Understanding and Governing Data with Microsoft Purview

Two men in conversation on laptop in office

With remote working and digital collaboration now commonplace, data and information protection has never been more instrumental in maintaining robust cyber security.

Business data has become increasingly fragmented; shared and stored across a wide variety of productivity apps and communication channels, both cloud-based and on premises. With heightened corporate compliance obligations and an ever-increasing cyber threat landscape, comprehensive information protection and data governance is at the heart of protecting your organisation from attack.

Poor data security can increase the risk of data loss or theft, leave your business open to internal threats and expose vulnerabilities across your entire security posture. Unfortunately, as digital footprints grow, the task of monitoring, managing, and controlling sensitive business data can feel untenable. Dedicated data security tools have become essential for staying on top of both business data governance and compliance requirements.

For those investing in Microsoft 365 Enterprise licences, Microsoft’s own data security  offering, Microsoft Purview, provides best-of-breed capabilities and interconnectivity across the M365 suite of apps, on-premises, and third-party apps or clouds.

What is Microsoft Purview?

Microsoft Purview is a collection of data security and tools designed to unify business data and governance.

Combining the legacy tools of Azure Purview for data governance and Microsoft 365 Compliance for risk and compliance, Microsoft Purview provides users with the best of Microsoft 365’s latest data, compliance, and governance capabilities.

The Purview brand originated in Azure Purview for data governance across your environment, but in April 2022 was adopted into the larger Microsoft Purview as the suite and parent name of all data security and compliance services in Microsoft 365. This means that tools you may be already familiar with, such as AIP (Azure Information Protection) and MIP (Microsoft Information Protection), now fall under the umbrella of Microsoft Purview.

Man Working On Laptop

Which tools are included with Microsoft Purview?

Past users of Azure Purview and Microsoft 365 Compliance will be familiar with much of the data protection functionality in Microsoft Purview. Key components include:

Communication Compliance
Maintain safe and appropriate communication across business channels by detecting sensitive content that breaches company policy.

Compliance Manager
Simplify complex regulatory requirements into actionable steps to raise your organisation’s compliance score and track progress towards a more compliant environment.

Data Lifecycle Management
Working at scale this tool enables users to classify and govern business data to meet relevant legal and regulatory obligations using retention labels and policies.

Data Loss Prevention
Secure sensitive and business-critical data from unauthorised access across apps, endpoints, and on-premises storage.

Data Map and Data Catalog
Better understand your business and consumer data via a unified map illustrating data’s origin and lineage.

Utilising end-to-end workflows eDiscovery identifies and manages business data in-place, streamlining internal or legal investigations.

Information Protection
A tool with business-wide applications, Information Protection empowers users to discover, identify, classify, and protect sensitive and business-critical data across your entire environment using sensitivity labels.

Insider Risk Management
Protect your organisation from the growing insider risk factor including data theft, data leaks, and security policy violations.

Meeting in boardroom

What are the business benefits of Microsoft Purview?

Best of Breed Capabilities

Microsoft’s data security offering has been named a Leader by Forrester in their 2023 Wave™ for Data Security Platforms. Microsoft came out on top in Forrester’s evaluation of the data security platform market, receiving the highest score available for “data classification, data threat and risk visibility, data masking or redaction, encryption, rights management, privacy use cases, and integrations for Zero Trust criteria; and in the strategy category for the product vision, execution roadmap, and community engagement criteria”.


Unlike a number of third-party information protection services, Microsoft licences are charged on a per-user per-month basis. This means that your investment will be representative of your individual business use case, and there’s no need to pay for a licence that exceeds your users’ requirements. This simplifies reporting on ROI and helps in keeping a streamlined security stack.

Whole Environment Protection

With Microsoft Purview, there’s no need to invest in separate solutions for each digital space. Where some vendors offer governance solutions for cloud-based data and others cater to on-premises storage, Microsoft Purview bridges the gap and provides comprehensive coverage across your entire environment.


Microsoft Purview offers end-to-end integration with other components of Microsoft 365’s security, compliance, identity, and management stack, right out of the box.

For example, the recently introduced Adaptive Protection for Purview Data Loss Prevention benefits from integration with Insider Risk Management and DLP. Insider Risk Management discovers and flags suspect users as a potential risk, and Data Loss Prevention automatically refines its scope to include them.

This capability allows you to be more aggressive in your DLP restrictions for users that exhibit suspicious behaviour or have been flagged by an administrator, while still letting standard users remain productive with more freedom. By leveraging the cross-tool workflow possibilities of Microsoft Purview, information protection is simplified, and restrictions can be more closely tailored to your environment and its needs.

Smooth Deployment

Another key advantage Microsoft Purview brings is how rapidly it can be deployed, albeit in a manageable way. As an entirely cloud-based service, the underlying infrastructure, scaling, and network management is abstracted away from administrators, who can instead focus on implementing the tools’ capabilities.

Woman on phone with laptop at desk

Is Microsoft Purview included with Microsoft 365 E3 and E5 licences?

As with all Microsoft solutions, the range of tools available to your business will vary according to your licence subscription, and because Microsoft’s suite of solutions is updated frequently, this isn’t always fixed.

Regarding Microsoft Purview, a good rule of thumb is that a Microsoft 365 E5 licence includes the vast majority of tools, whereas an E3 licence’s provision is more limited.

It’s important to remember that multiple Microsoft 365 licencing plans can be combined within a single business account. For example, for those organisations investing in an E3 licence that find themselves in need of enhanced security and compliance tools, Microsoft E5 Security and Microsoft E5 Compliance can be added as complementary bolt-ons to your core subscription package.

Mixing and matching with standalone solution licences is another option should Microsoft Purview include a particular feature you’re keen to adopt, but otherwise exceed your business requirements.

For specific, up-to-date details on which of Microsoft Purview’s tools are included with your particular licence, Microsoft’s comparison tool is a reliable resource.

Collaborative Meeting with Whiteboard

Deploying Microsoft Purview in your organisation

For businesses embarking on a data and compliance journey with Microsoft Purview, deployment can be intimidating.

Where many cyber security tools sit solely within technical teams’ remit, deploying Microsoft Purview is as much a business operations project as it is an IT one. A strategic plan and agreed-upon direction is essential for a deployment that maximises Purview’s capabilities and provides cross-business benefits.

End-user experience and adoption is a common obstacle to a Microsoft Purview deployment, so establishing stakeholder buy-in early on is essential for success. Consider the data that should be protected, the data sources involved, the regulatory challenges at play and the departments impacted. Once requirements are understood, deployment becomes clearer and user uptake more likely.

While it’s undoubtedly a substantial undertaking, just because you can quickly weaponise Purview’s capabilities, doesn’t mean you need to roll it out with a big bang. Indeed, doing so is a common challenge for businesses and often an incorrect approach.

Microsoft encourage the use of a Crawl, Walk, Run approach and Purview makes this easy, with the ability to completely control the scope of users, sites, and mailboxes, as well as which mode you roll out in. For example, you can begin most Microsoft Purview service deployments with Audit and Test modes, followed by a User Override mode, finishing with Full Block mode when you are mature and comfortable.

Microsoft’s own best practice guide is a useful resource to create a workable road map for your deployment of Purview, from preliminary business plans through to integration with other M365 apps, emphasising the importance of a comprehensive strategic approach to this business-wide suite of data security tools.

Threatscape’s award-winning Microsoft Security Practice provides a range of managed and professional services across information protection, identity protection, messaging, endpoint protection, cloud security and more. For those looking to optimise their existing Microsoft 365 Security stack with the next generation of security posture management, Overwatch for Microsoft 365 delivers simplified security without compromise.

You may also be interested in these articles:



Contact Us