The easiest route - we'll conduct a 15 minute phone interview and write up the review for you.
Use our online form to submit your review. It's quick and you can post anonymously.
They have data discovery and classification for their data sources, and they want to protect data moving outside for DLP. They want to protect data on emails, they want to protect data on endpoints, and they want to protect data by uploading the files on cloud applications. These are the use cases which we have implemented.
One solution is Azure Information Protection, which is a good solution. It is an agent-based solution which helps in real-time giving data discovery and classification.
Microsoft solution is all cloud-based solutions, so most of the customers have deployed this on cloud, but some of the customers have also used them for on-premises data scan.
They usually use Azure cloud because it is Microsoft proprietary, so they have to get an E5 license from Microsoft to use this product.
Microsoft Purview Information Protection helps in terms of identifying and giving an overall report of data, specifically in getting what data they have in their environment and providing an overall view of what kind of data they have and where it is stored. Based on that, the customer has made their decision in terms of how they want to protect it. It is a great solution; the only challenge is that some of the capabilities are not working as expected. As far as client concerns go, they know that from Microsoft, at least 70% of things can be achievable.
The product is still in a growing phase. I could see that many use cases in their product are not capable enough in terms of detecting or protecting. Compared to other products, they are in the middle of bringing their solution up to the mark, so it is not a full-grown solution.
They have to get more accurate results in terms of data discovery and classification. The second thing is their support; support from Microsoft takes a lot of time to get a response from their support team. The third thing is their OCR capability is not that great in terms of identifying the documents.
We would love to see response times of less than 24 hours. Additionally, there is no way to check the policy's current status in terms of whether it got synced or not. You have to wait and test the use cases after 24 hours or after 48 hours, and once it starts working, then it appears the policy got implemented.
Deployment is pretty straightforward; it is not a challenge in terms of implementing Microsoft Purview Information Protection. However, one thing which as an implementer or as a customer we have to keep in mind is that the policies take a lot of time in terms of getting implementation or getting reflected on the system. If I have updated the policy today, I can see the result after 24 to 48 hours.
Stability and reliability are good; the product is stable. Whatever the product does, it does better than any other solution, but for features it does not have, we have to wait for the next release, or we have to wait for the support team to provide workarounds. Stability and reliability are good, so we can trust and use this product.
The support from Microsoft takes a lot of time to get a response from their support team.
Neutral
They are using multiple solutions, and my customers have also invested in other solutions. For example, Varonis is one solution where they are achieving some of the use cases from Varonis and some of the use cases from Microsoft Purview.
Pricing is good because if somebody is looking for an overall cybersecurity solution, Microsoft has one license with many solutions bundled with that license. The E5 license covers most of the solutions for different technologies, so it is good and more affordable compared to any other solution.
Microsoft Purview E5 license comes with different solutions including data discovery classification, CASB, DLP solution, and Defender for Cloud. Multiple solutions have been integrated into one license, whereas previously, customers were using different solutions for different use cases. Now, with one E5 license, they are able to manage all the use cases, achieving unified console and unified licensing, which has brought their costs down.
They are capable enough in terms of regulatory compliance, but most of the features mentioned in their capability are not working, which is where the challenge lies.
For unstructured data, they are up to nine out of 10, but for structured data, they are not up to the mark, scoring six or seven in terms of integration and performing scanning.
It gets integrated with most of the data sources and solutions, with pre-built APIs already available. There is no challenge in terms of integration, and Microsoft brings many new APIs for their data sources every month, making it easy to integrate.
Microsoft is constantly bringing new technologies and integrating them with their solution. Microsoft Purview Information Protection is continuously enhancing the product and trying to match market needs by bringing new technologies and solutions to their portfolio.
Microsoft has invested heavily in AI with their Copilot, which many companies are using. They have out-of-the-box DLP policies for AI, which ensure sensitive content is not moving outside. Once implemented, you can monitor user activity inside risk management and take action to block sensitive data while uploading AI applications.
On a scale of 1-10, this solution rates an 8.
I am a customer and user of the tools.
We are a big shop, and both the companies I work for are Microsoft Office 365 customers with over eighty thousand seats. Microsoft Purview Data Lifecycle Management helps govern and protect the data across the Office 365 estate, both on-premise and cloud, as we have a multi-cloud environment. We use Microsoft Purview Data Lifecycle Management as a SaaS service to protect the data across the organization.
We use it to scan our documents, classify them, and map these data across our estate, such as document repository estates including OneDrive and SharePoint, both on-premise and online. It provides a view on our SQL databases, AWS, and the file system. Currently, it is mostly for OneDrive, SharePoint on-premise, and SharePoint online in terms of data discovery, providing a searchable catalog where users can search and understand the data assets based on business and technical data classifications, such as internal and public documents or labeling.
Microsoft Purview Data Lifecycle Management can be used, but currently nineteen percent of the estate consists of Windows desktops or notebooks. OneDrive and SharePoint data are accessible via both Android and Windows devices. However, our end-user devices are mostly Windows desktops, with a mobile component that can be iOS or Android.
It is used in production; all the data I'm talking about is in production data.
Microsoft Purview Data Lifecycle Management is used on the Microsoft Purview portal for data management. The solution helps govern and protect the data across the Office 365 estate, both on-premise and cloud, in our multi-cloud environment.
The solution can be effectively used across various devices, including Windows desktops and notebooks. OneDrive and SharePoint data are accessible via both Android and Windows devices, with support for iOS devices as part of the mobile component.
One of the requirements is to have data leak policies and data access policies. This is very critical to enforce data governance standards, which relate to data classification, access control, data protection, and retention. It covers the entire lifecycle, helping us to protect, detect, and classify the documents.
Challenges are mostly related to the security products onboarded into the bank; they have challenges in terms of those products complying with the internal standards. Sometimes, we cannot just use the DLP across the state. For example, using Microsoft products has been easy to adopt, such as OneDrive and SharePoint on-premise, but it becomes a challenge when it comes to AWS, as data also exists in S3 buckets. Testing is still ongoing, but it will eventually be done.
The time it takes to scan is one issue; when we raise high-volume issues and tickets related to scanning failures, it relates to permission errors, which are technical challenges. These take time because we have high volume tickets in terms of connectivity, scanning failures, and related matters. There are also frequent change requests, especially regarding scoping or rescoping due to complexities, creating several challenges.
In both organizations I work with, there are gaps, and there is no enterprise-wide data classification available. However, there are pockets of implementations for various products. Some agencies are using it, but otherwise, there's no product existing across the enterprise.
Microsoft Purview Data Lifecycle Management is definitely a good solution, but there is significant room for improvement from a product perspective. Reporting is another area that needs improvement.
I have worked with the solution for almost three years now.
The system is stable; I haven't encountered any worldwide stability issues unlike other office products. I see no issues with the Microsoft Purview Data Lifecycle Management portal aside from technical challenges.
The scalability depends on certain organizational security policies that the Microsoft Purview Data Lifecycle Management portal may not currently address. We are working with Microsoft on this.
Microsoft is generally responsive, but because these are all SaaS products, requests for new features may not happen quickly. I would rate it around seven on a scale of one to ten.
Positive
Because I am just a technical manager leading the team, I adhere to a nondisclosure policy due to my work with government and banks. My overall rating for Microsoft Purview Data Lifecycle Management is six out of ten.
