Whenever you go for any risk management solution, you need to understand the criticality and sensitivity of your organization when it comes to risk. Once you have done that, I would prefer Purview because it is an easy, out-of-the-box solution. It has predefined features. If a person has a basic understanding of IT security and information security, he can easily tweak those policies after a month or whatever time frame the company chooses and it works seamlessly. We use Office 365 as well as Microsoft Defender and other Microsoft services for other purposes, like risky sign-ins or email forwarding. For example, if somebody is trying to forward their entire email box to a private email, that is something that is not permitted by our company's policies. We use different tools for different purposes. We use Purview more for data classification, categorization, and internal risk management. We use AI and automation for risky logins and risky sign-ins but not in Purview for internal risk purposes. We have defined policies for PII, things like passport or social security numbers, et cetera. The policy covers seven or eight types of PII information and would generate a high alert on this type of information.
Microsoft Security’s suite includes products that provide organizations with integrated security, compliance, identity and access, endpoint management, and privacy management solutions.
Whenever you go for any risk management solution, you need to understand the criticality and sensitivity of your organization when it comes to risk. Once you have done that, I would prefer Purview because it is an easy, out-of-the-box solution. It has predefined features. If a person has a basic understanding of IT security and information security, he can easily tweak those policies after a month or whatever time frame the company chooses and it works seamlessly. We use Office 365 as well as Microsoft Defender and other Microsoft services for other purposes, like risky sign-ins or email forwarding. For example, if somebody is trying to forward their entire email box to a private email, that is something that is not permitted by our company's policies. We use different tools for different purposes. We use Purview more for data classification, categorization, and internal risk management. We use AI and automation for risky logins and risky sign-ins but not in Purview for internal risk purposes. We have defined policies for PII, things like passport or social security numbers, et cetera. The policy covers seven or eight types of PII information and would generate a high alert on this type of information.