Previewing Azure Purview

By - March 18, 2021

What is Purview?

We are going to be talking about Azure Purview in this post. No, that is not a typo of the word Preview. While Azure Purview is in public Preview, this solution has the ability to change how companies discover and manage sensitive data.

In late 2020, Microsoft released Azure Purview with public preview availability. The Microsoft definition of Azure Purview reads as follows: “Azure Purview is a unified data governance service that helps you manage and govern your on-premises, multi-cloud, and software-as-a-service (SaaS) data. Easily create a holistic, up-to-date map of your data landscape with automated data discovery, sensitive data classification, and end-to-end data lineage. Empower data consumers to find valuable, trustworthy data.” But what does this actually mean?

Azure Purview was designed to provide additional insight into sensitive data discovery across a multitude of resources. Organizations typically rely on tribal knowledge to know what platforms house sensitive information. Data is constantly growing and being shared in different directions. Discovering, classifying, governing, and protecting data is a task that never ends. Losing even the smallest amount of data can be critical or detrimental to the success of an organization. That’s where Purview comes into play.

Azure purview assists by mapping out and providing a foundation for effective data discovery and data governance. With Azure Purview, compliance & security teams get a bird’s eye view at one quick glance of what data is being scanned, where the data resides, and what movement the data has encountered. Once scanned, the data is cataloged, thus making it easier to understand the data and discover insights and trends of new data.

 

How is this different than the Compliance Center?

Microsoft has been a player in the Information Protection sector for a long time. The Compliance Center helps organizations to quickly identity sensitive information within the Microsoft 365 atmosphere. Microsoft Information Protection helps classify, protect, and prevent data loss across all Microsoft 365 applications. These apps include Word, PowerPoint, Excel, Outlook, SharePoint, Exchange, Power BI, etc.

Azure Purview builds upon the same labels and classification structure of Microsoft Information Protection. By extending these labels, organizations can now automatically discover, classify, and gather insight across more data sources, such as AWS S3 buckets, Azure Data Services, SQL Servers, etc.

Use Cases

Administrators have a hard time classifying and protecting data when they do not know if and where it exists. In the event that an employee has accidentally placed PHI (SSNs, medical records, etc.) in an unsecured location – a routine, scheduled scan using Azure Purview would quickly allow an administrator to identify that information and take the necessary actions to either move that data or protect the data from leaking.

Let’s think of a situation where a simple Word document has been placed in the wrong file destination. Instead of this document being placed inside of the company finance system, this data has been placed in the company’s common drive where all users now have access to this information. However, in this particular document, it outlines that the company’s financials are booming. Stock prices are up, times are great. An employee that has access to this common drive stumbles upon the financial data and decides they would like to buy as much stock as they can get their hands on the night before this data becomes publicly available.

What does Public Preview mean?

As mentioned above, this is currently in public preview. This means early access has been provided to allow organizations the ability to explore and test upcoming features. During this phase, Microsoft is still gathering public feedback on how to improve the new product. Additionally, during this time, support may be limited from Microsoft.

Summary of experience As a member of RSM’s Modern Workplace solution set, Trent is responsible for deploying security technology to encourage secure productivity, engagement, and collaboration. Trent also works closely with the Security Transformation Services at RSM to review client cloud platforms and provide recommendations for security improvement. Trent has worked on various projects with the firm including end point security, data loss prevention (DLP), identity & access management (IAM), tenant security hardening for Azure, Amazon Web Services (AWS), and Microsoft/Office 365 security assessments. Prior to joining RSM, Trent worked as an IT Support Specialist for a construction company located in Chicago, Illinois. While with his previous employers, Trent focused on improving network and systems infrastructure. Trent also has experience running network vulnerability scans and providing recommendations for how to align to various security frameworks. In his current role, Trent works with clients to help improve security posture and reduce risks associated with technology. Professional affiliations and credentials • Microsoft 365 Expert Administrator • Microsoft 365 Security Administrator • Azure Security Engineer • Azure Fundamentals Education • Bachelor of Science, Business Administration, Lewis University

Receive Posts by Email

Subscribe and receive notifications of new posts by email.