New Microsoft 365 Information Governance Delivers Unified Compliance and Risk Management Solution

This spring, Microsoft unveiled its new Microsoft Purview suite, a unified Microsoft 365 information governance and compliance solution. Designed for today’s decentralized workplace, Purview combines the features of Microsoft 365 Compliance with the former Azure Purview.

In addition, Purview includes data governance from Microsoft Data and AI, as well as the compliance and risk management capabilities of Microsoft Security. Together, these features deliver the tools organizations need to achieve compliance and to manage and protect data wherever it resides.

Some of the key benefits of the new Microsoft Purview include:

• Visibility into data assets across locations, apps, and devices
• Ability to secure and manage sensitive data whether in the cloud or on-premises
• Data loss prevention
• Data lifecycle management
• Data encryption
• Centralized, simplified access to all Microsoft data security and regulatory compliance solutions

Increase Data Visibility with Microsoft 365 Information Governance

The Microsoft Purview Data Catalog helps users quickly find the data they need, even when they do not know where it lives. Users can search for data based on data classification, data type, keywords, or glossary terms. Then they can drill down to display further detail or view the data in context.

Secure and Manage Sensitive Data

With Microsoft Purview, organizations gain the tools to classify data consistently across locations, devices, and apps, using a combination of manual and automated classification. Sensitivity labels help administrators govern sensitive data and achieve regulatory compliance. These labels initiate protection actions such as access restrictions and encryption.

Additionally, Purview includes dashboards and reports to provide data governance stakeholders with key insights about tagged data. Reports detailing user actions with sensitive data help administrators to identify compliance gaps and improve Microsoft 365 information governance.

Data Loss Prevention

Inappropriate or unintentional sharing of sensitive data brings significant risk that can result in regulatory violations and legal complications. Microsoft Purview Data Loss Prevention (DLP) aids organizations in protecting sensitive data such as PHI and financial data by allowing them to define and apply DLP policies.

DLP policies give companies the tools to identify, monitor and protect sensitive data across all Microsoft 365 apps and services. This applies also to Windows 10, Windows 11 and Mac endpoints, as well as non-Microsoft cloud apps, on-premises file shares and on-premises SharePoint.

Data Lifecycle Management

Formerly called Microsoft Information Governance, Microsoft Purview Data Lifecycle Management provides the tools needed to determine data retention and destruction. Organizations apply retention labels to specific items such as emails or documents. They can also define retention policies at the folder level to govern everything within that folder.

Data Encryption

Using Microsoft Purview Double Key Encryption and Microsoft Purview Customer Key, data stewards authorize Microsoft 365 to use encryptions keys. With encryption enabled, data is encrypted both in transit and at rest. This includes files in SharePoint and OneDrive, email messages and attachments in Outlook, chats, and messages in Microsoft Teams.

Compliance and Risk Management

In a recent survey by Egress, over 90 percent of companies reported insider data breaches last year. Whether accidental or intentional, insider breaches can result in significant financial losses, damage to business reputation and loss of customer trust. To counter such threats, Microsoft Purview offers robust solutions for risk management and compliance.

These include:

• Insider Risk Management to detect and act on risk activities
• Information Barriers to restrict communication and collaboration between users
• Communication Compliance to detect and act on inappropriate and sensitive messages
• Records Management to manage business, legal, or regulatory record-keeping requirements
• eDiscovery (Premium) or eDiscovery (Standard) to identify and manage data for legal cases
• Audit (Premium) or Audit (Standard) to log and search for audited activities in SharePoint and OneDrive

Improve Data Security and Compliance with Microsoft 365 Information Governance

The data security and compliance experts at eMazzanti have a longstanding partnership with Microsoft. And they regularly assist hundreds of customers with optimizing Microsoft 365 to maximize security, productivity, and compliance in a challenging data environment.

Download Article PDF