0212 217 4 217
Microsoft Purview is a security and compliance service that consolidates various solutions such as data classification, DLP (Data Loss Prevention), and eDiscovery into a single platform.
While Microsoft initially provided this service as part of its security services, it gradually separated this area and increased the number of solutions available. Compliance solutions, which are becoming increasingly important every day, are now a must-have agenda item for every organization. Managing and protecting corporate data reduces the risk of dark data (unmanaged and unprotected data), facilitates tracking data flows both within and outside the organization, and ensures the protection of sensitive data.
As data regulations continue to grow worldwide, each country shares its own regulatory rules with the world. In Turkey, organizations are subject to the KVKK (Personal Data Protection Law), as we all know.
The continuous audits that organizations are obligated to undergo consume the time of the IT department and many other departments. Implementing such a solution to reduce this workload allows internal resources to be used more efficiently.
Let’s explore how Microsoft Purview can guide and support us in these areas.
First and foremost, the solution is cloud-based. This means there is no hardware requirement to use the solution, saving us half of the work. It can be helpful to follow the steps below during the installation and configuration of the solution:
- Define what sensitive data is for your organization and identify content that poses regulatory risks.
- Automated sensitive data discovery process on existing data.
- Review the report generated after the discovery process.
- Create improvement steps within a specific plan.
In these steps, the first item that relevant departments will need to spend time on is the first item. For the remaining steps, we run the process with rules through the service and wait for the results. After the report is ready, the service also provides us with improvement steps. Let’s continue with the services within the solution.
- Compliance Manager:
This area is similar to Microsoft’s secure score service in the realm of security services, but here it is presented as a compliance score. You can view your total compliance score and improvement areas here. In each improvement area, you can see the paths you need to follow and the points they will contribute to you. These reports are tailor-made for the IT teams to present to upper management.
One of the most important parts of Compliance Manager is the ready-made assessment templates. You can choose from over 700 premium assessment templates and quickly check your compliance status. Among these templates, you can find all the regulations, both familiar and unfamiliar, such as ISO 27001 and KVKK. This is quite useful for the organization to test itself for compliance purposes.
- Data Classification
In this area, we determine our classification categories. We can specify auto-discovery of content matching Exchange, OneDrive, SharePoint, and Teams using either ready-made or custom classifiers.
In the sensitive data types field, you can either use ready-made types or define custom ones yourself. In the custom section, you can specify sensitive data based on keywords or regular expressions. Then you can identify and report content matching in services like Exchange and Teams.
- Audit
The Audit feature allows us to see the results by entering a few parameters for an activity carried out within the organization during a specific date range. For example, you can investigate who deleted a file from Teams one year ago. Audits can be controlled through activities, as well as through keyword-based searches.
- Content Search
You can conduct keyword-based searches or stale data searches on Exchange mailboxes or SharePoint sites. The service can quickly search the specified keyword in relevant services and deliver the results to you. Or, with stale data, which refers to emails that are older than a certain period and need to be deleted, it can scan and report with a detailed report.
- Communication Compliance
One of the most interesting areas is Communication Compliance, which detects inappropriate language or modern-day issues like cyberbullying among employees in the organization and reports to you. Creating this policy is a short process. After the policy is created, it listens to the environment for a while and then provides a report. The most accurate data is obtained after 15 days.
- Data Loss Prevention
In this area, we encounter ready-made policy templates and a custom policy area. If you prefer to use ready-made templates, you can choose sector-based categories such as finance or healthcare to create policies. However, unfortunately, there are no ready-made templates for regulations compliant with Turkey’s requirements, so you have to proceed with custom policies. After selecting the custom area, you can choose the areas where the policy will be applied. These areas are currently as follows:
After determining the sensitive data content, we can alert the relevant individuals if content is detected in one of the above-mentioned areas and prevent access to the content.
- eDiscovery
eDiscovery works like content search but also provides user-based data search. User-based data searches can be necessary for various reasons, especially mailbox searches.
- Information Protection
We can consider data protection to be the most effective area. We can label and classify our emails and documents and then apply protection rules. Labeling can be done manually or automatically. You can also create custom classifications, using either ready-made sensitive data templates or custom definitions. You can apply DLP rules based on the classification results.
- Insider Risk Management
Another self-operating service that doesn’t burden IT teams and produces reports on its own. All you need to do is press the scan button; the service takes care of the rest. It’s advisable to wait a minimum of 7 days for accurate data.
Now, let’s take a look at the fundamental information provided by this service: Potential data leak threats, what percentage of users are exporting data externally? What percentage of users shared information containing sensitive data externally? You can view the answers to all these questions in the reports.
This way, we have taken a brief look at the Microsoft Purview product. There is no doubt that data protection and management will become even more popular in the coming years.
Wishing you enjoyable and healthy days.
