DLP on Mac OS devices.

Implementing Purview as our primary data loss prevention solution has yielded significant benefits. Our Microsoft E5 license provides enhanced protection across the organization, offering immense value through its comprehensive features. Consequently, we have been able to streamline our security posture by consolidating third-party solutions and focusing on Purview and other robust Microsoft applications.

Microsoft Purview has streamlined our workflow by consolidating diverse systems into a single, user-friendly dashboard. This one-stop shop simplifies access and management across our organization.

Microsoft Purview enables us to show our compliance in real-time. We are satisfied with the speed at which Purview provides alerts and details to us.

Microsoft Purview has significantly shortened the response time to insider threats by almost 70 percent. It can rapidly block unauthorized user access, leading to a reduction in required manpower.

Microsoft Purview has helped to save money by preventing the loss of data in our environment as well as around 60 percent of our admin user's time.

Purview helps us stay on top of compliance. We no longer have to review incidents manually, improving compliance by 80 percent.

The custom classifications are one of the most valuable features. For instance, if we want to block the transfer of card details, there are many pre-built samples for different countries that we can easily use in Purview, eliminating the need to create our classifications which makes the work easier.

Purview needs to improve its DLP capabilities for removable devices such as external drives and USB devices.

The custom data classification for the African region needs to be improved.

I have been using Microsoft Purview for five years.

Microsoft Purview has been stable, with no incidents involving the Data Loss Prevention functionality. However, there have been a few instances where the admin portal has been unavailable.

Microsoft Purview is extremely scalable.

The support response time can be improved.

Positive

We are currently using Forcepoint and Microsoft Purview, but with our E5 license, we're considering consolidating our security products under one umbrella and one dashboard, potentially phasing out Forcepoint.

The initial deployment took a few hours. Five to six people were involved in the deployment.

I would rate the cost of Microsoft Purview a six out of ten with ten being the most expensive.

I would rate Microsoft Purview an eight out of ten.

We have a complex group-wide tenant that requires us to have different administrative units for each country. We have around 50,000 users worldwide.

Purview does not require any maintenance beyond regular checks in the admin portal to ensure everything is functioning correctly.

In both my previous and current organizations, I've worked with Microsoft Purview. While my previous company had a premium license for all services, my current one doesn't. At my previous company, I used Purview to design communication compliance policies, likely leveraging some pre-built policies from Microsoft security. Initially, we lacked a specific goal, but my exploration of the platform led me to pursue a cybersecurity certification to optimize its use. This helped me design DLP policies more effectively and implement signing for communication compliance policies. Recently, I discovered eDiscovery and its value for exporting large datasets for specific employees based on their protection level. Lastly, I found its activity tracking feature particularly useful for monitoring employee movements in our large, partially remote workforce of nearly 100 employees, with less than half in the main office. This tracking proved valuable for detecting potential data leaks during employee departures. I briefly explored Insight Risk Management during a one-month license trial.

Purview's multi-platform capabilities, supporting iOS, Mac, and Android, have been invaluable to me. As a beginner in device management software, the prospect of using another option with a large web portal felt daunting. Purview's ability to manage devices across different operating systems saved me significant time.

At my previous company, all internal data lived in Azure, but client data resided in Salesforce. This siloed structure made comprehensive data control impractical without a tool like Purview that seamlessly supports ingestion from non-Microsoft data sources.

Purview's natively integrated compliance across Azure Dynamics 365 and Office 365 is even stronger than its ability to integrate with third-party solutions.

It's crucial that Purview was built with critical regulations from around the world in mind, especially for those of us in the European Union where EU regulations apply. This is a key consideration for everyone involved in data governance. While some frameworks offer vast data capabilities, the sheer volume of work required for a medium-sized business to ensure compliance with regulations across all these frameworks would be insurmountable.

I initially found the DLP system overwhelming due to its capabilities exceeding the needs of our small organization, where I implemented simpler policies. However, it proved valuable for ensuring compliance with GDPR, and PCI DSS and provided visibility into sensitive data sharing.

Purview has saved our organization a huge amount of money and time.

Through Purview, we were able to streamline our technology stack by consolidating the number of solutions we relied on. This prompted us to re-evaluate our vendor landscape, ultimately leading us to migrate everything to Microsoft and leverage their comprehensive suite of tools. Surprisingly, most of the functionalities we previously paid for were already available within the Microsoft ecosystem. This simplified our IT infrastructure, transitioning us from a predominantly on-premises setup to a cloud-based one, with Microsoft solutions forming the core of our cloud environment.

Purview has improved my ability to stay on top of compliance.

The most valuable feature is the tracking activity and device onboarding.

I have some concerns about the separation of roles in Purview from the Microsoft tenant, as well as how they interact with the security portal and endpoint manager. Certain permission issues or protracted permission updates could arise due to suboptimal configuration, potentially extending the expected timeframe.

I have been using Microsoft Purview for two years.

Microsoft Purview is stable in protection but there are some bugs in the GUI.

Designed for enterprise-level organizations, Microsoft Purview scales effortlessly.

The initial deployment was straightforward. I was able to do the entire deployment with the help of one other person.

We used a Microsoft partner when we started working with the tenant before starting to use Purview.

While Purview's standard pricing might not be accessible to most small businesses, we were fortunate to benefit from the educational pricing which made it a financially viable option for our needs.

I would rate Microsoft Purview a nine out of ten.

Maintaining Purview is essential, as some internal problems, like endpoints disconnecting within the organization, can develop over time.

To fully leverage Microsoft Purview's capabilities, it is recommended that one first familiarize themselves with the organization's existing infrastructure.

Our goal was to provide insights into the latest data entries, implement governance measures, identify and classify sensitive data, and address specific business use cases. The primary use cases revolved around establishing a comprehensive data lineage, accompanied by pertinent metadata. This was primarily aimed at providing a business-centric dashboard, enabling stakeholders to visualize how data moves from one point to another and ultimately reaches the target. 

In my experience, I've utilized it on Windows machines with Blackfish without encountering any issues.

The dashboard offers insights into the nature of the data, and the transformations occurring between different columns, and allows for traceability to identify any issues that may arise. These use cases have proven highly beneficial not only for business analysis but also for support activities. For instance, it aids support personnel in quickly identifying issues such as missing data or anomalies, streamlining the troubleshooting process for efficient problem resolution.

Purview facilitates data management across diverse cloud and platform environments, encompassing AWS and GCP. However, my experience has been exclusively with Azure. Given that my ecosystem operates within Azure, both the source and target activities are conducted seamlessly within the Azure framework. The integration is smooth since Microsoft Purview is inherently designed for Microsoft components, making it effortless to establish connections and retrieve the required data. I haven't employed it for other sources or alternative cloud systems.

The importance of Purview lies in its careful consideration of critical global regulations. As a data governance solution, it plays a crucial role in business development processes. Given the potentially sensitive nature of incoming data, proper classification is essential to ensure specialized treatment. This facilitates easy access for subsequent activities such as metadata modifications or updates, providing sufficient information for comprehension by business personnel. The tool proves beneficial for data quality officers, enabling them to monitor data and detect any discrepancies, empowering them to take necessary actions. In the realm of the cloud, Purview emerges as a highly valuable data governance solution.

The integration of Microsoft Purview has significantly reduced the need for multiple solutions to interact within our company. This reduction not only streamlines processes but also saves time. For example, when a problem arises, understanding, identifying, and resolving it becomes much easier compared to the traditional approach of tracing through multiple systems for the root cause. With Microsoft Purview, the identification process is simplified, leading to potential savings in support efforts. Business stakeholders also benefit by gaining more visibility into how data flows through the system and understanding the metadata information without relying heavily on support or technical personnel. This autonomy enhances their ability to assess and comprehend the situation independently.

I haven't implemented it to enhance response time for insider threats by applying security measures. However, the tool does provide visibility into the movement of data, allowing the data control officer to monitor and classify alarms promptly. In the event of an alert, appropriate actions can be taken accordingly.

Efforts have significantly diminished, and this reduction is directly proportional to cost savings. As a technical person involved in both solution development and support processes, I've observed a reduction of more than fifty percent. The turnaround time for issue resolution has notably decreased. Previously, it took others a considerable amount of time to identify the root cause, but with Microsoft Purview, pinpointing issues and finding solutions has become much more efficient.

It has had a significant impact on our capacity to maintain compliance. As a data governance solution, it offers features essential for ensuring that compliance requirements are thoroughly met, and data processing aligns with regulatory standards.

The user interface is highly intuitive and user-friendly.

I appreciate it because it provides a unified solution. Everything can be managed in one place, from scanning sources to making assets available. The access includes comprehensive metadata information, presented in a non-technical manner for easy comprehension of the asset's nature. The visualization it offers is quite clear. Additionally, it creates a lineage based on data processing, allowing for workflow authorization and control over metadata modifications or other activities. 

It caters to the entire micro-ecosystem, providing connectivity and seamless data flow. It allows for scanning, asset discovery, and data coverage. While there are some existing limitations, it's important to note that the tool is continuously evolving. I believe it holds great potential and will become an excellent resource for development in the future.

Purview's data connector platform is designed to facilitate ingestion from non-Microsoft data sources. I've personally applied this feature to one of our sources, an Oracle database. Specifically, we utilized ADA for data permissions and seamlessly integrated it with the Azure Data Factory pipeline. This automated the connection to Oracle, enabling the setup of data extraction and loading processes. Overall, it proved to be a valuable and effective feature.

Enhancing the tool's capability to connect to multiple sources would be valuable. Also, when data is transformed in other systems, the tool should capture the relevant metadata and generate lineage for those systems as well. Thirdly, addressing limitations, such as relying on Apache Atlas for mitigation, should be handled within the Microsoft tool itself rather than external dependencies like Apache Atlas.

I have been using it for approximately six months.

The stability is satisfactory, and I would give it a rating of eight out of ten.

I have utilized it in a cloud environment, and scalability is assured.

I am content with technical support, but for various inquiries, the responses often indicate that the feature is either not available or still in a previous state. I would rate it eight out of ten.

Positive

The initial setup was straightforward. Even individuals with less technical expertise can do it.

Deployment spanned a week and involved six different individuals.

Maintenance becomes necessary when leveraging external APIs and tools, especially concerning access management. However, once the initial setup using MS Purview is complete, ongoing maintenance is minimal. Automation takes over with continuous scanning, automatic data classification, and sensitivity labeling. Workflows can be established and utilized for an extended period, reducing the need for frequent maintenance.

I consider it cost-efficient because of the metrics it provides. With each scan being incremental, avoiding redundant scans of the same object, the tool offers a way to manage costs effectively.

We didn't extensively evaluate other options because Microsoft Purview successfully met the requirements for the specific tasks at hand. However, during implementation, I became aware of more mature tools available in the market that might offer greater capabilities. It seems that Microsoft Purview is still evolving compared to these more established alternatives.

In my scenario, I encountered difficulty connecting to a file system database, especially when it was located on a different server. Additionally, when working with an in-house solution like Azure Data Factory, while Microsoft Purview can successfully bring metrics to tables as assets, it faces limitations in identifying the leading use of those assets. For instance, a database solution handling ETL activities may not seamlessly provide insights into the transformations, sources, immediate obligations, and final targets associated with a specific asset, making it challenging to track its usage directly within Microsoft Purview.

I would strongly recommend Microsoft Purview when utilizing solutions within the Microsoft ecosystem, such as Data Factory, various applications, and databases.

Overall, I would rate it a seven out of ten because several features are still in a preliminary state. Given that it is in preview, it may not be as stable or fully functional yet. Also, the absence of data quality and data profiling mechanisms contributes to this rating.

The main use case is DLP, for alerts and insider risk management.

It is very important for our organization because ours is a very data-heavy organization. We process a lot of data on a daily basis, and we need to check where the data is coming from, how it is being classified, where it is being sent, and whether it is being used by the intended user. We need all the security controls.

We have clarity and visibility at a granular level. We can check data at rest or in transit—where data is coming from and where it is going—on-premises as well as in cloud solutions. That's how it is helpful.

The attack surface has been reduced significantly. Earlier, we didn't have any visibility into it.Now, we review every log to know where data is coming from and where it is going, as well as who is handling it. And all our employees also know that if they are doing anything mischievous, someone is watching them.

In terms of time saved, we write a policy, get an alert, and work on it. It has reduced a lot of human intervention while checking all the logs. It gives us the log source that we can check directly.

The best part is that I can create classifications per my requirements. I use it to classify multiple platforms like AWS, GCP, Azure, and different file sharing systems.

I also like the auto-labeling and the encryption of data when it is being sent out of the organization.

We also need complete coverage for every device that is connecting in our environment, so it's important that Purview can connect to iOS, Mac, and Android devices.

We just started using Purview DLP for macOS endpoints. We deployed it and
we are fine-tuning the policies. The macOS support is a very important factor because most of the teams handle data. We need to check whether they are sending any source code and how they are handling the data. We need to know whether they are using a key management system to handle secrets.

The fact that Purview was built to account for regulations around the world is important for us. It has to keep updated regarding all regulations because our users are across the globe. If we don't know the regulation data, retention policies, and other policies regarding the data, we may not be in compliance with those policies, and our company will have to pay a hefty fine.

I have been using Microsoft Purview for about two years.

It is a stable product. The stability is an eight out of 10.

Support should be improved in the form of good documentation and video lessons where a person can check things out. There is a community, but it takes a lot of time if we want to get an answer to a question. There should be an easy-to-reach place where, if you're stuck, the support system is there.

Neutral

The deployment was straightforward. We got help from Microsoft support's FastTrack. They helped us deploy it.

As for maintenance, we have to update the policies.

Overall, the only problem is the support system, which is a bit costly. But the product is good.

Our process for potential policy violations is to first check whether something is a true positive or a false positive; we check the document that is being sent. We then check it from our team's side, the responder's side, and then we check it with the compliance team. We look at the policies that have been violated and also check the business use case where something is being sent outside the organization. It's a manual effort for one of our teams.

As for educating users on how to best handle sensitive data, that is done by our compliance team. They do awareness training for our end users and send them awareness emails as well as monthly connections where they give them awareness information about how to handle sensitive data.

We are only using Purview for DLP on the incident-response side and for data protection. So I'm not sure whether it has reduced the number of solutions in the stack we are using, but it is very useful for us.

And although I'm not involved with the compliance side, we can check the compliance dashboard to deal with compliance-related issues. We have a dedicated team that checks it.

We use the platform to comply with regulations, and our specific use cases are information protection, information governance, data loss prevention, and insider risk mitigation.

The information protection and data loss prevention functions help our end users be fully aware of the sensitivity of certain information. From a management and CISO perspective, they have insight into where sensitive data is stored and whether we are required by law to delete it after a certain period. That's an invaluable overview of the situation, so our users are more aware, and Purview took our information governance to the next level. It also supports our certifications because it helps us comply with regulations, including ISO/IEC 27001, which are essential to our functioning.

The solution increased visibility into our estate; we had a problem with GDPR-related personal information stored in our environment, which we didn't have any insight into. When we used some of Purview's data governance, data lifecycle management, and content search features, we could rapidly go after that information and resolve compliance issues. The tool also provides management with much better oversight of our stored data.  

Purview enables us to show our compliance in real-time and supports it via the compliance manager and compliance score. The assessment templates within the latter allow us to provide an overview of what we have done within the Microsoft 365 and Dynamics environments to our auditors, which is very handy. We're an ISO-certified company, amongst others. In meetings with compliance regulators, we can show that we're using information protection, DLP, data governance, and data lifecycle management functions to comply with regulations fully. The solution dramatically speeds up the process of talking with external auditors. 

Purview saves us time and money. We're an information-intensive organization; seeing where our sensitive information is stored is a significant time-saver. In addition, showing we're safeguarding that data also saves us a great deal of time. From an efficiency standpoint, AI and auto-classification of information is another big time-saver, as the staff members working for our clients don't want to spend time considering how long data needs to be stored, whether it should be archived, how sensitive it is and so on. I can't quantify exactly how much, but all of the above reasons save us a significant amount of time and money.

The data classification part of the solution is excellent, especially as it gives us an insight into our sensitive data within Microsoft 365. 

Data loss prevention is an extremely useful feature. 

The built-in information protection function is another that stands out. 

Purview delivering data protection across multi-cloud and multi-platform environments, including AWS and GCP, is becoming increasingly important. It's a relatively new functionality, and I see the importance of it growing even more over the coming years. This kind of functionality is highly appreciated for organizations operating a multi-cloud environment. 

It's very important to us that Purview can connect to iOS, Mac, and Android devices and data in other SaaS apps. From information protection and data loss prevention perspectives, information is accessed using many different devices, and extending that protection to iOS and Android is a must-have for any platform.   

The product's natively integrated compliance across Azure, Dynamics 365, and Office 365 is essential. The ability to classify information across workloads, and have a holistic view over our entire data estate where sensitive information is stored and handled, is excellent, especially from a CISO perspective. This is a capability we didn't previously have. Having that overview of where data is stored, plus the multi-platform/multi-cloud approach is the future for data classification and information protection. Wherever our data is stored, we have an overview of which is sensitive and which isn't. 

I greatly appreciate that Purview was built considering critical regulations worldwide, especially the international standards within the compliance manager. There are ISO and NIST standards, ideal for larger countries such as the USA and extensive international organizations.  

We use Purview for data loss prevention (DLP), and we're confident that we can detect and remediate policy violations. Microsoft improved its solution with recent additions, including advanced conditions, and the product is coming of age. The DLP is reaching a maturity level where we can confidently compare it with competitors like Symantec. It goes beyond DLP on emails, documents, on-premise, and endpoints; governmental organizations especially need to detect if sensitive information is being handled on devices. In this respect, Purview offers comprehensive protection.  

Used correctly, Purview is essential in staying on top of compliance. One of the best features in this regard is the solution's compliance manager, which helps us effectively comply with all the regulations. Many organizations should start using the platform because it will keep them on top of their compliance stances, and Microsoft periodically updates the assessments. We must be aware of updates and changes, as we can miss them if we do not pay attention. We can't just run the solution, walk away, and think we're compliant; it requires some monitoring of the developments from a roadmap perspective.   

Microsoft is doing an excellent job improving the platform, and they have a lot coming out shortly. However, the licensing around compliance could be much more transparent; it isn't clear for many organizations what kind of license they need to use, whether that's E5, E5 compliance, an information protection license, user-based, or platform-based. More information here would be a welcome improvement.

Blueprints and landing zones like we have in Azure would be great to see in Purview. The solution could offer a baseline or blueprint of recommended settings for compliance regulations such as GDPR and ISO, which could be applied with a simple switch in the options. 

Some dashboard centralization, like one overview dashboard instead of many loosely connected ones, could be a good improvement.

We must build our own assessments to comply with Dutch regulations, a mix of international and EU standards, as they aren't native to the solution. Many of our clients in the Netherlands require adherence to Dutch regulations, and as well as Purview covers the international aspect, the Dutch side is covered less than we would like.

There's room for improvement regarding Purview's data loss prevention for educating users on how best to handle sensitive data. Microsoft is working on improving the policy tips. Still, from a user's perspective, I want to see more information in the case of a policy violation, such as context or details on why a specific rule is triggered. There are ways to tweak the DLP options, but a significant improvement would be real-time notifications when working on an email or message within Teams, for example. DLP is only triggered when sending or saving, so real-time notifications would be great. The basic functionality is there, but there's room for improvement. 

We've been using Purview for around a year since Microsoft changed the name, but we've used the functionality within Purview for five to ten years.

We haven't had much experience with customer support as we didn't encounter many problems. However, the response is usually rapid, and the expertise depends on the technical knowledge of the agent we speak to.

Neutral

We didn't use different solutions, but some of our clients did and still do, mostly DLP and data classification platforms. The trend is that more have been moving to Purview because many are already paying for it within their licenses and not using it. We're an IT company focusing on Microsoft technology, so we went straight for Purview.

My colleague carried out the initial setup, and I'm primarily involved in deploying the solution's functions to our clients. Setup requires some planning, a discussion with the stakeholders, and a good sense of the data, but it's mostly very straightforward from an admin's perspective.

Our use case is mainly to do with GDPR-related data, and being able to get an overview of that information and act on it led to a speedy return on investment for us. Other organizations in the Netherlands bound by specific government regulations will also see a quick return on their investment when they discover they can classify their information and comply with regulations.

Aside from the complexity of the pricing model, the price itself is realistic. Features like AI components and automatic classification require additional licenses. Still, anyone can start using Purview with a basic E3 license if they're using Microsoft 365 and grow with additional licenses as needed. Overall, we're satisfied with the price.

With the way information is being used and the growth of data, the need for additional licenses for auto-classification etc., will become more and more apparent. I wouldn't be surprised if Microsoft incorporated those into the basic license in the future.

I rate the solution eight out of ten. 

Regarding Purview's data connector platform for supporting ingestion from non-Microsoft data sources, I have yet to work with it much. In highly regulated environments such as government organizations, it's very relevant, but I have yet to see it used much. The main reason is that the data connector platform is a relatively unknown component within the solution. It has its merits, but the use cases are limited.

If this were a year ago, I would have said the solution is getting there but hasn't reached maturity. However, Purview is now a very comprehensive solution; with all the enhancements, it's one of the best products available.

As Purview reached a maturity level where it could compete with third-party DLP solutions, some of our clients were able to move away from specific endpoint DLP products like Symantec DLP. Going with Purview also allowed these clients to fully leverage their existing licenses within Microsoft 365 and simplify their data governance. It provides a holistic view of the data estate, enables Defender for Cloud in Azure, and offers an integrated overview in one pane of glass.

Regarding automation, we use some limited functions using the solution's trainable classifiers and auto-classification of information. This notifies the user when working with certain kinds of sensitive data, GDPR and otherwise, so we use some basic AI functions within the platform.  

We're not currently using the product for insider risk management. Still, we are in the process of looking into implementing those features and how we could leverage them within our environment.