Microsoft Purview

Microsoft Purview is a unified set of solutions that helps organizations govern, protect, and manage their data. It combines features from Azure Purview and Microsoft 365 compliance solutions into a unified platform. It addresses challenges like data fragmentation, lack of visibility, and evolving IT roles.

What is the use of Microsoft Purview?

• Visibility: Provides a clear view of data across the organization.
• Data Security: Safeguards sensitive data throughout its lifecycle.
• Governance: Enables comprehensive data governance.
• Risk Management: Helps manage data risks and regulatory compliance.

Components of Microsoft Purview

1. Data Security

Microsoft Purview offers a range of data security solutions to discover and protect sensitive information. These solutions help organizations create an up-to-date map of their data, classify it, and manage access securely.

Microsoft Purview’s data security solutions include:

• Data Loss Prevention (DLP): Helps organizations monitor and protect sensitive information by identifying, classifying, and preventing the unauthorized sharing or loss of data.
• Information Barriers: Restrict communication and collaboration between specific groups of users within Microsoft Teams, SharePoint, and OneDrive to prevent conflicts of interest or data leaks.
• Information Protection: Allows organizations to classify and label sensitive data, apply protection settings (such as encryption), and track the usage of labeled data.
• Insider Risk Management: Helps identify and mitigate internal risks by detecting and investigating suspicious activities by employees, such as data theft or unauthorized access to sensitive information.
• Privileged Access Management: Provides granular access control over privileged administrative tasks in Microsoft 365, helping to prevent unauthorized access and potential breaches.

2. Data Governance

Microsoft Purview’s data governance solutions enable organizations to manage data services across on-premises, multi-cloud, and SaaS environments. This includes tools for creating a data map, classifying data, and generating insights on data usage.

Microsoft Purview’s data governance solutions include:

• Data Catalog: A searchable inventory of data assets across the organization, providing a centralized location for discovering and understanding data.
• Data Estate Insights: Offers a comprehensive view of the data landscape, including insights into data usage, classification, and lineage.
• Data Map: Creates a visual representation of the data estate, showing the relationships between data assets and their lineage.
• Data Policy: Enables the creation and enforcement of policies to manage data access and usage across the organization.
• Data Sharing: Allows secure sharing of data within the organization and with external partners.

3. Risk and Compliance

Microsoft Purview’s risk and compliance solutions help organizations minimize compliance risks and adhere to regulatory requirements. These solutions include audit capabilities, communication compliance tools, and data lifecycle management.

Microsoft Purview’s risk and compliance solutions include:

• Audit: Tracks user and admin activities in Microsoft 365, providing a detailed audit log for investigations and compliance purposes.
• Communication Compliance: Helps minimize communication risks by monitoring and detecting inappropriate or sensitive messages in various communication channels.
• Compliance Manager: Simplifies compliance management by assessing the organization’s compliance posture, providing recommendations, and tracking progress towards meeting regulatory requirements.
• Data Lifecycle Management: Enables organizations to manage the lifecycle of data by defining retention and deletion policies to ensure compliance and reduce storage costs.
• eDiscovery: Provides tools for preserving, collecting, reviewing, and exporting content that’s relevant to legal or internal investigations.
• Records Management: Helps manage the retention and disposition of business records to meet regulatory and legal requirements.

The New Microsoft Purview Portal (Preview)

The New Microsoft Purview portal offers a streamlined design and unified experience for accessing data security, governance, and risk and compliance solutions. It features global search, solution cards, and centralized settings.

• The new Microsoft Purview portal aims to simplify data security and governance tasks.
• Microsoft provides regular updates and new features for Microsoft Purview.

How Microsoft Purview Works

Microsoft Purview automates data discovery by scanning and classifying data assets across the data estate. Metadata and descriptions of discovered data assets are integrated into a holistic map of your data estate. Microsoft Purview Data Map provides the foundation for data discovery and data governance. It is a cloud-native platform as a service (PaaS) that captures metadata about enterprise data in various systems, both on-premises and in the cloud. The data map is automatically updated through a built-in automated scanning and classification system.

Microsoft Purview Data Map powers several unified experiences within the Microsoft Purview governance portal:

• Data Catalog: Enables users to find trusted data sources by browsing and searching data assets. The data catalog aligns assets with business terms and data classification to identify data sources.
• Data Estate Insights: Provides an overview of the data estate, helping users discover the types of data they have and where it’s located.
• Data Sharing: Allows secure data sharing within the organization and with external partners.
• Data Policy: Offers a set of central, cloud-based experiences for managing access to data sources and datasets securely and at scale.

Benefits of Microsoft Purview

• Improved data visibility: Provides a holistic view of data across an organization, including on-premises, multi-cloud, and SaaS environments. This enables organizations to understand their data landscape, identify sensitive data, and track data lineage.
• Enhanced compliance and risk management: Helps organizations assess and manage compliance risks by providing tools for data classification, policy enforcement, and audit trails. This ensures that data is handled in accordance with regulatory requirements and internal policies.
• Increased data security: Safeguards sensitive data throughout its lifecycle by implementing data loss prevention, information protection, and insider risk management solutions. This helps prevent unauthorized access, data leaks, and other security threats.
• Better data-driven decision making: Empowers organizations to make informed decisions based on accurate, reliable, and up-to-date data. By providing insights into data usage, quality, and lineage, Microsoft Purview helps organizations understand the value and impact of their data assets.

Integration with existing Microsoft tools and services

Microsoft Purview seamlessly integrates with various Microsoft tools and services, including:

• Azure: Microsoft Purview is built on Azure, leveraging its scalability, security, and compliance features. It integrates with Azure services like Azure Data Lake Storage, Azure SQL Database, and Azure Synapse Analytics to provide a unified view of data across the Azure ecosystem.
• Microsoft 365: Microsoft Purview integrates with Microsoft 365 compliance solutions, such as Data Loss Prevention (DLP), Information Protection, and Insider Risk Management. This allows organizations to extend data governance and protection policies to Microsoft 365 applications like Word, Excel, PowerPoint, and Outlook.
• Power BI: Microsoft Purview integrates with Power BI to provide data lineage and impact analysis for Power BI reports and dashboards. This helps organizations understand the flow of data into Power BI and assess the impact of changes to data sources.
• Microsoft Fabric: Microsoft Purview’s integration with Microsoft Fabric allows users to:
  • Automatically view metadata about Microsoft Fabric items in the Microsoft Purview Data Catalog with live view in Microsoft Purview.
  • Discover, classify, and protect Fabric data using sensitivity labels from Microsoft Purview Information Protection.
  • Detect upload of sensitive data into semantic models using DLP policies.
  • Log all Microsoft Fabric user activities in the Microsoft Purview audit log.

Automated data discovery and classification

Microsoft Purview automates the discovery and classification of data assets across the data estate. It uses various techniques, including:

• Scanning: Microsoft Purview scans data sources to identify and catalog data assets, such as tables, files, and folders. It extracts metadata, such as schema information, and classifies data based on predefined or custom classification rules.
• Classification rules: Microsoft Purview provides a set of built-in classification rules to identify common data types, such as credit card numbers, social security numbers, and email addresses. Organizations can also create custom classification rules to identify specific data patterns or types relevant to their business.
• Machine learning: Microsoft Purview uses machine learning models to improve the accuracy of data classification. These models can learn from user feedback and adapt to changing data patterns.

Policy enforcement and access controls

Microsoft Purview enables the creation and enforcement of policies to manage data access and usage. It provides a centralized platform for defining and managing policies that can be applied to data sources across the data estate.

• Data access policies: These policies define who can access specific data assets and what actions they can perform on them. Microsoft Purview supports role-based access control (RBAC) and attribute-based access control (ABAC) to provide granular control over data access.
• Data usage policies: These policies define how data can be used, such as restrictions on copying, printing, or forwarding data. Microsoft Purview can enforce these policies by applying encryption, watermarking, or other protection measures to sensitive data.

Use Cases and Scenarios

• Financial organizations: Utilize Microsoft Purview to consolidate financial data from multiple systems, ensuring accuracy and timeliness in reporting.
• Retail and manufacturing companies: Leverage Microsoft Purview to create a 360-degree view of customer and product data, improving analytics and operational efficiency.
• Healthcare organizations: Employ Microsoft Purview to manage and protect sensitive patient health records, ensuring compliance with privacy regulations.

Implementation and Deployment of Microsoft Purview

1. New Customers

• If your organization is new to Microsoft Purview and does not have an existing account, you can start with the free version, which offers basic data governance features.
• The free version allows you to explore and familiarize yourself with the platform before deciding to upgrade to the enterprise version.

The following are the prerequisites for starting a trial version of Microsoft Purview:

• Eligibility: Must be a Microsoft 365 E3, Office 365 E3, or Enterprise Mobility and Security E3 customer without an existing Microsoft E5 license package. The trial is not available for Microsoft 365 Government customers.
• Licensing: 300 Microsoft 365 E5 compliance licenses are automatically applied to your organization for 90 days.
• Roles: A user with the role of Billing Administrator, Compliance Administrator, Compliance Data Administrator, or Global Administrator can start or end a trial.

2. Existing Azure Purview Customers

• If you are already using Azure Purview, you can seamlessly upgrade to the new Microsoft Purview experience.
• This upgrade provides access to enhanced features such as live view and tenant-level administration, improving your data governance capabilities.

3. Upgrading to Enterprise

• Organizations can upgrade from the free version to the enterprise version of Microsoft Purview to unlock the full range of data governance features.
• The enterprise version offers comprehensive capabilities for managing data sources, collections, scanning, classification, policies, and more.

4. Best Practices

• Involve the right stakeholders, including data owners, stewards, and IT professionals.
• Define clear objectives and goals for data governance.
• Start with a pilot project to test and refine your approach.
• Establish a governance operating model with defined roles and responsibilities.
• Develop a comprehensive data catalog and data map.
• Implement data classification and labeling.
• Enforce data policies and access controls.
• Monitor and measure the effectiveness of your data governance program.

Microsoft Purview Pricing

Microsoft Purview operates on a subscription-based, pay-as-you-go model. Several factors influence the overall cost, including the specific applications utilized and indirect costs associated with managed resources and infrastructure.

Microsoft Purview Pricing

Direct Costs

Direct costs are tied to the specific applications you use within Microsoft Purview. The document highlights the following applications as contributors to direct costs:

• Microsoft Purview Data Map: This foundational component is charged based on capacity units (CUs), which encompass both storage and operational throughput. Each CU includes a set amount of storage and operations per second. The system automatically scales based on usage, and you are billed hourly for the maximum CUs needed within that hour.
• Data Estate Insights: This application is billed based on two dimensions: report generation (triggered by changes in your environment or scheduled refreshes) and report consumption (accessing report features).

Indirect Costs

Indirect costs are not directly tied to specific applications but are incurred due to the infrastructure and resources required to support Microsoft Purview. These costs include:

• Managed resources: Costs associated with Azure resources like Event Hubs namespaces, which are used for monitoring events and can be configured within Microsoft Purview.
• Azure private endpoints: If you utilize private endpoints for secure connections, there are associated costs based on the hours of usage and the amount of data processed.
• Self-hosted integration runtimes: If you use self-hosted integration runtimes for data scanning, you will incur costs related to the virtual machine’s uptime and the duration of scan runs.
• Multi-cloud egress charges: Minimal charges may be added for scanning data sources in multi-cloud environments (like AWS or Google Cloud), except for S3 and RDS sources.

Free vs. Enterprise Versions

Microsoft Purview offers a free version with basic data governance features. Organizations can upgrade to the enterprise version for full functionality. The enterprise version’s pricing is consistent with the classic Microsoft Purview governance experience.

For detailed pricing information, you can refer to the Microsoft Purview pricing page and utilize the pricing calculator to estimate costs based on your organization’s specific usage patterns and requirements.

Microsoft Copilot in Microsoft Purview

Microsoft Purview’s Copilot is an AI-powered tool that can assist in various tasks, including summarizing alerts, triaging alerts, and drilling down into data.

To use Copilot in Microsoft Purview:

1. Enable the Microsoft Purview source in Microsoft Copilot for Security:

   • Go to the Owner settings in Microsoft Copilot for Security
   • Set the “Allow Copilot for Security to access data from your Microsoft 365 services” toggle to On
   • Open Sources in the prompt bar and set the Purview toggle to On

2. Once enabled, you can use Copilot to:

   • Summarize alerts
   • Triage alerts
   • Drill down into your Microsoft Purview data

Examples of Copilot usage:

• Ask Copilot to show you the top five DLP alerts from the past 24 hours
• Request a summary of a specific DLP alert
• Get a risk summary of a user
• See all the activities that a user has performed over the past 30 days

Copilot in Microsoft Purview is a powerful tool that can help you to quickly and easily get insights from your data. By using Copilot, you can save time and improve your efficiency when investigating alerts and triaging risks.