If you wish to jump to a more relevant section of this series for what you are attempting to accomplish, use the links below.
OVERVIEW (Part 0)
0 - Microsoft Purview - Paint By Numbers Series (Part 0) - Overview
0a - Microsoft Purview - Paint By Numbers Series (Part 0a) - Permissions
DATA CLASSIFICATION (Part 1)
1 - Microsoft Purview - Paint By Numbers Series (Part 1) - Sensitive Information Types
1a - Microsoft Purview - Paint By Numbers Series (Part 1a) - Exact Data Match
1b - Microsoft Purview - Paint By Numbers Series (Part 1b) - Trainable Classifiers
INFORMATION PROTECTION (Part 2)
2 - Microsoft Purview - Paint By Numbers Series (Part 2)- Information Protection
2a - Microsoft Purview - Paint By Numbers Series (Part 2a) - Adding the ability to add Container and Site labels
2b - Microsoft Purview - Paint By Numbers Series (Part 2b) - Adding a Sensitivity Label to a Container and/or Site
2c - Microsoft Purview - Paint By Numbers Series (Part 2c) - Default Labels
2d - Microsoft Purview - Paint By Numbers Series (Part 2d) - Required Labels
2e - Microsoft Purview - Paint By Numbers Series (Part 2e) - Using Multiple Sensitivity Labels
DATA LOSS PREVENTION (Part 3)
3 - Microsoft Purview - Paint By Numbers Series (Part 3) - Data Loss Prevention for Exchange
3a - Microsoft Purview - Paint By Numbers Series (Part 3a) - DLP for Endpoint (SIT-based)
3b - Microsoft Purview - Paint By Numbers Series (Part 3b) - DLP for Endpoint (Label-based)
3c - Microsoft Purview - Paint By Numbers Series (Part 3c) - Data Loss Prevention with Teams Chat
RECORD MANAGEMENT (Part 4)
4 - Microsoft Purview - Paint By Numbers Series (Part 4) - Records Management
PREMIUM eDISCOVERY (Part 5)
5 - Microsoft Purview - Paint By Numbers Series (Part 5) - Premium eDiscovery (old walk through)
5 - Microsoft Purview - Paint By Numbers Series (Part 5) - Overview and Settings - TBA
5a - Microsoft Purview - Paint By Numbers Series (Part 5a) - Case Creation and Case Settings - TBA
5b - Microsoft Purview - Paint By Numbers Series (Part 5b) - Data Sources and Collections - TBA
5c - Microsoft Purview - Paint By Numbers Series (Part 5c) - Review Sets
5d - Microsoft Purview - Paint By Numbers Series (Part 5d) - Communication
5e - Microsoft Purview - Paint By Numbers Series (Part 5e) - Holds
5f - Microsoft Purview - Paint By Numbers Series (Part 5f) - Processing
5g - Microsoft Purview - Paint By Numbers Series (Part 5g) - Exports
5h - Microsoft Purview - Paint By Numbers Series (Part 5h) - Jobs
INSIDER RISK MANAGEMENT (Part 6)
6 - Microsoft Purview - Paint By Numbers Series (Part 6) - Insider Risk Management - Overview
6a - Microsoft Purview - Paint By Numbers Series (Part 6) - Insider Risk Management - Permissions
6b - Microsoft Purview - Paint By Numbers Series (Part 6) - Insider Risk Management - Settings
6c - Microsoft Purview - Paint By Numbers Series (Part 6) - Insider Risk Management - Policies
6d - Microsoft Purview - Paint By Numbers Series (Part 6) - Insider Risk Management - Alerts
6e - Microsoft Purview - Paint By Numbers Series (Part 6) - Insider Risk Management - Cases (investigations)
VIVA (Part 7)
7 - Microsoft Purview - Paint By Numbers Series (Part 7) - Viva and Purview Workloads
INFORMATION BARRIERS (Part đ
8a - Microsoft Purview - Paint By Numbers Series (Part 8a) - Information Barriers and Teams Chat
COMPLIANCE MANAGER (Part 9)
9a - Microsoft Purview - Paint By Numbers Series (Part 9a) - Compliance Manager - Overview
9b - Microsoft Purview - Paint By Numbers Series (Part 9b) - Compliance Manager - Run an Assessment
9c - Microsoft Purview - Paint By Numbers Series (Part 9c) - Compliance Manager - Improvement Actions
Overview of this Blog Series
This blog series is meant to address several specific use cases in the Compliance space as well as provide step-by-step approach to run basic tests against those use cases.
We will start with the overview and permissions of the Purview stack. Then, as you look at the diagram below, you will see that the blog series starts with the Sensitive Information Type (SIT) as a foundation and then all other parts of compliance are built on that foundation. Once you understand how to create and modify a SIT, you can then create an Exact Data Match, if you want. Once youâve done Part 1/1a you can then do Parts 2-5 (and future parts) in the order provided or you can perform them in the order relevant to your needs.
In each Part of this blog, I will explain the Use Case related that Compliance function. Please note there is more than one use case for each of these functions, but for simplicity, I am only addressing one per for each.
Microsoft Purview (April 19, 2022)
As of April 19, 2022, Microsoft Compliance is now known as Microsoft Purview. Please see the link at the bottom of this page for more information about this renaming and what it means
Disclaimer
This document is not meant to replace any official documentation, including those found at docs.microsoft.com. Those documents are continually updated and maintained by Microsoft Corporation. If there is a discrepancy between this document and what you find in the Compliance User Interface (UI) or inside of a reference in docs.microsoft.com, you should always defer to that official documentation and contact your Microsoft Account team as needed. Links to the docs.microsoft.com data will be referenced both in the document steps as well as in the appendix.
All of the following steps should be done with test data, and where possible, testing should be performed in a test environment. Testing should never be performed against production data.
Target Audience
The Sensitive Information Type (SIT) section of this blog series is aimed at Compliance officers who need to identify any PII and PHI data in their environment.
Document Scope
This document is meant to provide an overview of the Microsoft Purview Suite (formerly Compliance Suite) to an administrator who is ânet newâ to Microsoft E5 tools.
Out-of-Scope
This document does not cover any other aspect of Microsoft E5 Compliance, including:
- Sensitive Information Types
- Exact Data Matching
- Sensitivity Labeling
- Data Protection Loss (DLP) for Exchange, OneDrive, Devices
- Microsoft Cloud App Security (MCAS)
- Records Management (retention and disposal)
- Advanced eDiscovery (AeD)
- Insider Risk Management
- Privacy Management
It is presumed that you have a pre-existing of understanding of what Microsoft E5 Compliance does and how to navigate the User Interface (UI).
Overview of Document
- Overview
- Microsoft Purview
- Target Audience
- Document Scope
- Out of Scope
- Use Case
- Definitions
- Notes
- Requirements
- Appendix and Links
Use Case
None
Definitions
- Data Classification
- The core of the Compliance tool is the Microsoft Information Protection (MIP) engine. This engine allows for indexing of existing data and then track any changes made to that data via the Compliance tool set (example â information label that data with sensitivity and governance labels).
- Information Protection
- This is the tool that is used to apply labels, watermarks, headers, footnotes and encryption to emails, files, etc These labels carry with files/emails inside and outside the organization.
- Data Loss Prevention
- This component of the solution blocks emails and files being leaked or stolen from the organization, whether it be from the endpoint devices (windows 10/11 and Mac) or from Exchange Online, SharePoint Online, Teams, or OneDrive.
- Information Governance
- This tool applies Retention and Disposal polices to files and emails inside of a tenant, thereby helping the organization meet its regulatory needs.
- Advanced eDiscovery
- This is the Microsoft eDiscovery tool. It performs more than just search, hold and export. It provides for granular eDiscovery functions, such as review, redaction, searches against existing holds, etc.
- Insider Risk Management
- This tool brings in the telemetry from the organizationâs tenant and onboarded devices to provide a baseline of âbehaviorâ of for users. Examples of this baseline, as it relates to compliance workloads, are copying data, deleting data, uploading data to the cloud, etc.
Notes
- Replication times for changes in Purview polices take affect:
- DLP policies will take approximately 15 minutes to take affect
- Other Compliances items could take 24-48 hours for other changes to take affect
Requirements
None
Appendix and Links
Note: This solution is a sample and may be used with Microsoft Compliance tools for dissemination of reference information only. This solution is not intended or made available for use as a replacement for professional and individualized technical advice from Microsoft or a Microsoft certified partner when it comes to the implementation of a compliance and/or advanced eDiscovery solution and no license or right is granted by Microsoft to use this solution for such purposes. This solution is not designed or intended to be a substitute for professional technical advice from Microsoft or a Microsoft certified partner when it comes to the design or implementation of a compliance and/or advanced eDiscovery solution and should not be used as such. Customer bears the sole risk and responsibility for any use. Microsoft does not warrant that the solution or any materials provided in connection therewith will be sufficient for any business purposes or meet the business requirements of any person or organization.