Microsoft Purview Reviews

We use the solution to defend endpoint workloads and prevent data loss. We also use it for governance.

One of the biggest benefits of the solution is visibility. Previously, we had a myriad of different solutions for compliance and to look at different workloads. Microsoft Purview brings all those things together in a very similar look and feel.

It also enables access management. We can provide an elevated privilege for a limited time. If the user needs privileged access, they can request it on an ad-hoc basis. We have workflows to provide access depending on different approval models. We can do all such things without elevating the risk posture.

The time to onboard is pretty short. It comes with a whole bunch of recommendations for somebody who has a small crew like me. It gives the ability to onboard the product and have a really good baseline to begin with. All I have to do is three or four clicks, and it's off and running. It is one of the greatest removers of barriers to entry. We have to be generalists, being a small shop. It's important for us to begin from a great place.

The tool's Windows PC offerings are far better compared to the granularity on the Mac side. The product must provide better integrations with OS X and iOS. There must be feature parity. The product must also provide better integrations with other ecosystems. I'd love to see Microsoft integrating with Google Workspace, at least in the EDU K-12 space. Most people in the EDU space use Google Workspace and Microsoft. Extending the capabilities of Purview would be phenomenal.

I have been using the solution for three years.

The tool is stable.

The tool is scalable.

The support must be improved. Unfortunately, a lot of times, it's a hit or miss. With the breadth of their customer base, much of it must be diverted to third-party consultants. I almost dread it when I see an email from a third-party vendor. When you're an insider, you have much better access to resources than a consultant.

We were using Barracuda DLP for email filtering and file sharing. We switched to Microsoft Purview to bring it all under one umbrella.

The initial setup was straightforward.

I have a few friends in the industry who've done this. We did a proof of concept, began small, looked at the pros and cons, and expanded it.

The product saves us time and effort. We can easily access Microsoft Exchange or Microsoft 365 and see the violations. It has easier and fewer workflows. Otherwise, we would have had to go into individual users' file systems and look for violations.

The solution is extremely affordable for the K-12 space.

We evaluated solutions for individual silos, but we did not evaluate a cohesive unit like Microsoft Purview. Microsoft is extremely affordable for the K-12 space. It was a no-brainer to onboard Purview to peer across different workloads.

Barracuda Email Security was pretty good. The problem was that it was a single solution. It doesn't extend across our data estate. Purview has a vast and rich ecosystem.

It is extremely important that Purview delivers data protection across multi-cloud environments. They currently do GCP and AWS, but not necessarily Google Workspace. I'm hoping that it'll be their next natural extension.

It is very important to us that Purview was built taking into account critical regulations from around the world. Since we work in the K-12 space, we deal with minors. It is important to protect their identity and privacy and have their well-being and the nationwide and statewide regulations at the forefront. It's very important for us to be compliant, not just from a compliance perspective, but also to protect the needs of children.

Insider risk is a big challenge. Many people want to share and communicate. There's a balance between communicating and oversharing confidential information. It's reasonable to expect a teacher to know all those nuances. A policy that can oversee and provide guardrails to users is very important. A feedback mechanism for the end user to act on would be very helpful.

We can see across different systems without too much effort. It is very important to us. Purview enables us to show our compliance in real-time. The security score helps me compare myself to other organizations. Being able to identify a gap and fill it is super helpful. As a small organization, our audits are more financial in nature.

More than time and money, the tool has increased accountability within the organization. We can have proactive conversations about data security. The product provides me with a 300% return on investment.

It is critical for us that Purview connects to iOS, Mac, and Android devices. Large organizations can have separate IT sections for different departments. As a smaller organization, our ability to support different needs across different SaaS applications and platforms through Purview is important.

The ability to peer more into heterogeneous environments is an area of growth for the solution. It is a must-have.

Overall, I rate the product a seven out of ten.

I am a system integrator for Microsoft Purview. I have assessed some customers who already have Microsoft Purview because of their E5 license. However, they are not aware of Purview's capabilities. Purview is a relatively new product that provides an end-to-end data security lifecycle solution. It allows us to review our data with a data governance solution, classify it, protect it, and prevent data breaches. I have worked on almost all aspects of Purview.

We have assessed some customers and provided them with use cases such as using Purview to protect confidential data recovery. This allows them to manage their own workflow for vendors on a contractual basis. We have multiple use cases for Purview.

Purview's natively integrated compliance across Azure Dynamics and Office 365 is important. Microsoft has the advantage of being able to connect other solutions in its suite more easily, and this makes Purview a very good choice. With the exception of OCR in Teams, Purview works very smoothly. If we want to protect something in an email, Purview will prompt us immediately if we have configured it to do so. This is very convenient, and Purview does not use more system resources than expected. Another advantage of using Purview is that it is Microsoft's own product, so Microsoft can customize it to its own needs and ensure that it does not impact system performance.

It is important that Purview was built taking into account critical regulations from around the world. Purview is important because businesses are increasingly operating globally, and data is moving between different regions and countries. Purview is up to date with respect to different regional, national, and state privacy laws. I have found Purview to be a great solution, but it is not yet operating as well as it could. Microsoft is working hard to address this issue, and they are publishing new privacy acts to Purview on a regular basis.

How we use Purview data loss protection to educate users on how to handle sensitive data is we deploy Purview in the organization, categorize the data by region or department, perform data flow analysis to understand how the data is used and shared, classify the data as low, medium, or high risk based on the daily digital annual loss, We protect the data using Microsoft DLP, We publish videos on SharePoint to educate users about data classification and labeling, and we enable users to self-educate by providing them with access to documentation and training resources.

Purview is valuable because it is the only end-to-end data lifecycle management solution that provides data governance, classification, and protection.

Purview helps to reduce the number of solutions we need to interact with.

The reduction of the number of solutions we now need to interact with has simplified our data governance. 

I am satisfied with the visibility that Purview provides. Even without configuring anything, we can see many insights, but we do not get the exact details unless we configure Purview accordingly.

It provides a real-time compliance score for all our devices connected with Identity Access Management and Defender.

Purview helps us save time by publishing the policies quickly and collecting information in real time.

Purview helps us stay compliant. I have not encountered another solution that provides end-to-end licensing.

One of the valuable features of Microsoft Purview Information Protection, formerly known as Azure Information Protection or Microsoft Information Protection is data classification and data governance. MIP provides a unified labeling client that allows users to apply sensitivity labels to documents and emails in Microsoft Office files without the need for extra plugins or agents. MIP also provides strong information rights management settings, such as the ability to specify who has access to content and at what time.

Microsoft Purview's ability to deliver data protection across multi-cloud and multi-platform environments is important, but there are some limitations. For example, if we have our own cloud solution, Purview cannot currently protect it. However, we can integrate Purview with other OEMs, such as Forcepoint, McAfee, or Symantec, to provide DLP functionality for our CASB. Additionally, Purview cannot protect cloud platforms that are part of a shared domain, such as our own website, unless they are part of the public domain. Purview needs to add DLP support.

One of the things I would like to recommend is that Purview doesn't have the option to push policies or updates in real-time. Instead, it is based on the last five-bit communication. We cannot make any changes to this. It is based on the device when it is communicating with the server. If I want to do this forcefully from the server, if I want to send a wake-up call to all or selected agents throughout the organization, Purview does not have this capability in the GUI.

The reporting functionality needs to be improved. I have found that the solution is not satisfactory for reporting. We have to use Power BI to generate the overall profit, but this requires a lot of configuration. In another solution, we can easily achieve the same reporting functionality.

Purview does not have OCR functionality or network web. Therefore, OCR functionality is not included. OCR is available for Teams, but it does not work as expected. For example, it does not work well for systems that deliver to the recipient database, which could cause problems if it does not match our rules.

Purview has limitations connecting to Android devices and SaaS devices.

While Purview's data connector platform can ingest information from non-Microsoft data sources, it is slow to do so and the information may become outdated.

I would rate Purview's data loss prevention for remediating violations a six out of ten. The reason is that Purview does not have an option for endpoint discarding. In contrast, Forcepoint and Trellix are more mature DLP solutions that offer endpoint discarding. This allows us to scan endpoints for sensitive data, take a replica of that data, and store it in a safe location. We can also encrypt the data on the endpoint. Microsoft Purview DLP does not offer this functionality. It is only available for Teams and email.

I have been using Microsoft Purview for one and a half years.

Some features of Purview are stable, while others are not. MIP is very stable. DLP is constantly being updated, so some of its options may be unstable. The only stable portion of DLP is the database checking management.

Purview is in the cloud, so it is scalable. However, Microsoft sometimes makes it confusing by adding add-on features that we are forced to add and which will cost us to move. For example, there are options for endpoints four and six, but to use these, we have to add block storage, which will cost more. We should only have the option to configure everything in one console. This is because humans sometimes need to go to the Azure team and ask for access if they do not have Azure. Alternatively, the Azure admin team has to do this on their behalf. This is something that Microsoft can think about.

The customer support is the worst. When we were raising the case, the support was literally asking us how to resolve the issue. So I was really confused about what kind of support this was. We were seeking support, and apparently so were they. One of the customer support people had just provided us with dates but was not working on resolving the issue. I don't know why.

Negative

I have also used McAfee, Symantec, and Forcepoint for our data security. These solutions all offer endpoint discarding, which Purview does not. This gives us the option to replicate and save a copy in another place. Endpoint discarding is granular, and we can save reports in real time and connect to endpoints in real-time. We can also bypass the endpoint, which we cannot do with Purview. McAfee does not have to be built in, while Symantec does. 

The pros of Purview are utilization and performance. It is a lightweight solution that does not impact system utilization. This is important. Microsoft is a one-stop shop for data classification and DLP, so we may not need to worry about integrating with different vendors. We have MIP, and then DLP if we have exposure from DLP. Of course, it is possible to integrate with the help of APIs, but there is a risk that Microsoft may decide not to integrate with Forcepoint or Symantec in the future. This is something customers should think about. In that case, for customers with an E5 license, Purview would be the best choice because they can utilize all the Microsoft products and save costs. This strategy will also improve their security posture.

The initial setup is straightforward. Just plug in our internet credentials. That's it! No need to worry about the server, its utilization, configuration, or architecture. It's very easy to use, and we don't have to worry about disaster recovery or data centers. In a way, it's really helpful and cost-effective. Microsoft is taking care of everything on a pay-as-you-go basis.

The number of people required for deployment depends on the number of end users and departments. For example, an organization with 15,000 end users, 40 departments, and some generic requirements can deploy the solution using one L3, one L2, and two L1 people.

The fact that our organization continues to use Purview indicates that it provides some sort of return on investment.

We pay $15,000 per end user for the E5 license.

I would rate Microsoft Purview seven out of ten.

According to Gartner, Microsoft DLP is one of the top ten DLP solutions, but the top three are Trellix, Symantec, and Forcepoint. I prefer Forcepoint.

The maintenance is easy to complete.

I highly recommend that an organization use an E5 license if they are going with Microsoft because this will give them everything they need, including technical management, governance, and data management.

We are integrating Purview with Copilot. We are creating prompts in Copilot for whatever we require from Purview. There are multiple scenarios where we create something in Purview: eDiscovery, auditing, labels, and data loss protection alerts. It is something like the parent application for the data loss alerts.

The major benefit is the workflow inside Purview. While creating policies, we can add an organization's security groups and, for those particular users, we can control the user data or exfiltration. We can control the workflow of those users. If we want to exclude a particular channel that they use to communicate about sensitive data, we don't need to monitor it. We can just exclude it. That means we can include or exclude every individual step in their workflow. Based on our customers' requirements, because there are a lot of features in Purview, we can easily include, exclude, enable, or disable things. That is the major advantage of Purview.

Also, it has reduced false-positive alerts for data loss protection. Why? Because the policies or detection patterns are based on the normal or generic concepts that apply within each organization. Each will have its own set of policies. And that generates fewer alerts. An organization can have particular data monitored, and that can be changed from organization to organization. As a result, there is a lower chance of false-positive scenarios.

My favorite features are eDiscovery and insider risk management, because these are the major threats to an organization that can't be easily traced.

Also, there are multiple rules within Purview related to cloud applications. Purview's major focus is on Microsoft Azure and its Microsoft cloud-related applications, such as Exchange, OneDrive, SharePoint, et cetera. They have created a set of rules and added workflows to the policies as well. That means we can directly add those particular cloud workflows to the policies. Alerts can be triggered and workflows implemented based on the rules that we set while creating a policy inside Purview.

We also use Copilot, the next generation of ChatGPT. If you ask it: "According to Purview, what were the DLP alerts that were generating today?" it will take just five seconds to generate the data—whatever is available in the backend of Purview. Copilot is integrated with Purview. If a person is using Purview but doesn't have any idea how to operate it—meaning they don't know how to search for alerts—they can easily ask Copilot. They can create a prompt. That way, a non-technical person can get the data.

Also, all the required security products are integrated with Purview, including endpoint DLP.

I would like to see them simplify advanced hunting. There are differences when looking at an incident in the M365 portal versus Purview, and the main one is the advanced hunting. In the M365 portal, you can write KQL queries and fetch data. If that was available in Purview, it would be very good.

Another issue is that for incidents, only DLP alerts are available in Purview, not the incidents themselves. An incident consists of multiple categories of alerts belonging to multiple products. But in Purview, we can only see DLP alerts, yet those alerts could be part of an incident in the incident portal. We are not able to see if a particular alert ID is part of a given incident.

For example, if an exfiltration happens, the exfiltration-related alert will only be triggered inside of Purview. But it's possible that before the exfiltration, there was a kill chain there, such as initial access, privilege escalation, a user being compromised, or a brute-force attack. Those types of alerts are not available inside Purview. They are covered in other Microsoft products. All those products' alerts will combine into one case and generate an incident as a single story. But in Purview, the incident is not available.

I have been using Microsoft Purview since it was introduced. I am part of our Purview team.

With Purview itself, I have not faced any issues, but there have been some with Copilot.

The scalability of Purview is eight to nine out of 10.

The price is a little bit high, but it's worth the money because it has a lot of features. And there will be more features in the future.

My advice is that you need to understand the architecture of Purview first. Play with it and go through the data loss policies. Whoever is using Purview should have some idea about data loss protection policies. If you have these things, you can easily do things in Purview, such as labeling and IRM.

There is no maintenance. As a user, you just see the alerts, while the protection is taken care of by the Microsoft team.

I was working for a nonprofit here in Kansas called Children International. I was a global data engineering manager, and I was tasked specifically with developing a data governance program. And at the same time, that's right when Purview came out. So I spent a year in that realm. I've been very plugged into Purview ever since.

The main use is data governance. Now, not every firm is necessarily at that maturity level when it comes to understanding data as an asset. So, a lot of companies can use it just as a data dictionary, a business glossary, which is nice, but it doesn't give the entire picture of what Purview can actually do, and so, actually, there were a dozen of implementations of Purview that I have been a part of in the past. I've led as a consultant and an architect. I'd say maybe I have used twenty-five percent of every feature that it has to offer. I am still kind of catching up with the rest of the features.

Microsoft Purview breaks down barriers to sharing information, accessing data, understanding what a piece of data means, how it is defined, how it's interpreted, and then how the end user uses it. So, with Purview, when it's best used, and it is at its best when the end users are the ones that are very involved because they're the ones who are going to be using it. Its users can see the support, and it grows year over year, you know, a kind of revenue measure. I don't know how exactly this is created. Also, I don't know what fields it uses. I don't know exactly what this means. We have a different department in the company that may need this. So they feel the need to go out and then hop to Purview. So it definitely knocks down a lot of barriers. It eliminates a lot of needless communication between different departments, and it just centralizes all information about an organization's data assets.

Speaking of the valuable features, I would speak on behalf of my clients, considering how it seemed when it was implemented. So, the sensitivity labels are big. The insights are also very nice as it gives the visual representation of being able to look at what or how the data storage is performing, especially monitoring if they are tagging technical assets or if they are adding business glossary terms. So, that's big, along with the basic features of Microsoft Purview. I'd say the last one that is very big with most clients is data lineage and being able to integrate that end-to-end flow component kind of so they can see that this is data from a Power BI dataset, and then they can follow where that dataset is coming from like it's from a SQL query in a Power BI report itself and data coming from a SQL Server, etcetera, etcetera.

The out-of-the-box connectors and being able to connect to third-party apps and data storage were some of the areas where they started off strong, but that's something that I think needs to continuously be at the forefront of the developers and the engineers for Purview to make sure that it is constantly up to date and can talk with any data source that it may need within a data state. So I would say that's not necessarily a con, but it's a possible weak point that could be strengthened.

I've been implementing Microsoft Purview with my clients for three and a half years. I'm a consultant for a Microsoft partner.

I think Purview, in terms of its stability, a lot of people think Purview itself is for data governance. Whereas data governance is something that is more like how we now view, let's say, Toyota six sigma or Agile, where it's kind of embedded in an organization and kind of culturally and throughout the work that's being done, it's kind of embedded in the network. I think Purview is kind of the same way. So, data governance operates in the same way. It first needs to be adopted and agreed upon by those that will be using it. Purview is the tool, and that's, like, the actual interface, and that's the actual, you know, that's the tool that allows it to be done. But in terms of stability, I think Purview does as good a job as it can of providing a foundation to make stability with data governance as easy as possible for those that manage it, but it does come down to those that are in charge of Purview itself to make sure that it stays stable. Well, I won't just say stable. I'll say that it is as stable as the data governance maturity that exists within an organization. It can't be more stable than that.

Scalability is fantastic considering their pricing since it addresses their pricing where it can have your incremental scans, which can cut down on your computing costs. That's great for scalability. So, if you have more data and you need to scan more and more, you don't need to scan the exact same data again and again and again. You may be okay only scanning the entire database maybe once a week, and then, let's say daily, you have incremental refreshers that help very much, or that help a lot with scalability. I think as more an organization scales and the more that it uses Purview with that scaling, the more you can get out of it, and the more it'll end up helping the organization, the more the stewards that are in their tagging things, the more that data is suggested, and that triggers are set up for ingestion runs. The more it scales, the better it is.

I have spoken with Purview's product team consisting of engineers who created Purview that writes the documentation that will work on bugs hands-on. Also, I've been a part of a lot of conversations, and I provided a lot of feedback in terms of improving Purview itself as a product and how we use it with our clients. So, there's been a lot of collaboration on that.

Considering Purview, I rate technical support a ten out of ten.

Positive

There was not one solution. There were multiple solutions like Profisee involved. We also had Atlas and kind of a lot of commingling of those two and kind of piecemeal together solutions between a lot of those to do a Purview does. So not a whole lot, I guess, is what I'm trying to say.

The deployment of the solution was done on Azure. A majority of our deployments for our clients are through a private cloud, and they're locked down with private DNS zones and custom DNS records on the back end if they're on their own servers and private endpoints as well. So fairly locked down, especially with where we talked about a lot of the data being sensitive and a need for it to be protected and monitored. Well, if data needs to be protected and monitored, then it likely is going to be needing something to be secure. So it's all been on a private cloud so far.

I was involved in the initial deployment of Purview. The initial deployments were actually straightforward because we were figuring out about the features, and found that it was a little less feature-rich, so there was less of a question. And it hasn't given us the time to figure out where it works well or where it doesn't work well, and if we need to bring in consultants or can we do this in-house. As Microsoft Purview got a little more mature, the deployments got a little more complex, as we were kind of seeing that there are a lot of ways, like there were a hundred ways to do one thing or less. I think that applies to anything in software. But it applies to Purview as well and where we control access to a given data source while figuring out if we should use the policies and governance features within Purview. We also thought if we should do it in Azure portal using RBAC or should it be elsewhere. So I think we passed that part, and then now we're going to get back to some smooth deployments, and a lot of them will be templatized, you know, whether it be in ARM templates or Bicep like Terraform. Overall, at first, the setup process was fairly smooth to moderate.

I have not been able to conduct any actual ROI analysis on Purview just because it is hard to measure those kinds of intangibles of how those results show up. But they absolutely show up if we consider data to be an asset. Also then, it can also be a liability, just like something that would be like a can of soup on the shelf in a restaurant. That's an asset as it exists then, but also there can be hazards. So, if it's a large pallet, it could fall and cause damage. So, data cost would be a liability. I think that it is not something that currently appears on the balance sheet and can be cut to draw that line, but I think it'll be made much clearer in the near future, especially as we've become more and more data-saturated and we'll be more conscious of the value of data. Regarding ROI, I have not done any analysis in that realm, but I have full confidence that there are real ROIs that do exist and that will show up one way or another in the future.

Price-wise, I think it's very generous and accessible to not just enterprises but small to medium-sized companies as well. I think it's very fair in terms of how they break apart the storage and the actual computing, and that makes it very accessible. So, that is a very big plus for Purview. I think a lot of clients and organizations would feel that way as well.

On the time front, I can absolutely speak about the cost of the solution since time is money. Saving analysts or developers, or engineers time can add or translate into actual savings if you can do the right calculation. But just to stick on that time front, I've seen it cut down, let's say, a given team, or a data governance team, I'd say, in a reduction of fifty to sixty percent of the time that would be spent answering maybe questions for other parts of the business about what a certain data means or where this data lives, they can just point them into certain directions, and they can point them to Purview and have those answers or have or have this questions answered. So that's a big part. And then also being able to have those ties from the business to IT and being able to bridge that gap and being able to have a technical asset ingested from the data side or, from the technical side, and then being able to get the business to interact with that as well. I would say that total savings in terms of on a team-to-team basis, I could see anywhere from fifty to seventy-five percent reduction in time spent on those activities just by having Purview.

After looking through other options, we decided for our clients that in these situations where they're already in a Microsoft data environment in terms of their data, whether it's living in Azure or on-prem, but the analytics that they're doing, whether it be with Power BI, with Synapse and Data Factory, it integrated so well.

Speaking about the importance that Purview delivers data protection across multi-cloud and multi-platform environments, including AWS and Google Cloud Platform, I would say that it's very important, and I am going to lean on the side of this that has to do with data protection in terms of international data protection and various laws that kind of force data to stay in certain places. For example, I have one of my clients, which is a Fortune 100 company, and they have three different main regions around the world, including Asia Pacific, the EU, and the US. They had a lot of financial data that were in these three regions, but they couldn't cross each other even though it was the same data that was being used in the same applications, but it was difficult due to various barriers and regulations for the actual data control. Hence, they couldn't pass between each other. So that was kind of an issue. We had to actually go and deploy multiple instances of Purview. We had a dev and a prod instance in these three regions. That was definitely very important, and that was because of not only regulations but because of their desire to keep their data private, secure, and kind of locked down.

Speaking of how important it is for me that Purview can connect to iOS, Mac, and Android devices and data in other SaaS apps, it is not very important as it's typically with legacy databases and data warehouses.

Regarding Purview's data connector platform for supporting ingestion from non-Microsoft data sources, I think it's very robust, and out of the gate, they included a data connector that you can plug in straight to Amazon and SAP. I believe now that they have some connectors for Salesforce and things like that and Snowflake. So they are absolutely staying right on or ahead of the curve when it comes to making this kind of making sure that the interoperability between other vendors as well is taken into account, which is awesome.

Speaking of how important is Purview's natively integrated compliance across Azure Dynamics and Office, I think it's very important, and it does it very well. I mean, literally without a problem. It's completely seamless, and so it does that perfectly.

Speaking of how important it is to me that Purview was built taking into account critical regulations from around the world, I think that it is very important. So, that's what kind of gave birth to the original classifications for 200 or so out-of-the-box classifications for a lot of data for possible credit card numbers, passport data, and ZIP codes in different countries. They were definitely aware of that, and you could tell from their design process they keep updating those. And so that was definitely built with that in mind for sure.

I have never used Purview for data loss protection. Typically, in these solutions, when we're deploying Purview, they're usually at a stage in their data platform maturity where they already kind of have that taken care of elsewhere.

Speaking of whether Purview helped reduce the number of solutions I need to interact with, I would say that I don't think so because I think data governance exists kind of outside the solution's architecture for these kinds of things. So, I'll say no, but that's not in a bad way. It's just not its job, in my opinion.

In terms of Purview's visibility, I think visibility is the most significant part since that's kind of what it does as long as it's set up correctly and maintained by the data stewards and the business experts. The domain experts that actually know how to interpret these business glossary terms and can link them to data assets, then it is the most useful tool out there.

I haven't used Microsoft Purview's automation. However, I have used Purview's AI since we have had a few situations. While not many organizations have had to do this, we had two instances of Purview in a given tenant, which would be dev and prod. So, we would use some APIs and some Purview CLI. We automated a lot of those processes. Also, it's workflow automation in terms of approvals and sign-offs from a given definition being changed or a term being added and being able to send that to the right people, especially by sending an email to the right group for approval. So the automation piece is huge. I have not yet been a part of, or I have not, used any of the AI-related features.

Speaking of how automation affected my speed and accuracy of risk detection, I would say it went very well, especially when dealing with financial data or when dealing with possible credit card data, personal information, and health data. In PII or PHI, being able to have those classifications kind of flag that data if it comes through, and then being able to mask it or identify those is something huge. So, that's probably one of my favorite features considering how it's integrated into the various protection services that Microsoft and Azure have to offer.

Speaking of how automation affected the quality of the insights I have, I would say it has more to do with speed on that front. Also, it's going to be as good as the developers, data stewards, and experts working on it. As you know, it'll be as good as the effort that they put in to constantly go through and curate or update a certain classification, including what the threshold may be to make sure it's catching all of where it needs to cache for risk detection or risk mitigation. And there's definitely a one-to-one relationship that is a very linear relationship. So the more end users and stewards are involved, the more you get out of it in terms of every feature that it has to offer.

Regarding Purview enabling me to show my compliance in real-time, I would say that I believe that there are some integrations that I have not personally, which I think came out in Purview the last time when I was very heavily involved with Purview, which is maybe four or five months back. So, I have not used those yet. But in terms of real-time, I don't think we have used it yet. But I'm sure we'll do that eventually.

Regarding whether Purview helped to reduce the time to action needed for insider threats, I would say it has, especially in the context of early detection for possible sensitive data, like health data, credit card information, and things like that, and being able to alert the right parties. So, they can make decisions on whether they need a mask or not or if there was a problem with the actual data source, whether the data kind of slipped through, and if it should have been taken out. So, definitely, it works in that kind of early detection there and in terms of the speed of making those decisions.

I would say that Purview has helped save time and money for my clients. So, it's definitely a long road for data governance, and a lot of the benefits aren't necessarily very tangible, so they might not show up on the balance sheet. However, data is an asset and needs to be treated as such. Hence, those who implement these data governance programs and who use Purview to do that are absolutely gonna be ahead of the curve, and we'll save countless dollars and time. I mean, the savings start immediately. So, down the road is when you really see those effects come up.

I would agree that Purview has affected my ability to stay on top of compliance.

Regarding others who are looking into evaluating the solution, I think they should prepare by making sure that the individuals or the teams that internally exist that are in charge of or that have a very large say, and how data governance is or functions within that organization, they need to be on board and they need to be willing to kind of to go through the motions and be okay with having an iterative process once Purview is deployed. It's not all going to be solved on day one, and they're not going to have everything that they need right away. Again, it's a tool that their data storage and domain experts can use, I would say.

As I am trying to be as unbiased as possible, I would suggest those planning to use the solution contact Microsoft since there are a lot of financial incentives and reimbursements, and discounts that exist right now, also in the past, and in the future, I would assume that for Purview's demos and PoC engagements. So, trying to find or just having the first part, which is the internal understanding of what data governance is and what they want out of it, while the second part is Microsoft does very well by tucking in partners that can show them ropes.

Since there were some features recently that maybe I haven't been able to test, I rate the overall solution a nine out of ten.

We use Microsoft Purview to protect sensitive transactional data. We can control organizational policies such as who can monitor the system and how data is shared between managed apps and enrolled devices. We create the data loss prevention policy.

Purview can deliver data protection across multi-cloud and multi-platform environments. For example, we can set up a multitenant environment across different vendors and control Purview through Azure. Our enterprise licensing allows us to extend the connectors and tokens to other vendors. Once the connectors are active, they streamline the same functionalities and policies across the data on the other clouds.

Purview can connect to iOS, Mac, Android devices, and other SaaS apps, provided that we have created enrollment profiles for the other devices in Microsoft Azure. We can then monitor those devices from a central Microsoft location.

Microsoft Purview's natively integrated compliance across Azure Dynamics 365 and Office 365 is important because all escalation auto breaches from Microsoft or our data loss prevention policy will be highlighted to our program manager and portfolio manager. Therefore, we must treat this as a service-level agreement breach. The most important thing is to ensure that we are alerted whenever sensitive data is sent across 18 servers, Microsoft Office 365, or by people using their hybrid environment to connect to Office 365.

It is important that Purview was built taking into account the critical regulations from around the world because one of the accounts I support is a financial institution from the UK with offices in Europe. As a result, we have new regulations to comply with. We had a different region-wide DLP setup for the UK and Europe, but we needed to ensure that it was within the new Purview system and that data could not move out of it. To achieve this, we have people in Europe working on certain governance and risk portfolios that we have created using Microsoft Azure and Purview. We also share this information with our audit team, which comes in from outside to verify it every quarter.

We have an in-house process for handling policy violations. Purview's DLP for remediating policy violations helps us. For certain categories of transactional and social ethics violations, we capture data on any copying of sensitive data. This is because sensitive data should not be shared. We capture this data using our exchange server. It is difficult to share sensitive data, but we can capture it. We then share this data with our ombudsman team. The ombudsman team will review the data, including the timestamps and users involved, and determine what action to take. In rare cases, the person responsible for the violation may be removed from the team or organization.

Awareness of mobile device monitoring must be shared across the organization, especially with end users who may not be aware that their actions are being monitored. Training should be provided to all users of enrolled devices, regardless of whether they use Intune or another endpoint server. There are three sets of training, End-user training, Admin training, and Global provider user training.

Over the past two years, we have improved our relationship with external auditors. In the first year, it was challenging to implement DLP policies. However, in the second and third years, we have had fewer than ten violations. These violations were typically due to users accidentally accessing sensitive data without their knowledge. We have been able to significantly reduce our policy violations in the past three years using Microsoft Purview.

Purview has helped us reduce the number of solutions we need to interact with each other. We used to have a lot of L1 tickets that came in earlier, where there was a policy change or configuration change being done. And then we didn't have a proper change process or control over the data that had been accessed, because it was in a shared model. This led to SharePoint violations. Now that this has been reduced, we have proper version control, and anyone accessing these resources must check IAM. As a result, those L1 tickets, which were more than a thousand in the first year, have been reduced to less than a hundred or so, in terms of SharePoint access violations. So, this is one area where we have seen a significant drop because the IAM and the user's profile now determine whether they have read and write access.

Our visibility into our estate has improved significantly with Purview. We started a pilot project, and the project manager who owns this portfolio is already running the show, even before the policy is set for the organization itself. This level of visibility was tested in a small pilot project, and now the project manager has full visibility.

Microsoft Purview allows us to demonstrate our compliance in real time. On the default dashboard, we can see the number of phones that have violated the DLP policy that we created. We can then determine which standard was breached, such as ISO or BIS. We use Purview for weekly compliance calls with the client as well.

Purview helped streamline our meetings with compliance regulators by making it easier to share data with them.

Microsoft Purview has helped us reduce our time to action on insider threats. Before Purview, we manually managed our insider threat detection process using a weekly Excel report with a macro. This meant that if a breach occurred on Monday, we would not review the report until the following Monday, resulting in a one-week time to action. With Purview, we can now take action as soon as Purview detects the violation.

Purview has saved our admin teams 99 percent of their time spent investigating violations. In terms of cost savings, Purview is included with our E5 license. The savings are significant.

Purview helps us maintain compliance. It gives us full control over our data, and when there is a violation, we can follow our established procedures to decide whether to call the ombudsman or if the process setup is sufficient.

Purview helps mitigate risk and allows us to govern the information being shared among apps and devices. Purview can restrict access from even the smallest threats, such as a mobile device trying to access and manage apps.

I would like to have AI functionality on the dashboard to help me analyze and report on the data that we capture using Purview on a daily basis.

I have been using Microsoft Purview for three years.

Purview is stable and always available because it is a SaaS service, which means we don't have to worry about the infrastructure.

Purview is scalable depending on the number of transactions we want to monitor per day. 

Whenever we had an issue with Purview during the test phase of setting up DLP, we would call Microsoft Premium Support. They responded immediately and assigned a support engineer to our case right away. The support engineer would escalate the issue to their internal product group team, who would update Purview on the backend with a patch. The product group team would then let us know that our feedback on the product had been accepted and that they had worked on a solution, which would be released within the next week or quarter along with other updates. Overall, we were very pleased with their support.

Positive

Before Microsoft Purview, we used a feature in Intune called data analytics to record what users access and the transactions they perform. However, this data was not meaningful, and there was no way to filter it to identify breaches. As a result, we had to manually review all of the transactions for all users in the organization to see if any were violations.

Microsoft Purview is able to capture breaches because we use tags to properly understand the data and identify violations. For example, we can tag all transactions involving credit card numbers. When we run the ETL tool, it uses the tags to identify transactions that may be violations.

Initially, deployment will occur once the data is confirmed by the ETL team and properly ingested. This process typically takes a few weeks, depending on the volume of data. Once the initial deployment is complete, we will design and test the DLP and UAT systems. This process typically takes two weeks to a month.

Once it is deployed to production, any future changes or updates must be approved by a cabinet review board, and we must have a rollback plan in case anything affects production.

We have eight engineers who work at different levels to ensure that the data is furnished correctly, regardless of whether it is structured or unstructured, how it is being populated, or where the data loss prevention process runs daily. We also have a couple of managers and a scrum leader, as well as a portfolio manager.

When we implemented Purview, we were able to reduce our staff by 60 percent. We no longer need compliance officers to manually check spreadsheets for changes or breaches. In addition to the staff reduction, we have SLAs that require us to pay penalties to our clients if there is a violation. With Purview, the number of SLA breaches has been significantly reduced, saving our organization over one million dollars.

Microsoft Purview requires a Microsoft 365 license and is included with an E5 license. The license is expensive, but it is worth the cost because of all the tools it includes.

I would rate Microsoft Purview nine out of ten.

Purview is a cloud-based SaaS product. We keep our sensitive data on-premises, but we export a de-identified version (.NET) to the cloud in order to review reports for violations.

I recommend Microsoft Purview, especially for organizations that are already using Azure. Purview can be used to extend their risk governance capabilities in a seamless manner. There are other solutions available, but Purview is flexible and offers hybrid, cloud, and on-premises options with connectors for other vendors.

We are a partner and work with different organizations. We go through a number of activity phases, such as initial discovery, understanding their data to see what is and is not sensitive, and then using Microsoft Purview. 

We use Microsoft Purview to provide sensitive information in building out a roadmap in terms of classification, protection, and lifecycle management. We then determine what kind of use case is most common for other work we would look for and fill in the gaps with the customer. Microsoft Purview's vast features and capabilities really depend on what we learn in those workshops and where that organization is looking to go over a period of time. So if one of the key areas is the mitigation or prevention of data breaches, we can help with that. 

We can also help protect content, especially when it is sensitive and involves individuals. We can also help businesses change their processes to help ensure users know what their preferences are and how to use the user tools.

Microsoft Purview's ability to deliver data protection across multi-cloud and multi-platform environments, including AWS and GCP, is very important. It helps organizations realize the investments they have already made and how they can further expand those investments to another remote type of Microsoft workflow. Microsoft Connect has been used to centralize these workflows, and the ability to import existing records management processes and policies into the file plan in Microsoft Purview allows organizations to bring compliance into a central location. This helps to manage costs and improve efficiency, as users can go to one area to leverage basic facilities without having to use separate tools.

It is important for our clients that Microsoft Purview can connect to iOS and Android devices. With many people now working from home and using their own devices, there is a need to manage these devices. Microsoft Purview's conditional access and endpoint management capabilities help organizations to protect their data, regardless of the device being used.

Purview's natively integrated compliance across Azure Dynamics 365 and Office 365 is important. However, it is also important to ensure data privacy with its data as a whole from a compliance perspective. This means ensuring that we can meet the requirements of 2701 controls and that people know the processes, technology, and relevant skills. CRM controls information about potential customers and opportunities, so it is important to ensure that we are compliant when handling this data. We also need to make sure that updates to Purview are made as needed and that our team is able to stay on Office 365. Having a strong compliance program is essential for any organization that handles sensitive data. By taking the necessary steps to ensure compliance, we can protect our data and our customers.

It is critical that Purview is built around global regulations. This is because we have different types of customers, some of whom operate slowly. There is a rack with some regulations, and we have the US. We also have a rack with different regulations that are up-to-date, but they are only safe in some areas. This means that we need to be able to control, face, or bank on system regulations. This is very important to me and the customer because they can be very tricky.

Purview's DLP can be used to remediate policy violations. A number of kinds of DLP rules can be leveraged, such as sensitivity labels, data classification, and sensitive information protection plans. This means that it is not enough to simply provide people with the technology, they also need to be trained on how to use it effectively. Through the use of an ERP system, a number of policies can be set up. This insight can then be used to make meaningful decisions about how to rate the data on the system. This will help to understand how the data is costing the organization. If the organization does not have the necessary internal controls in place, new protection and encryption measures may need to be implemented. This is primarily becoming step one in the process of working policies, understanding how the data is being used, making decisions about how to protect it, and then building a protection layer on top of that.

Data loss prevention education for users is important because it can help them to understand how to best protect sensitive data. This can be done by providing users with training on how to use DLP tools and policies, as well as by educating them about the risks of data loss. DLP tools can help to prevent data loss by monitoring user activity and blocking unauthorized access to sensitive data. DLP policies can help to define what constitutes sensitive data and how it should be protected. By educating users about DLP and the risks of data loss, organizations can help to create a culture of data security. This can help to prevent data breaches and protect the organization's data assets.

Purview helped reduce the number of solutions we need to interact with each other. I used the solution that crosses between Endpoint Data Loss Prevention, Microsoft Defender for Data, and Conditional Access to block specific types of information at different workloads. This made it easier to manage sensitive information. For example, if I have sensitive information today, I can easily block people from uploading it to Teams, SharePoint, or OneDrive.

The reduction in the number of solutions we need to interact with each other has had a significant impact on our pricing. In the past, we had to use a variety of different solutions to manage our portals, which was time-consuming and expensive. Now that everything is coming into Microsoft Purview, we are able to simplify our technical and environmental environment. This allowed us to reduce our costs and improve our efficiency. In addition, Microsoft Purview provides us with a central location to manage our data governance. This made it easier for us to comply with regulations and protect our data. Overall, Microsoft Purview has been a major asset to our organization.

Microsoft Purview expanded our visibility into our state by allowing us to see what is labeled, relabeled, and what is not classified. There are a number of different areas where Purview improved capability and overall cost. These are all different aspects of Purview, which is helpful for organizations. Purview has a point-in-time view, and it also has the ability to explore more granular data from the logs.

Purview helps to reduce the time it takes to take action on insider threats by around 50 percent. It requires planning and configuration, as well as two weeks of setup. The technical configuration is used to identify users and the types of activities they are performing. For example, users who sign into hundreds of documents within a few minutes of each other or delete large numbers of documents can be quickly identified and flagged. This allows security teams to send high-priority emails to the appropriate people in a timely manner.

Purview helps save our clients between 30 to 40 percent of time and money. 

Microsoft Purview's most valuable feature is its ability to identify content across a number of prescribed regulatory frameworks, including Microsoft, GDPR, PII, and UCC Financial. It can also help organizations identify content that is important to them but not specifically regulated. This is done by creating trainable classifiers and sensitive information types. The protection controls components are based on the perspective of the device. Microsoft Purview has been growing in popularity over the past few years, and it offers a number of tools that can help organizations manage their data.

Purview's data loss prevention for macOS endpoints has some limitations, and the end-user experience of recovering from a failure is lacking.

I would like to be able to search for labels using Purview to see what items are affected and the time periods in which they will be active. This would allow us to export the results for specific business areas, which would make our lives a lot easier. We could also use this information to identify sensitive information types and reduce false positives.

The utility system format, the policy tips and user descriptions of sensitivity labels, and the overall policy tips that are shown in the loss prevention policy have room for improvement.

I have been using Microsoft Purview for three years.

The stability of Purview has been good. It takes a bit of time for someone to configure it, but once it is configured, it is responsive. However, there are sometimes delays due to the speed of users' devices and their home network connections. This can be especially true for mobile devices and when users are using multiple apps at the same time. Microsoft also sometimes experiences delays in processing requests, which can lead to further delays in Purview. Overall, Purview is a stable platform with good uptime and resilience.

In terms of scaling Microsoft Purview, there are two main challenges: network load and data ingestion. Network load can be a problem if there are too many requests coming into the system. This can be addressed by adding more servers to handle the load. Data ingestion can also be a challenge if the company is generating a lot of data. This can be addressed by using virtual machines to store and process the data. As the amount of data grows, the number of VMs can be increased to keep up.

Our clients vary in size from 100 all the way up to 6,000.

Each setup is different. We have thousands of workshops, configurations, and design agreements followed by a baseline to mitigate of about 30 percent which we build on top of. The deployments can take anywhere between a few hours to a few months. We need to understand each organization to ensure that they understand the type of people process that is in place. Then, depending on the technology, we need to make sure that they have access to 365. This is implemented as a baseline, and our target operating model is also needed to ensure that they have the necessary functions. This will allow me to deal with the environment. We need a team of people to manage the deployment.

We implement the solution for our clients. Microsoft Purview is managed in a single location.

Microsoft Purview does not require any maintenance.

Our client's have seen a 100 percent return on investment. 

The pricing depends on the client's requirements and the number of applications.

I give Microsoft Purview an eight out of ten.

It is difficult to assess how much AI and automation affect our speed and accuracy of risk detection. This is because the effectiveness of AI and automation depends on how we train the system. There are a lot of sensitive information types that are prescribed by Microsoft. There are also a number of types that fit within another structure of sharing information. So potentially, we have a number of false positives, which means that we are relying solely on the information provided by the system. This is not something that I would push on an organization. Once we start updating the system, we need to make sure that we understand and compare the number of activities to identify and fine-tune the system. We need to do this a number of times before we can be really sure that the system knows our data. We also need to consider the AI side of things, which obviously allows for some risk. The identification of risk seems to be a matter of realizing confidence in the system's predictions.

It is difficult to assess how Microsoft Purview's AI and automation affect the quality of insights that we have. We have run this process effectively a number of times across different organizations, but this has raised some doubts. This is a bit of a shame, especially with the out-of-the-box solution from Microsoft. We are then asked to hold a number of workshops to review the results. This is because the system can operate with different accuracy levels and false positives. It is important to consider how we portray these insights and what the next steps will be. As a result, there are mixed reviews.

Currently, Purview does not enable us to view our compliance in real-time without some additional work to enable us to show compliance. This is because the visual displays rely on the time it takes to update the Microsoft SQL database, which can be delayed. We have seen cases where the displays do not reflect the actual data, and we have had to manually update the database to correct the issue. However, we can clearly see what data is due for disposition, deletion, and retention based on our policies. While it is not always easy to see this information, we have made improvements to make it easier. Overall, it is not a straightforward process, but we are working to improve it.

I recommend Microsoft Purview, but organizations should always conduct a proof of concept to ensure that their requirements can all be met before implementing the solution.

As a consultant, I work with clients to sell the idea of data governance. In doing so, we do POCs, proof of concepts, and MVPs, which are minimal, viable products. 

For Microsoft Purview, most of the time, it's also associated with other products -whether it's ADS, Synapse, Key Vault, Databricks, storage accounts, Kubernetes, et cetera. 

I also worked on a project to integrate it with processing. I created a data governance accelerator combined into two products, including Synapse, and we sell that to customers.

The data catalog, the data lineage, the data glossary, and the classification are the key features I appreciate, along with the tight security, and role-based security.

There are two flavors of Purview. There's the compliance, which it does the security and all that. And then there's the Microsoft side, which is the data side. I primarily work on the data side. 

I like that Purview can connect to IOS, Mac, Android, and other SaaS apps.

Its data connector platform for supporting ingestion from non-Microsoft data sources works really well. We can use it either through a self-hosted integration runtime or on a VM. Or it can capture data from just about anywhere. There are about 100+ connectors. It's great.

Its natively integrated compliance across Azure Dynamics is a game changer. Back in the day, we never had anything like that. It provides self-service. It provides easy look-up and glossary terms. It also requires a new role called the data steward which we never had before.

It was built to take into account critical regulations from around the world. Now it's no longer something that's nice to have - it's necessary.

Purview helped to reduce the number of solutions we need to interact with each other. If you were to do this custom, it'd be very difficult. It's so easy to use and stand up and configure. There are some configuration requirements that are not self-explanatory. It takes some research; however, we already figured out all those things.

Purview affected the visibility we have into our estate. Now we have a complete ecosystem of where the data is, and it's a lineage. It's a game-changer.

I've used AI and automation in Purview. That's what the scans are. It uses AI to determine the classification. It's built-in. It's under the hood. People don't see it.

Our speed and accuracy of risk detection are good. From a compliance perspective, it helps identify sensitive information by classification. 

The product has helped us save both time and money. From a time perspective, there's an initial upfront cost to stand it up and configure it. However, once it's running, there's very little to do. So there's a one-time hit up front for the implementation in configuration, yet downstream, there's significant time reduction.

Money-wise, it's the same thing. You're only charged for when you run the scan since the storage is minimal. So there are ways to reduce cost, and that is by running it less frequently. Also, there's a whole bunch of out-of-the-box classifications that aren't required. There are ways to increase your cost reduction. Of course, that is not self-explanatory. You have to work with it for a while to know that.

The one thing it doesn't do is data quality. That's its only pitfall. The problem is people think it does. So either they're not marketing it right, or, eventually, it's on the road map, and they haven't got to that part yet.

In order to get data in and out, you have to use custom code using Python. That's an inconvenience, and almost every customer wants that feature. For example, let's say I run some scans on some data, and then that data goes away. This issue is Purview still shows it. There's no easy way to clean up your orphan data. That's a problem.

I've used the solution since 2015.

The stability is very good. Microsoft is solid on the cloud. 

The scalability is quite nice. 

They just changed their model so that you're only allowed one Purview per tenant. So you either get the free one, which is limited, or you purchase the enterprise one, which costs money. However, you only get one per tenant. That's a change they made within the last two months. You can't have three Purviews in the same tenant anymore. That change required a redesign of how people implement it. That said, they are offering it for free. 

I've worked for Microsoft to help a client who was having difficulty. I documented it. We had a backlog where other people were experiencing the same problems. You can reach out via phone or email. 

I did not previously use a different solution.

I was involved with the initial setup. I also can configure it. There is quite a bit of configuration required as you need it to speak with other resources. 

The initial installation is pretty easy. It is like any install on Azure. You just enter a few parameters, and it builds it. Then, if you want to start adding resources, there's a bit of configuration. It only takes about ten minutes. However, you have to know which settings you have to add. 

Only one person is needed to deploy the solution. 

Once it is up, there is very little maintenance going forward.

The cost is pay-as-you-go. It provides easy ramp-up and very little maintenance down the road. If you want to shut it down, you just delete it. It's easy to use, easy to configure, and the costs aren't that great. 

I could see more and more companies using this going forward if they're already in Azure, and it's so easy to set up. It's a requirement now as well since data is the lifeblood of any organization. If you have bad data or you don't know where it is, or suffer from data silos, this will solve all that.

We're a Microsoft Gold Partner. 

I'd rate the solution nine out of ten.

Using the Microsoft unified cloud-based data governance is going to allow users to gather data across the entire ecosystem, classify it, place a glossary on top, and look at the lineage in addition to a whole bunch more. They have self-service policies and DevOps policies. Microsoft is heavily funding this tool, and it's now a requirement, not nice to have. Just about every Azure customer is going to incorporate Purview into their ecosystem, and it's going to help govern their data, which is an asset that will help companies increase sales, reduce costs, and streamline processes.

I'm an implementer and an integrator. In my last project, I used Purview for a government organization, so we primarily used it for data governance and data lineage. We haven't used it with Microsoft 365. It's a portal that takes data from SQL Server and the data lake. We mainly work on the data governance and security side. About 20 business analysts use Purview. The company has around 100 people in the department.

Microsoft Purview helps us manage data in various formats like Dynamic SQL. It performs two procedures. The primary function is to ingest the SQL database and modify the data type or column name. It also manages the data types and all the metadata related to the tables and columns. It puts everything in one place in the call view or the description pertaining to the business logic, plus the column-level descriptions.

It streamlines things by reducing the number of solutions that must interact with each other. When everything was done manually, each program maintained its own version of the Excel file. Now, it's in one central place, and I can go to Purview to manage the permissions.

By centralizing everything, Purview gives senior management greater visibility into their data. It also makes the data more accessible to non-technical people who need to access the data daily. It's easy for an admin to provide them access if they need to check something quickly. 

Purview checks compliance in real-time. It's helpful when we're meeting with regulators. We must follow European data regulations, so we must manage security and access. We need to show them a log of who had access, who gave it to them, and how many days they had access. That is all shown in Purview, plus other columns like the NHS identification numbers, etc. 

I rate Purview a six out of ten for its ability to help us stay on top of compliance. The product is still not mature enough. There are so many servers on Purview.

I like Purview's data discovery features. It automatically scans and identifies all the fields. In the last project, the customer required us to have some of the codes we specified in this, and we had to structure the codes in a specific way. We can define the structure. 

Previously, everything used Excel, so everyone had their own version of the same spreadsheet with different data, and they were managing it on SharePoint. That's why we moved it to Purview. 

Purview's privileged access manager helps us explore user access rights within the data lake. We use the data lineage and governance features. It can also explore secret data, but we still haven't implemented this feature. It has secure connectors for non-Microsoft sources, which is critical. We're bringing in files from storage. Purview connects to storage, scans it, and edits the required information. 

We've had a few issues with the scanner. It runs perfectly one day, and on another day, it will run the whole night. It's probably related to the rules. If I set some compliance rules and apply the rules to any column, I can't delete it. I have to disable it and reactivate it.

We have two instances. One is for everything, and the other is for the production environment. Sometimes there is a bug when the scan runs overnight. When we come in the next morning, it's still running, so we have to stop and restart it. This is costly.

I have used Purview for a year and a half. 

I rate Purview a six out of ten for stability. 

Purview is scalable. You can integrate it with on-premise solutions and third-party products. 

I rate Microsoft's support a seven out of ten.

Neutral

Our client was using Informatica. We used Purview for this project because the client has everything on Azure. It's better to use Purview when you work on Azure. We compared Informatica's available features with Purview's, and the client decided to go with Purview because of all the services in Azure. Microsoft is constantly adding new features to Purview.

Deploying Purview is straightforward. We deployed manually by creating services in Azure. The initial setup took five or six months. After that, we spent some time setting up the scan rules and defining the structure. I deployed the solution along with three other people. We worked with one or two people from Microsoft during the deployment. We have an excellent relationship with Microsoft, and they're helpful when we have any questions. 

We've seen a return from using Purview because it's more accessible to high-level managers without technical knowledge. 

Purview's price is pretty high when you factor in storage costs. 

I rate Microsoft Purview a six out of ten. It's a good service if you only use Azure. If you have an on-prem environment or use another cloud provider, you can compare Purview to other solutions.