Microsoft Purview Data Governance Reviews

Our primary use cases involve sensitivity labels and data loss prevention. Within data governance, our focus is on ensuring the security of data that leaves our locations and that only authorized people view it.

The data protection feature is vital as it controls who can access data when it moves out of our protected boundary. Additionally, it helps us meet federal regulations by ensuring that sensitive data does not get out into the world where we don't want it to be.

We are currently in the rollout phase, so I am not entirely sure about specific areas of improvement. However, there are some problems with DLP rules, and it would be great if the security around DLP could be expanded.

I've used Microsoft Purview Data Governance for about a year.

We are in the rollout phase, so I don't know much about its stability yet.

The scalability is probably solid.

I rate Microsoft support seven out of 10. The support could be better, particularly with consulting.

The initial testing has been fairly smooth. There's a learning curve. We're still figuring out the product's limitations. 

We did everything in-house for the deployment.

On a scale of one to ten, I would rate the overall solution as an eight.

Our primary use case of Microsoft Purview is data discovery and scanning data sources.

Microsoft Purview is a cloud-based service on Azure, but the way it scans data sources is hybrid. While Purview itself resides in the cloud, some on-premises servers called integration runtimes are deployed within Purview to scan specific data sources. These on-premises servers are essential for making those sources accessible to Purview for further management and governance. In essence, Purview leverages a hybrid approach for data source scanning, but everything else about the service operates entirely in the cloud.

Microsoft Purview's data connector platform for handling non-Microsoft data sources effectively addresses our data ingestion requirements.

Purview affects the visibility we have into our estate. It is the primary reason why we use the solution.

While Microsoft Purview doesn't directly provide revenue, it saves our business money by improving efficiency. Imagine we're launching a marketing campaign and need customer or product data. Before Purview, we'd have to search for existing reports, unsure if they even exist. Now, Purview lets us see all reports, who created them, and when they were updated. This saves us time by eliminating manual data searches, ultimately reducing costs because people's time is valuable.

Purview's greatest benefit for us is data discovery. Even someone unfamiliar with our data can use Purview's basic keyword search to find relevant data sources. Purview then reveals details like data points, who maintains the source, update frequency, record and data point counts, columns, and data types – all this metadata is instantly available, making Purview our primary tool for data discovery.

While Microsoft Purview currently allows weekly scans for data sources, this limitation hinders the usefulness of the tool for frequently changing data. Ideally, Purview should offer daily scan frequencies to better accommodate these dynamic environments.

Microsoft should provide full access to log details, particularly those related to technical aspects of data source integration. Hiding information from technical users assumes a lack of understanding on their part, which isn't the case. While Microsoft claims Purview is under constant development and some features lack documentation, this shouldn't prevent transparency, especially for established functionalities we rely on.

I have been using Microsoft Purview for nearly one year.

Microsoft Purview is stable.

Microsoft Purview meets our scaling needs.

The error codes displayed by the user interface weren't detailed enough to diagnose a problem we had, so we contacted technical support for help. Even with some internal information, we couldn't properly debug the issue. Microsoft then examined their internal logs to provide more details about the error message, which was all we needed. Once we saw the additional log information, we were able to pinpoint the exact problem and fix it.

Neutral

Since Purview is an Azure service, enabling it for our company was simple for IT. Once activated, I became the collection admin, and data admin, and assumed all the associated Purview roles. Setting up the first data scan for our reports and data sources was surprisingly easy, even without any prior experience, though being technical helped! The process is entirely point-and-click with no coding required.

The week-long deployment involved collaboration with our IT network team to handle resources behind corporate firewalls, while I managed the remaining tasks, bringing the total number involved to three.

While we evaluated various data discovery and analytics solutions, particularly open-source options, we ultimately chose Microsoft Purview due to its seamless integration with our existing Azure Stack environment. Since Purview was already included in some of our corporate Microsoft agreements, it offered a cost-effective and user-friendly starting point for our data discovery needs.

I would rate Microsoft Purview eight out of ten.

While our data platform handles governance and privacy, we use Microsoft Purview specifically for data discovery. It helps us scan existing governed data sources and make them discoverable through various methods like keyword search, research tools, and browsing by data source. Notably, Purview provides valuable metadata, even though we don't currently leverage its compliance features.

No maintenance is required on our end.

Before considering Microsoft Purview, identify your specific data governance needs. Purview is a comprehensive solution, so pinpoint the features you require (data discovery, classification, sharing, etc.) and how they address your challenges. If you only need a few functionalities and paying extra for unused features isn't ideal, a simpler solution might suffice. However, if you plan to leverage Purview's full potential and the cost aligns with your budget, then I would recommend Purview.

As a Microsoft partner, we specialize in selling Microsoft products to our clients. Microsoft Purview serves as a typical data cataloging tool within our data governance projects.

Microsoft Purview offers comprehensive data protection capabilities across multi-cloud and multi-platform environments, including AWS and Google Cloud Platform. When discussing data protection, it's essential to recognize the different facets of Purview solutions. Firstly, there's the data catalog side, which focuses on organizing and managing data assets. Secondly, there's the risk and compliance aspect, which encompasses solutions like data loss prevention, insider risk management, and information protection for data security. Additionally, there are risk and compliance management features such as data lifecycle management, e-discovery, audits, and communication compliance. Microsoft Purview has been working towards integrating these three aspects—data security, data governance, and risk and compliance—into a unified interface which would provide a seamless experience for users to manage all aspects of data protection efficiently.

The ability for Purview to connect with iOS, Mac, and Android devices, as well as data from various SaaS applications, is of utmost importance. Customers prioritize this capability because they aim to safeguard their data regardless of its location—whether on mobile devices, in the cloud, or on computers.

It serves as a connection platform that supports the integration of data from non-Microsoft sources. While its capabilities for connecting with non-Microsoft data sources are continuously improving, there are still some limitations. Presently, Purview can connect with other cloud vendors such as Google Cloud, Amazon, and IBM.

Ensuring native integration of compliance across Azure, Dynamics, and Office 365 is a top priority for Purview. The aim is to consolidate all compliance functionalities into a unified interface, although currently, they remain separate. The ultimate goal is to streamline compliance processes by centralizing them within a single portal.

We use Purview for data loss prevention.

It hasn't yet streamlined the integration of solutions we interact with, as they remain separate. However, once the unification of data governance, data security, and risk compliance functionalities into one portal is fully implemented, it will likely reduce the need for multiple interactions. Currently, we're still navigating through different interfaces and portals to achieve our goals. So, as of now, the solutions remain separate, but there's potential for improvement in the future.

Purview has enhanced our visibility into our data estate, especially through the democratization of data via the data catalog. By surfacing our data assets and making them accessible throughout the organization, we've achieved better visibility overall. However, it's crucial to note that successful data governance requires more than just technology—it also involves having the right teams, processes, and policies in place. Therefore, by ensuring that all three components of data governance are aligned and well-managed, leveraging Purview's data catalog can significantly improve visibility into our assets.

There are AI components utilized for classification purposes, particularly in identifying names, such as people's first names and locations like cities. Additionally, there's deeper integration with MDM partners like Profisee and Tamr, who leverage Azure OpenAI for this purpose. However, even without these third-party vendors, within the data catalog or data map, classification relies on machine learning to identify and surface sensitive information effectively. AI has a significant impact on the quality of insights in Purview. It automatically classifies sensitive assets during scanning, which effectively reduces manual effort and ensures thorough coverage of sensitive information within the data catalog.

The ability to demonstrate compliance in real-time is facilitated by a dedicated solution known as Compliance Manager. This specific Purview solution falls under the category of risk and compliance, providing the necessary tools to showcase compliance status effectively.

Purview, particularly the Compliance Manager, has assisted us in enhancing compliance with regulatory requirements. With Purview Compliance Manager, it identifies areas where compliance may be lacking and provides actionable steps to achieve compliance. This tool facilitates easier discussions with compliance stakeholders and ensures alignment on necessary actions.

It has contributed to reducing the time required to address insider threats through its integration with Microsoft Defender for Endpoint. This integration includes a specific feature known as Insider Risk Management, which enables proactive detection of and alerts for suspicious or malicious activities.

It has helped save both time and money. One particular feature is called Data Sharing. Its primary aim is to minimize data duplication. This feature allows users to share data internally and externally without physically moving the data itself. Instead of creating additional copies of data as attachments or sending them via email, users can share data directly from its existing location. This reduces the need for storing multiple copies of the same data, ultimately saving storage space and associated costs.

It has enhanced our ability to maintain compliance by integrating Purview with Microsoft Sentinel. This integration enables the creation and sending of alerts, allowing us to proactively address sensitive information as it enters our data catalog.

It is designed to seamlessly connect to various data sources, which is particularly beneficial for our customers who primarily use Microsoft technologies. These sources include Azure Data Lake Storage Gen2, Synapse Workspace, and other platforms that Purview natively supports. Data cataloging is a fundamental feature of Purview, allowing users to organize and manage their data assets effectively. It also offers powerful lineage capabilities, enabling users to trace data from its source systems to the reporting layer. While there are some limitations in supporting end-to-end lineage for certain assets, Purview excels in automating lineage for supported assets such as Azure Data Factory and Synapse pipelines. Another valuable feature of Purview is its glossary terms functionality. Recently, we completed a project for a customer who was migrating their data dictionary from SharePoint to Purview's data catalog. This migration allowed them to seamlessly connect glossary terms to their ingested data assets, enhancing their data management and governance capabilities significantly.

Data quality has been a highly requested feature among customers. While it was initially scheduled for release in December last year, I anticipate that this feature will be available soon this year.

I suppose that with the integration of all three solutions—data security, data governance, and risk and compliance—there will be a clearer direction regarding changes on the people side of things. Like any other changes, this integration will necessitate new responsibilities, processes, and policies. It's essential to outline the expected changes on the people side, such as identifying impacted personas and defining their new responsibilities.

I have been working with it for three years.

I've encountered some slight lag, although Microsoft boasts a 99.9% SLA guaranteeing availability. This means there's an estimated downtime of around eight hours per year, but overall, disruptions are minimal.

Scalability has become more streamlined with recent updates. Previously, selecting a data map capacity was necessary when creating the data catalog, but now scalability has been improved. This means reduced overhead and eliminates the need for manual adjustment, making it easier to manage.

I've reached out to tech support numerous times. Interacting with them is always a positive experience because they consistently offer prompt assistance and valuable insights. It's particularly beneficial when dealing with new features or issues that many clients may not have encountered yet. They consistently deliver the assistance I need promptly and effectively. In cases where immediate answers are not available, I escalate the issue until I connect with the right individuals who can provide the necessary assistance. I would rate it ten out of ten.

Positive

Before transitioning to Purview, I was using the older version, which was Data Catalog.

The initial setup of Purview is straightforward, requiring just a few clicks to create an Azure account on the Purview portal. However, the complexity arises in setting it up properly, especially considering the Cloud Adoption Framework and the Analytics framework. While the setup can initially be simple, achieving scalability requires certain skills and responsibilities within the organization to ensure it's done properly. Scaling the architecture involves creating new data landing zones or subscriptions for different data workloads, such as Azure Machine Learning Workspace for data science teams while maintaining organizational governance and best practices. We are the ones responsible for assisting people in implementing Purview.

Typically, it requires at least two individuals from our team to deploy Purview, though sometimes up to three, depending on their skill sets. One essential role is a data governance lead responsible for overseeing tasks related to the data catalog, such as setting up the collection hierarchy and defining data domains. On the Azure infrastructure side, either a versatile solution architect or an Azure architect is needed to define the data management landing zone and data landing zone. This individual may also take on the role of a DevOps engineer to manage CI/CD processes for resource deployment and integration. Additionally, a data engineer is required to facilitate the movement of data assets from sources to the data warehouse. Lastly, a fabric administrator assists with necessary tenant settings. However, at a minimum, a solution architect and a data governance lead are essential, with the solution architect often taking on multiple roles.

The return on investment involves significant effort initially, but as organizations mature in their data governance practices, they begin to reap the benefits. These benefits include improved data quality, enhanced visibility of data assets, and increased compliance.

Currently, the licensing differs for the governance side compared to the risk and compliance side. On the governance side, the charges are based on the usage of Purview, including the data map, data catalog, and scanning and classification jobs. However, on the risk and compliance side, it's based on licensing, specifically the E5 license, to access the risk and security compliance features. As of now, the pricing structures remain separate. Improvements in providing clearer information on any pricing changes as these three solutions are unified would be beneficial.

The data quality is a top priority for clients and customers, and while it's expected to be available soon, there are a couple of reasons why there's a slight drawback. Firstly, the rebranding and renaming have confused customers. Although the move towards unifying everything into a single portal is a positive step, it has led to some customer confusion. Providing clearer guidance and communication about these changes and their associated responsibilities will be essential moving forward. Additionally, recent changes in features, such as the replacement of classification with sensitive information types in Compliance Manager, have shifted certain responsibilities from data governance leads to compliance or security teams. While this change impacts customers already using classification rules, it signifies a broader shift in responsibilities. Furthermore, the integration of Purview into Fabric is another aspect that requires better communication, likely due to upcoming changes and features. It's expected that after the unification of tools and features in the unified portal, there will be more emphasis on Fabric integration. Currently, details about this integration have been limited, but this is likely to change with upcoming releases. Overall, I would rate it seven out of ten.

I am a system integrator for Microsoft Purview. I have assessed some customers who already have Microsoft Purview because of their E5 license. However, they are not aware of Purview's capabilities. Purview is a relatively new product that provides an end-to-end data security lifecycle solution. It allows us to review our data with a data governance solution, classify it, protect it, and prevent data breaches. I have worked on almost all aspects of Purview.

We have assessed some customers and provided them with use cases such as using Purview to protect confidential data recovery. This allows them to manage their own workflow for vendors on a contractual basis. We have multiple use cases for Purview.

Purview's natively integrated compliance across Azure Dynamics and Office 365 is important. Microsoft has the advantage of being able to connect other solutions in its suite more easily, and this makes Purview a very good choice. With the exception of OCR in Teams, Purview works very smoothly. If we want to protect something in an email, Purview will prompt us immediately if we have configured it to do so. This is very convenient, and Purview does not use more system resources than expected. Another advantage of using Purview is that it is Microsoft's own product, so Microsoft can customize it to its own needs and ensure that it does not impact system performance.

It is important that Purview was built taking into account critical regulations from around the world. Purview is important because businesses are increasingly operating globally, and data is moving between different regions and countries. Purview is up to date with respect to different regional, national, and state privacy laws. I have found Purview to be a great solution, but it is not yet operating as well as it could. Microsoft is working hard to address this issue, and they are publishing new privacy acts to Purview on a regular basis.

How we use Purview data loss protection to educate users on how to handle sensitive data is we deploy Purview in the organization, categorize the data by region or department, perform data flow analysis to understand how the data is used and shared, classify the data as low, medium, or high risk based on the daily digital annual loss, We protect the data using Microsoft DLP, We publish videos on SharePoint to educate users about data classification and labeling, and we enable users to self-educate by providing them with access to documentation and training resources.

Purview is valuable because it is the only end-to-end data lifecycle management solution that provides data governance, classification, and protection.

Purview helps to reduce the number of solutions we need to interact with.

The reduction of the number of solutions we now need to interact with has simplified our data governance. 

I am satisfied with the visibility that Purview provides. Even without configuring anything, we can see many insights, but we do not get the exact details unless we configure Purview accordingly.

It provides a real-time compliance score for all our devices connected with Identity Access Management and Defender.

Purview helps us save time by publishing the policies quickly and collecting information in real time.

Purview helps us stay compliant. I have not encountered another solution that provides end-to-end licensing.

One of the valuable features of Microsoft Purview Information Protection, formerly known as Azure Information Protection or Microsoft Information Protection is data classification and data governance. MIP provides a unified labeling client that allows users to apply sensitivity labels to documents and emails in Microsoft Office files without the need for extra plugins or agents. MIP also provides strong information rights management settings, such as the ability to specify who has access to content and at what time.

Microsoft Purview's ability to deliver data protection across multi-cloud and multi-platform environments is important, but there are some limitations. For example, if we have our own cloud solution, Purview cannot currently protect it. However, we can integrate Purview with other OEMs, such as Forcepoint, McAfee, or Symantec, to provide DLP functionality for our CASB. Additionally, Purview cannot protect cloud platforms that are part of a shared domain, such as our own website, unless they are part of the public domain. Purview needs to add DLP support.

One of the things I would like to recommend is that Purview doesn't have the option to push policies or updates in real-time. Instead, it is based on the last five-bit communication. We cannot make any changes to this. It is based on the device when it is communicating with the server. If I want to do this forcefully from the server, if I want to send a wake-up call to all or selected agents throughout the organization, Purview does not have this capability in the GUI.

The reporting functionality needs to be improved. I have found that the solution is not satisfactory for reporting. We have to use Power BI to generate the overall profit, but this requires a lot of configuration. In another solution, we can easily achieve the same reporting functionality.

Purview does not have OCR functionality or network web. Therefore, OCR functionality is not included. OCR is available for Teams, but it does not work as expected. For example, it does not work well for systems that deliver to the recipient database, which could cause problems if it does not match our rules.

Purview has limitations connecting to Android devices and SaaS devices.

While Purview's data connector platform can ingest information from non-Microsoft data sources, it is slow to do so and the information may become outdated.

I would rate Purview's data loss prevention for remediating violations a six out of ten. The reason is that Purview does not have an option for endpoint discarding. In contrast, Forcepoint and Trellix are more mature DLP solutions that offer endpoint discarding. This allows us to scan endpoints for sensitive data, take a replica of that data, and store it in a safe location. We can also encrypt the data on the endpoint. Microsoft Purview DLP does not offer this functionality. It is only available for Teams and email.

I have been using Microsoft Purview for one and a half years.

Some features of Purview are stable, while others are not. MIP is very stable. DLP is constantly being updated, so some of its options may be unstable. The only stable portion of DLP is the database checking management.

Purview is in the cloud, so it is scalable. However, Microsoft sometimes makes it confusing by adding add-on features that we are forced to add and which will cost us to move. For example, there are options for endpoints four and six, but to use these, we have to add block storage, which will cost more. We should only have the option to configure everything in one console. This is because humans sometimes need to go to the Azure team and ask for access if they do not have Azure. Alternatively, the Azure admin team has to do this on their behalf. This is something that Microsoft can think about.

The customer support is the worst. When we were raising the case, the support was literally asking us how to resolve the issue. So I was really confused about what kind of support this was. We were seeking support, and apparently so were they. One of the customer support people had just provided us with dates but was not working on resolving the issue. I don't know why.

Negative

I have also used McAfee, Symantec, and Forcepoint for our data security. These solutions all offer endpoint discarding, which Purview does not. This gives us the option to replicate and save a copy in another place. Endpoint discarding is granular, and we can save reports in real time and connect to endpoints in real-time. We can also bypass the endpoint, which we cannot do with Purview. McAfee does not have to be built in, while Symantec does. 

The pros of Purview are utilization and performance. It is a lightweight solution that does not impact system utilization. This is important. Microsoft is a one-stop shop for data classification and DLP, so we may not need to worry about integrating with different vendors. We have MIP, and then DLP if we have exposure from DLP. Of course, it is possible to integrate with the help of APIs, but there is a risk that Microsoft may decide not to integrate with Forcepoint or Symantec in the future. This is something customers should think about. In that case, for customers with an E5 license, Purview would be the best choice because they can utilize all the Microsoft products and save costs. This strategy will also improve their security posture.

The initial setup is straightforward. Just plug in our internet credentials. That's it! No need to worry about the server, its utilization, configuration, or architecture. It's very easy to use, and we don't have to worry about disaster recovery or data centers. In a way, it's really helpful and cost-effective. Microsoft is taking care of everything on a pay-as-you-go basis.

The number of people required for deployment depends on the number of end users and departments. For example, an organization with 15,000 end users, 40 departments, and some generic requirements can deploy the solution using one L3, one L2, and two L1 people.

The fact that our organization continues to use Purview indicates that it provides some sort of return on investment.

We pay $15,000 per end user for the E5 license.

I would rate Microsoft Purview seven out of ten.

According to Gartner, Microsoft DLP is one of the top ten DLP solutions, but the top three are Trellix, Symantec, and Forcepoint. I prefer Forcepoint.

The maintenance is easy to complete.

I highly recommend that an organization use an E5 license if they are going with Microsoft because this will give them everything they need, including technical management, governance, and data management.

The use cases for the solution include data governance, metadata management, creating business grocery, doing data lineage out of the data within the entire data stack and technology stack, and, at the same time, creating data stewardship using the policy procedures. We're implementing the policy procedures, and using workflows for automating the task. 

The organization really doesn't have any security solution, however, they want to start their journey. It's an easier way to get started if they are already on the Microsoft side. It allows them to start with basic, common capabilities.

The inheritance feature is very good.

It is user-friendly. It’s cloud native and uses the Azure Stack which makes the deployment easy.

The documentation is very exhaustive. Anyone can go ahead and try different use cases.

Purview delivers data protection across multi-cloud and multi-platform environments, including AWS and GCP. Many organizations have a Windows operating system along with other Microsoft protection capabilities. The integration with risk and compliance is good. Microsoft has been across various areas of product expertise and covered everything under its umbrella.

It is important that Purview can connect to iOS, Mac, and Android devices, and data in other SaaS apps. It makes it easier to integrate everything. You don’t have to be specific to Microsoft products. It makes it more flexible.

It is important to us that Purview has taken into account critical regulations from around the world. They have captured most of the popular ones that are there. Many of the solutions still don't have this entire capability. When it comes to regulation and compliance, they have tried to get the most out of it and it’s included as part of PowerEdge.

We use the solution for data loss protection. For remediation. on a scale of one to five, it comes to around four. The security protection component was anyway there. They are just building on top of that and building above that.

Purview data loss protection is good at educating users on how best to handle sensitive data. There are learning and training modules available, which are helpful. It is still not there among the leaders as there are some organizations that are purely security solutions. Still, they have an edge over human identity governance. While they are not the leaders yet, they are trying to be there by trying to continuously improve and trying to provide the best of their capabilities.

Purview has helped us to reduce the number of solutions we need to interact with to some extent. Basically, it tries to solve some of the common problems raised with respect to governance.

The solution has helped improve visibility. It’s taking us to maturity level three by having the visibility aspects in place.

We haven’t used AI too much. The classification components are primarily being used. Other than that, it does have some features when it comes to text mining and identifying the EMEA site. To some extent, they have those AI capabilities and we'll try to leverage that more. We’ve been able to remove some manual activities. It was able to solve some of the problems based on the parameters and thresholds that had been defined.

It's helped provide us with a more precise, clear understanding of our data. 

Purview enables us to handle our compliance in real time. 

It does have regulation-specific templates that could be directly used to start with the journey of doing assessments identifying the maturity and then closing the gap as part of the gap assessment.

Purview helped to reduce the time to action on insider threats to some extent. We weren’t dependent on it much yet. We’ve used other vendors and technologies for that.

We went for an enterprise module. It helps us to start the journey. With it, we can start leveraging modules as part of the overall architectural stack. It does help with that. I’m not sure how much money has been saved just yet. However, there has been a fair bit of savings of both time and money.

To some extent, it has really helped us stay on top of compliance. Before, we had to do it manually. Having templates helps. It helps management understand whether we are compliant or not and can help work to close the gaps.

Non-Microsoft use cases are not very high. It's limited for now. They are continuously trying to evolve and trying to provide the latest right now. It is mature only on the more popular open source kind of applications or source tools. That is a limitation that it brings in. That said, if you already have a complete Microsoft stack then it will work really well.

They still need more coverage on Microsoft Dynamics 365. It's an area they are still working on. 

The lineage data capabilities could be improved. They need data quality as a solution. They need to have that as part of their suite. 

If I want to drive governance and adoption, when it comes to dashboarding and understanding maturity, it still needs work. There are other better, more competitive tools. 

I've been using the solution for the last five years. 

The solution has been stable. 

The solution is scalable. 

We do have personnel in-house that take care of any technical issues for the most part. Technical support is good when we do need help. There is documentation, FAQs, and chats, et cetera. When we reach out, we get support within 24 to 48 hours. Sometimes to get to the answers takes some time. 

Neutral

I've used other solutions such as Informatica, Collibra, and One Trust, among others. 

We had multiple use cases. Some organizations already had a strategic alignment with Microsoft Azure, and it made sense to go with Purview. Others felt it was a good option since it provides both governance and security. Many wanted to keep Microsoft as a strategic partner as well.

Purview is great in that it supports your stack, is cloud-native, and works directly with the Microsoft suite. Since it supports most options in an organization, it becomes easier to integrate so that we can gain that visibility.

The deployment requires an Azure enterprise account and is taken care of by one person and an Azure administrator. It's very easy. You just need to follow the steps and work with the Azure administrator.

Once it's set up, you get your users set up and define your rules. You need to deploy policies, et cetera, and go through a series of steps to ensure everything is ready and users are onboarded correctly. There are multiple strategies you can take on later - for example, decentralized and piecemeal approaches. 

We have different scenarios including production and development environments. We have different strategies to keep different environments in sync and do quarterly checkups where we identify certain areas and departments to add. 

Maintenance is only needed for larger organizations that are more mature. There is no separate maintenance; it's all under the same license. 

The ROI has been very high and can be measured in many ways. We measure ROI based on the organizational maturity and data-related use cases. 

The cost is completely based on the number of users and the subscriptions that it provides. Also, the technology stack and how much data you have or how many connectors you are using, et cetera. There are a lot of different types of factors to consider when calculating cost. Since we went for more of a pay-as-you-go model, it is based on consumption.

More complex organizations use more data and therefore the pricing will be different from smaller, less complex organizations. 

I have been a partner and implementor, however, right now, I am more of an end-user.

We are working with the SaaS version of the solution. 

I'd advise others to take time and understand both this and competitor solutions. Consider the use case you are solving for. 

I would rate the solution seven out of ten. 

We use the solution to defend endpoint workloads and prevent data loss. We also use it for governance.

One of the biggest benefits of the solution is visibility. Previously, we had a myriad of different solutions for compliance and to look at different workloads. Microsoft Purview brings all those things together in a very similar look and feel.

It also enables access management. We can provide an elevated privilege for a limited time. If the user needs privileged access, they can request it on an ad-hoc basis. We have workflows to provide access depending on different approval models. We can do all such things without elevating the risk posture.

The time to onboard is pretty short. It comes with a whole bunch of recommendations for somebody who has a small crew like me. It gives the ability to onboard the product and have a really good baseline to begin with. All I have to do is three or four clicks, and it's off and running. It is one of the greatest removers of barriers to entry. We have to be generalists, being a small shop. It's important for us to begin from a great place. Some other highlights compared to the competition are

• Unified Data Governance & Compliance
• Comprehensive Data Discovery & Cataloging
• Deep Azure Ecosystem Integration
• Data Loss Prevention (DLP) and Insider Risk Management
• Role-Based Insights and Access Control

The tool's Windows PC offerings are far better compared to the granularity on the Mac side. The product must provide better integrations with OS X and iOS. There must be feature parity. The product must also provide better integrations with other ecosystems. I'd love to see Microsoft integrating with Google Workspace, at least in the EDU K-12 space. Most people in the EDU space use Google Workspace and Microsoft. Extending the capabilities of Purview would be phenomenal. to summarize, 

• Limited functionality on macOS (e.g., sensitivity labels not fully supported in all Office apps)
• Inconsistent feature parity across platforms (Windows vs. macOS vs. web)
• UI complexity and steep learning curve for new users

.

I have been using the solution for five years.

The tool is stable.

The tool is scalable.

The support must be improved. Unfortunately, a lot of times, it's a hit or miss. With the breadth of their customer base, much of it must be diverted to third-party consultants. I almost dread it when I see an email from a third-party vendor. When you're an insider, you have much better access to resources than a consultant.

Positive

We were using Barracuda DLP for email filtering and file sharing. We switched to Microsoft Purview to bring it all under one umbrella.

The initial setup was straightforward.

I have a few friends in the industry who've done this. We did a proof of concept, began small, looked at the pros and cons, and expanded it.

The product saves us time and effort. We can easily access Microsoft Exchange or Microsoft 365 and see the violations. It has easier and fewer workflows. Otherwise, we would have had to go into individual users' file systems and look for violations.

The solution is extremely affordable for the K-12 space.

We evaluated solutions for individual silos, but we did not evaluate a cohesive unit like Microsoft Purview. Microsoft is extremely affordable for the K-12 space. It was a no-brainer to onboard Purview to peer across different workloads.

Barracuda Email Security was pretty good. The problem was that it was a single solution. It doesn't extend across our data estate. Purview has a vast and rich ecosystem.

It is extremely important that Purview delivers data protection across multi-cloud environments. They currently do GCP and AWS, but not necessarily Google Workspace. I'm hoping that it'll be their next natural extension.

It is very important to us that Purview was built taking into account critical regulations from around the world. Since we work in the K-12 space, we deal with minors. It is important to protect their identity and privacy and have their well-being and the nationwide and statewide regulations at the forefront. It's very important for us to be compliant, not just from a compliance perspective, but also to protect the needs of children.

Insider risk is a big challenge. Many people want to share and communicate. There's a balance between communicating and oversharing confidential information. It's reasonable to expect a teacher to know all those nuances. A policy that can oversee and provide guardrails to users is very important. A feedback mechanism for the end user to act on would be very helpful.

We can see across different systems without too much effort. It is very important to us. Purview enables us to show our compliance in real-time. The security score helps me compare myself to other organizations. Being able to identify a gap and fill it is super helpful. As a small organization, our audits are more financial in nature.

More than time and money, the tool has increased accountability within the organization. We can have proactive conversations about data security. The product provides me with a 300% return on investment.

It is critical for us that Purview connects to iOS, Mac, and Android devices. Large organizations can have separate IT sections for different departments. As a smaller organization, our ability to support different needs across different SaaS applications and platforms through Purview is important.

The ability to peer more into heterogeneous environments is an area of growth for the solution. It is a must-have.

Overall, I rate the product a seven out of ten.

We use Microsoft Purview for DLP capabilities and email encryption.

Ensuring data protection across multi-cloud and multi-platform environments through Purview is crucial for us. Currently operating on Azure and AWS, we plan to migrate a portion of our on-premises workloads to the cloud. To achieve this, we will leverage Purview for data loss prevention on our virtual machines and utilize Azure Arc for centralized management of all our platforms.

Purview's ability to connect to a wide range of devices, including iOS, Android, and others, enhances our visibility into BYOD devices deployed across our environments.

As a public organization, we are bound by policies and regulations. To ensure compliance across Azure Dynamics 365 and Office 365, both locally and internationally, we leverage the native compliance capabilities of Purview, which integrates seamlessly with both platforms.

The DLP for remediating policy violations works well. We can easily view the details and conduct investigations from a single dashboard.

We recently started using Purview for DLP on Mac OS devices.

Implementing Purview as our primary data loss prevention solution has yielded significant benefits. Our Microsoft E5 license provides enhanced protection across the organization, offering immense value through its comprehensive features. Consequently, we have been able to streamline our security posture by consolidating third-party solutions and focusing on Purview and other robust Microsoft applications.

Microsoft Purview has streamlined our workflow by consolidating diverse systems into a single, user-friendly dashboard. This one-stop shop simplifies access and management across our organization.

Microsoft Purview enables us to show our compliance in real-time. We are satisfied with the speed at which Purview provides alerts and details to us.

Microsoft Purview has significantly shortened the response time to insider threats by almost 70 percent. It can rapidly block unauthorized user access, leading to a reduction in required manpower.

Microsoft Purview has helped to save money by preventing the loss of data in our environment as well as around 60 percent of our admin user's time.

Purview helps us stay on top of compliance. We no longer have to review incidents manually, improving compliance by 80 percent.

The custom classifications are one of the most valuable features. For instance, if we want to block the transfer of card details, there are many pre-built samples for different countries that we can easily use in Purview, eliminating the need to create our classifications which makes the work easier.

Purview needs to improve its DLP capabilities for removable devices such as external drives and USB devices.

The custom data classification for the African region needs to be improved.

I have been using Microsoft Purview for five years.

Microsoft Purview has been stable, with no incidents involving the Data Loss Prevention functionality. However, there have been a few instances where the admin portal has been unavailable.

Microsoft Purview is extremely scalable.

The support response time can be improved.

Positive

We are currently using Forcepoint and Microsoft Purview, but with our E5 license, we're considering consolidating our security products under one umbrella and one dashboard, potentially phasing out Forcepoint.

The initial deployment took a few hours. Five to six people were involved in the deployment.

I would rate the cost of Microsoft Purview a six out of ten with ten being the most expensive.

I would rate Microsoft Purview an eight out of ten.

We have a complex group-wide tenant that requires us to have different administrative units for each country. We have around 50,000 users worldwide.

Purview does not require any maintenance beyond regular checks in the admin portal to ensure everything is functioning correctly.

We have implemented Microsoft Purview as a comprehensive DLP solution for our clients across Europe, Africa, and the Middle East to protect their data and help them classify, identify, and investigate who and how the data is being accessed.

Microsoft is aiming to build favorable relationships with other cloud solution providers. On our end, if we have both AWS solutions and Microsoft's cloud solution, implementing the Microsoft Purview dashboard can be a good way to collect and classify our data across both platforms. This could be a strong selling point for Microsoft to explore partnerships with AWS and other public cloud players, allowing them to combine and leverage their global development, sales, and services.

Implementing Purview's integrated compliance across Azure Dynamics 365 and Office 365 is relatively straightforward thanks to available connectors and Microsoft's improved user interface.

Microsoft Purview includes a compliance manager, which simplifies meeting various standards and regulations through integration with companies like ISO, ISCE, and other risk solutions. This feature is an add-on for E5 and E3 licenses. It allows us to create assessments that generate reports with specific recommendations for implementing and configuring ISO 27001 or other standards within our Microsoft 365 environment. This makes compliance significantly easier and, according to Microsoft, can reduce the cost of implementing such measures by approximately 40 percent compared to using other solutions for ISO compliance or other critical regulations.

Given my role as a cybersecurity consultant, I previously created a DLP policy based on the client's needs. Since then, I haven't had further contact with the client. However, I'm now working on a new project for them next year. This project involves developing and implementing a DLP solution with a focus on information protection. My responsibilities include monitoring all user activity and reporting on it in a few months. Based on my observations, there's a significant amount of activity requiring governance. This includes areas like DLP policy enforcement, USB blocking, printer control, copy prevention, file transfer via secure FTP, and external user access restrictions. Purview's data loss protection is helpful for remediating policy violations.

I'm developing a short training guide, about four pages or more, on enabling information protection labeling and related topics. Some clients have suggested automation, but I believe the best approach is to guide users through manual labeling. For instance, we could have a "Sensitive" label for data like personal information, ID numbers, passports, names, passwords, and so on. Information protection can be implemented either by defining detection rules beforehand or by using the system's automated detection capabilities. If sensitive information is detected, the system can then recommend applying the "Non-Confidential" label or whichever equivalent label we prefer.

Microsoft has developed and launched Microsoft Defender for Endpoint for Mac. This agent for macOS is the same agent used for data loss prevention in Endpoint. However, if we don't require DLP for Endpoint, we can simply synchronize our Macs with Microsoft Intune. Intune, a combination of Microsoft Entra ID and an MDM solution, is not just for mobile devices; it's a device management platform for all company devices, including PCs, Macs, mobile devices, and servers. It allows us to synchronize settings and policies across all our devices, manage software deployments, and utilize various other features. Therefore, we have two options: either synchronize our Macs with Intune or install the Microsoft Defender for Endpoint agent to implement DLP for Endpoint. DLP for Endpoint is mandatory if we need to detect and control USB devices, printers, and other data transfer peripherals.

Microsoft Purview's primary benefit lies in safeguarding sensitive and confidential data, thereby mitigating the risk of internal data exfiltration.

Purview does help our customers reduce the number of solutions they interact with. From a cybersecurity engineer and information security expert perspective, consolidating and streamlining technology can be beneficial for IT departments, especially before implementation. Currently, Security Service Edge emerges as a promising solution due to its integration with zero-trust principles and protocols. For example, instead of deploying multiple endpoint detection and response solutions, a single, antivirus-free EDR like CrowdStrike can suffice. Similarly, Microsoft's Defender for Cloud Apps, combined with XDR and other security features, offers a comprehensive solution for Security Operations Centers. My goal is to create a unified MDR solution for clients, allowing for centralized data collection and log analysis. This unified platform, ideally with one or two dashboards, would enable efficient investigation and response, minimizing investigation time and cost. Combining various tools into one interface eliminates the need to jump between dashboards, improving analyst efficiency. Why rely on multiple vendors like CrowdStrike, Proofpoint, Minetest, and MISSP when a single solution can offer comprehensive visibility and data security? Microsoft's Image Security 365, coupled with best practices and anti-phishing strategies, can significantly enhance security. Furthermore, I recommend implementing a DMZ with two firewalls, one internal and one external. This layered security approach, while requiring two vendors, provides redundancy and prevents attackers from exploiting a single firewall and gaining access to the network. However, it's important to remember that cybersecurity solutions are not one-size-fits-all. Each client and scenario requires tailored strategies based on their unique needs and context. Consistency across the industry is crucial, but it's important to acknowledge the lack of standardized approaches in the current landscape.

The Microsoft Purview dashboard is primarily a data security solution, allowing us to implement various layers to safeguard our information. While it can be used for some Endpoint Detection and Response functionalities, its full potential in this area might not be realized without proper configuration and understanding of the underlying processes.

While Purview offers real-time compliance monitoring, it's an add-on feature functioning as a compliance manager. However, due to a lack of clear communication, not all companies fully understand its capabilities. Additionally, it's important to note that while compliance and standards often relate heavily to financial and banking sectors, the scope of regulations has broadened significantly in recent years, extending beyond these specific industries.

Purview helps us stay on top of compliance because Microsoft has tried to build Purview based on the ISC framework.

No single feature stands out as the best because the most effective approach involves combining multiple features. For example, when using information protection, labeling, and classification, a multi-step process is necessary. First, we must classify our data, which requires a thorough understanding of our environment and the nature of the data itself. Once classified, we can apply labels and establish rules governing data sharing through information protection measures. The final step involves implementing and configuring a Data Loss Prevention solution. It's crucial to remember that the goal isn't to find ideal individual features; rather, it's to leverage the synergy of multiple technologies to create a comprehensive and powerful data protection strategy.

I've been working closely with Microsoft support on issues with the Microsoft Purview Information Protection scanner's on-premises services. While it's a solid tool, there's still room for improvement in my opinion. I've submitted numerous recommendations, from solutions to address specific problems to the implementation of new features like bulk scanning across multiple servers, not just individual paths. I've also encountered a high number of false positives in the classifier and made suggestions for resolving them. Microsoft support is currently reviewing my input, and we're collaborating to refine the scanner and minimize false positives. It's important to remember that this is a new technology, and like any newborn business venture, it's prone to growing pains. Errors and mistakes are inevitable along the way, but they're also valuable learning opportunities.

Frequent daily updates from Microsoft can cause interface elements like buttons to appear and disappear, making navigation unpredictable. Additionally, Microsoft also generates new licenses that require investigation to identify each new license.

I have been using Microsoft Purview for one and a half years.

Microsoft Purview is scalable.

Sometimes we have a communication gap or delay but most of the time the technical support is good.

One person can deploy Microsoft Purview.

We implement Purview for our clients.

We are a Microsoft Gold Partner and are currently satisfied with our existing solutions. Therefore, we do not prioritize evaluating other vendors at this time.

I would rate Microsoft Purview a seven out of ten. Purview is a good solution but it takes time to master.