March Ahead with Azure Purview: Access management in Azure Purview - Part 3

Published 04-22-2021 08:58 AM 633 Views

Azure Purview allows you to extend the reach of Microsoft 365 sensitivity labels to operational and analytical data.  In my previous blog posts Azure Purview access management Part 1 and Part 2 control plane and data plane roles and tasks were covered. In this post, I will cover the following topic:

 

  • Overview of how you can easily extend your M365 Sensitivity Labels to automatically assign labels to files and database columns in Azure Purview.

To get started the following table summarizes 7 tasks required to extend the labels to Azure Purview including dashboards and roles required to perform each step:

 

Task

What portal to use

Who can perform this task

Verify if you have at least one M365 E5 License in your Azure AD tenant

Azure Portal (https://portal.azure.com/) OR

M365 Admin Center (https://admin.microsoft.com/AdminPortal/)

Any Azure AD role (e.g. Global Reader)

Consent “Extend labeling to assets in Azure Purview”

Microsoft 365 Security and Compliance Center (http://compliance.microsoft.com/)

Azure AD Roles:

Compliance Administrator

OR

Global Administrator

Create and update Sensitivity Labels in M365

Microsoft 365 Security and Compliance Center

Azure AD Roles:

Azure Information Protection Administrator

OR

Global Administrator

Register Data Sources in Azure Purview

Azure Purview Studio

(https://web.purview.azure.com/)

Azure Purview Roles (data plane:(

Purview Data Source Administrator + Purview Data Curator

AND

Azure Roles (control plane)

Reader (on data sources)

Scan Data Sources in Azure Purview

Azure Purview Studio

Azure Purview Roles (data plane):

Purview Data Source Administrator + Purview Data Curator

OR

Purview Data Source Administrator + Purview Data Reader

Search Catalog and filter assets based on Sensitivity Labels

Azure Purview Studio

Azure Purview Roles (data plane):

Purview Data Reader

OR

Purview Data Curator

View Sensitivity Labels Insights reports

Azure Purview Studio

Purview Data Reader

OR

Purview Data Curator

In order to follow this guidance, working with other teams in your organization may be required.

 

Verify if you have at least one M365 E5 License in your Azure AD tenant

Use your M365 Admin center to check if you already have M365 E5 Licenses in your tenant:

 

Picture1.png

If you do not have this license in place, please work with your finance team to obtain the required licenses. Microsoft 365 E5 | Microsoft 365 Enterprise.

 

Consent “Extend labeling to assets in Azure Purview”.

By default, Sensitivity Labels are only available for assets in M365. With this one-time operation at your Azure AD tenant level, you will allow M365 Sensitivity Labels to be extended to assets in Azure Purview. Use Microsoft 365 Security and Compliance Center to consent.

 

Picture2.png

Picture3.png

 

Create or update M365 Auto-labeling Rules

It is important to identify which team in your organization is responsible for defining Sensitivity Labels in Microsoft 365.

 

To extend a label to Azure Purview, you can create a new M365 Sensitivity Label or update an existing one in Microsoft 365 Security and Compliance Center, by configuring the following settings:

 

  • From Define the scope for this label enable Azure Purview Assets.
  • Add Auto-labeling rule
  • From Auto-labeling for database columns enable Auto-labeling for database columns.

 

Information Protection Administrator or Global Administrator roles can be used to create or update Sensitivity Labels.

 

Picture4.png

 

If you are looking to expand visibility of your M365 Sensitivity Labels to other teams, you can provide them with Read-only access to view of M365 Sensitivity Labels in your tenant, you can assign the user with Security Reader role in Azure AD or more specifically assign them with Sensitivity Label Reader in Microsoft 365 Security and Compliance Center.

 

Picture5.png

 

Register and Scan data sources in Azure Purview

Use Azure Purview Studio to register data sources such as Azure SQL Servers or Blob Storage. Once you scan your data sources, Sensitivity Labels are automatically assigned based on auto-labeling rules and then you will be search, browse and filter assets based on Sensitivity Labels or view Insights Reports. View my past blog post to read more about setting up and exploring assets by Sensitivity Labels in Azure Purview.

 

Purview Data Curator + Data Source Administrator or Purview Data Reader + Data Source Administrator roles can be used to scan data in Azure Purview. To search assets and view reports, you can use at least Purview Data Reader role.

 

Summary and Call to Action

 

Through close integration with Microsoft Information Protection offered in Microsoft 365 Azure Purview enables direct ways to extend visibility into your data estate, and classify and label your data.

 

We would love you hear your feedback and know how Azure Purview helped tracking your sensitive data estate using automatic labeling.

 

  1. Create an Azure Purview account now and extend your M365 Sensitivity Labels across your files and database columns in Azure Purview.
  2. Use Sensitivity Labels Insights to get a bird’s eye view of your data estate by the sensitivity labels.
  3. Learn more about Azure Purview Autolabeling and Sensitivity Label Insights.
  4. Provide your feedback.
%3CLINGO-SUB%20id%3D%22lingo-sub-2262722%22%20slang%3D%22en-US%22%3EMarch%20Ahead%20with%20Azure%20Purview%3A%20Access%20management%20in%20Azure%20Purview%20-%20Part%203%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2262722%22%20slang%3D%22en-US%22%3E%3CP%3E%3CSPAN%3EAzure%20Purview%20allows%20you%20to%20extend%20the%20reach%20of%26nbsp%3B%3C%2FSPAN%3E%3CA%20href%3D%22https%3A%2F%2Fnam06.safelinks.protection.outlook.com%2F%3Furl%3Dhttps%253A%252F%252Fdocs.microsoft.com%252Fen-us%252Fmicrosoft-365%252Fcompliance%252Fsensitivity-labels%253Fview%253Do365-worldwide%26amp%3Bdata%3D04%257C01%257Czeinam%2540microsoft.com%257C614632a858ed4bd31b4008d8cebcab11%257C72f988bf86f141af91ab2d7cd011db47%257C1%257C0%257C637486657013432494%257CUnknown%257CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%253D%257C1000%26amp%3Bsdata%3DvMhNRibIH5IS9d4BVFKNCdQusNLnohwoVExoSDHRBhc%253D%26amp%3Breserved%3D0%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%22%3EMicrosoft%20365%20sensitivity%20labels%3C%2FA%3E%3CSPAN%3E%26nbsp%3Bto%20operational%20and%20analytical%20data.%26nbsp%3B%20In%26nbsp%3B%3C%2FSPAN%3Emy%20previous%20blog%20posts%20Azure%20Purview%20access%20management%20%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fazure-purview%2Fmarch-ahead-with-azure-purview-access-management-in-azure%2Fba-p%2F2199809%22%20target%3D%22_self%22%3EPart%201%3C%2FA%3E%20and%20%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fazure-purview%2Fmarch-ahead-with-azure-purview-access-management-in-azure%2Fba-p%2F2209936%22%20target%3D%22_self%22%3EPart%202%20%3C%2FA%3Econtrol%20plane%20and%20data%20plane%20roles%20and%20tasks%20were%20covered.%20In%20this%20post%2C%20I%20will%20cover%20the%20following%20topic%3A%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CUL%3E%0A%3CLI%3EOverview%20of%20how%20you%20can%20easily%20extend%20your%20M365%20Sensitivity%20Labels%20to%20automatically%20assign%20labels%20to%20files%20and%20database%20columns%20in%20Azure%20Purview.%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3CP%3ETo%20get%20started%20the%20following%20table%20summarizes%207%20tasks%20required%20to%20extend%20the%20labels%20to%20Azure%20Purview%20including%20dashboards%20and%20roles%20required%20to%20perform%20each%20step%3A%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CTABLE%20style%3D%22width%3A%20806px%3B%22%20width%3D%22806%22%3E%0A%3CTBODY%3E%0A%3CTR%3E%0A%3CTD%20width%3D%22194.444px%22%3E%3CP%3E%3CSTRONG%3ETask%3C%2FSTRONG%3E%3C%2FP%3E%0A%3C%2FTD%3E%0A%3CTD%20width%3D%22321.111px%22%3E%3CP%3E%3CSTRONG%3EWhat%20portal%20to%20use%3C%2FSTRONG%3E%3C%2FP%3E%0A%3C%2FTD%3E%0A%3CTD%20width%3D%22218.889px%22%3E%3CP%3E%3CSTRONG%3EWho%20can%20perform%20this%20task%3C%2FSTRONG%3E%3C%2FP%3E%0A%3C%2FTD%3E%0A%3C%2FTR%3E%0A%3CTR%3E%0A%3CTD%20width%3D%22194.444px%22%3E%3CP%3EVerify%20if%20you%20have%20at%20least%20one%20M365%20E5%20License%20in%20your%20Azure%20AD%20tenant%3C%2FP%3E%0A%3C%2FTD%3E%0A%3CTD%20width%3D%22321.111px%22%3E%3CP%3EAzure%20Portal%20(%3CA%20href%3D%22https%3A%2F%2Fportal.azure.com%2F%22%20target%3D%22_blank%22%20rel%3D%22noopener%20nofollow%20noreferrer%22%3Ehttps%3A%2F%2Fportal.azure.com%2F%3C%2FA%3E)%20OR%3C%2FP%3E%0A%3CP%3EM365%20Admin%20Center%20(%3CA%20href%3D%22https%3A%2F%2Fadmin.microsoft.com%2FAdminPortal%2F%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fadmin.microsoft.com%2FAdminPortal%2F%3C%2FA%3E)%3C%2FP%3E%0A%3C%2FTD%3E%0A%3CTD%20width%3D%22218.889px%22%3E%3CP%3EAny%20Azure%20AD%20role%20(e.g.%20Global%20Reader)%3C%2FP%3E%0A%3C%2FTD%3E%0A%3C%2FTR%3E%0A%3CTR%3E%0A%3CTD%20width%3D%22194.444px%22%3E%3CP%3EConsent%20%E2%80%9CExtend%20labeling%20to%20assets%20in%20Azure%20Purview%E2%80%9D%3C%2FP%3E%0A%3C%2FTD%3E%0A%3CTD%20width%3D%22321.111px%22%3E%3CP%3EMicrosoft%20365%20Security%20and%20Compliance%20Center%20(%3CA%20href%3D%22http%3A%2F%2Fcompliance.microsoft.com%2F%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttp%3A%2F%2Fcompliance.microsoft.com%2F%3C%2FA%3E)%3C%2FP%3E%0A%3C%2FTD%3E%0A%3CTD%20width%3D%22218.889px%22%3E%3CP%3EAzure%20AD%20Roles%3A%3C%2FP%3E%0A%3CP%3ECompliance%20Administrator%3C%2FP%3E%0A%3CP%3EOR%3C%2FP%3E%0A%3CP%3EGlobal%20Administrator%3C%2FP%3E%0A%3C%2FTD%3E%0A%3C%2FTR%3E%0A%3CTR%3E%0A%3CTD%20width%3D%22194.444px%22%3E%3CP%3ECreate%20and%20update%20Sensitivity%20Labels%20in%20M365%3C%2FP%3E%0A%3C%2FTD%3E%0A%3CTD%20width%3D%22321.111px%22%3E%3CP%3EMicrosoft%20365%20Security%20and%20Compliance%20Center%3C%2FP%3E%0A%3C%2FTD%3E%0A%3CTD%20width%3D%22218.889px%22%3E%3CP%3EAzure%20AD%20Roles%3A%3C%2FP%3E%0A%3CP%3EAzure%20Information%20Protection%20Administrator%3C%2FP%3E%0A%3CP%3EOR%3C%2FP%3E%0A%3CP%3EGlobal%20Administrator%3C%2FP%3E%0A%3C%2FTD%3E%0A%3C%2FTR%3E%0A%3CTR%3E%0A%3CTD%20width%3D%22194.444px%22%3E%3CP%3ERegister%20Data%20Sources%20in%20Azure%20Purview%3C%2FP%3E%0A%3C%2FTD%3E%0A%3CTD%20width%3D%22321.111px%22%3E%3CP%3EAzure%20Purview%20Studio%3C%2FP%3E%0A%3CP%3E(%3CA%20href%3D%22https%3A%2F%2Fweb.purview.azure.com%2F%22%20target%3D%22_blank%22%20rel%3D%22noopener%20nofollow%20noreferrer%22%3Ehttps%3A%2F%2Fweb.purview.azure.com%2F%3C%2FA%3E)%3C%2FP%3E%0A%3C%2FTD%3E%0A%3CTD%20width%3D%22218.889px%22%3E%3CP%3EAzure%20Purview%20Roles%20(%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fazure-purview%2Fmarch-ahead-with-azure-purview-access-management-in-azure%2Fba-p%2F2209936%22%20target%3D%22_blank%22%3Edata%20plane%3C%2FA%3E%3A(%3C%2Fimg%3E%3C%2FP%3E%0A%3CP%3EPurview%20Data%20Source%20Administrator%20%2B%20Purview%20Data%20Curator%3C%2FP%3E%0A%3CP%3EAND%3C%2FP%3E%0A%3CP%3EAzure%20Roles%20(%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fazure-purview%2Fmarch-ahead-with-azure-purview-access-management-in-azure%2Fba-p%2F2199809%22%20target%3D%22_blank%22%3Econtrol%20plane%3C%2FA%3E)%3C%2FP%3E%0A%3CP%3EReader%20(on%20data%20sources)%3C%2FP%3E%0A%3C%2FTD%3E%0A%3C%2FTR%3E%0A%3CTR%3E%0A%3CTD%20width%3D%22194.444px%22%3E%3CP%3EScan%20Data%20Sources%20in%20Azure%20Purview%3C%2FP%3E%0A%3C%2FTD%3E%0A%3CTD%20width%3D%22321.111px%22%3E%3CP%3EAzure%20Purview%20Studio%3C%2FP%3E%0A%3C%2FTD%3E%0A%3CTD%20width%3D%22218.889px%22%3E%3CP%3EAzure%20Purview%20Roles%20(data%20plane)%3A%3C%2FP%3E%0A%3CP%3EPurview%20Data%20Source%20Administrator%20%2B%20Purview%20Data%20Curator%3C%2FP%3E%0A%3CP%3EOR%3C%2FP%3E%0A%3CP%3EPurview%20Data%20Source%20Administrator%20%2B%20Purview%20Data%20Reader%3C%2FP%3E%0A%3C%2FTD%3E%0A%3C%2FTR%3E%0A%3CTR%3E%0A%3CTD%20width%3D%22194.444px%22%3E%3CP%3ESearch%20Catalog%20and%20filter%20assets%20based%20on%20Sensitivity%20Labels%3C%2FP%3E%0A%3C%2FTD%3E%0A%3CTD%20width%3D%22321.111px%22%3E%3CP%3EAzure%20Purview%20Studio%3C%2FP%3E%0A%3C%2FTD%3E%0A%3CTD%20width%3D%22218.889px%22%3E%3CP%3EAzure%20Purview%20Roles%20(data%20plane)%3A%3C%2FP%3E%0A%3CP%3EPurview%20Data%20Reader%3C%2FP%3E%0A%3CP%3EOR%3C%2FP%3E%0A%3CP%3EPurview%20Data%20Curator%3C%2FP%3E%0A%3C%2FTD%3E%0A%3C%2FTR%3E%0A%3CTR%3E%0A%3CTD%20width%3D%22194.444px%22%3E%3CP%3EView%20Sensitivity%20Labels%20Insights%20reports%3C%2FP%3E%0A%3C%2FTD%3E%0A%3CTD%20width%3D%22321.111px%22%3E%3CP%3EAzure%20Purview%20Studio%3C%2FP%3E%0A%3C%2FTD%3E%0A%3CTD%20width%3D%22218.889px%22%3E%3CP%3EPurview%20Data%20Reader%3C%2FP%3E%0A%3CP%3EOR%3C%2FP%3E%0A%3CP%3EPurview%20Data%20Curator%3C%2FP%3E%0A%3C%2FTD%3E%0A%3C%2FTR%3E%0A%3C%2FTBODY%3E%0A%3C%2FTABLE%3E%0A%3CP%3EIn%20order%20to%20follow%20this%20guidance%2C%20working%20with%20other%20teams%20in%20your%20organization%20may%20be%20required.%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3E%26nbsp%3B%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3E%3CFONT%20size%3D%224%22%3E%3CSTRONG%3EVerify%20if%20you%20have%20at%20least%20one%20M365%20E5%20License%20in%20your%20Azure%20AD%20tenant%3C%2FSTRONG%3E%3C%2FFONT%3E%3C%2FP%3E%0A%3CP%3EUse%20your%20%3CA%20href%3D%22https%3A%2F%2Fadmin.microsoft.com%2FAdminportal%2FHome%23%2Flicenses%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3EM365%20Admin%20center%3C%2FA%3E%20to%20check%20if%20you%20already%20have%20M365%20E5%20Licenses%20in%20your%20tenant%3A%3C%2FP%3E%0A%3CDIV%20id%3D%22tinyMceEditorZeinab%20Mokhtarian%20Koorabbasloo_0%22%20class%3D%22mceNonEditable%20lia-copypaste-placeholder%22%3E%26nbsp%3B%3C%2FDIV%3E%0A%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22Picture1.png%22%20style%3D%22width%3A%20999px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F271396i4B7F766E3127931A%2Fimage-size%2Flarge%3Fv%3Dv2%26amp%3Bpx%3D999%22%20role%3D%22button%22%20title%3D%22Picture1.png%22%20alt%3D%22Picture1.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%E2%80%83%3C%2FP%3E%0A%3CP%3EIf%20you%20do%20not%20have%20this%20license%20in%20place%2C%20please%20work%20with%20your%20finance%20team%20to%20obtain%20the%20required%20licenses.%20%3CA%20href%3D%22https%3A%2F%2Fwww.microsoft.com%2Fen-us%2Fmicrosoft-365%2Fenterprise%2Fe5%3Factivetab%3Dpivot%253aoverviewtab%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3EMicrosoft%20365%20E5%20%7C%20Microsoft%20365%20Enterprise.%3C%2FA%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CFONT%20size%3D%224%22%3E%3CSTRONG%3EConsent%20%E2%80%9C%3C%2FSTRONG%3E%3CSTRONG%3EExtend%20labeling%20to%20assets%20in%20Azure%20Purview%E2%80%9D.%3C%2FSTRONG%3E%3C%2FFONT%3E%3C%2FP%3E%0A%3CP%3EBy%20default%2C%20Sensitivity%20Labels%20are%20only%20available%20for%20assets%20in%20M365.%20With%20this%20one-time%20operation%20at%20your%20Azure%20AD%20tenant%20level%2C%20you%20will%20allow%20M365%20Sensitivity%20Labels%20to%20be%20extended%20to%20assets%20in%20Azure%20Purview.%20Use%20Microsoft%20365%20Security%20and%20Compliance%20Center%20to%20consent.%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3E%26nbsp%3B%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22Picture2.png%22%20style%3D%22width%3A%20999px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F271397i025EAF3F351932B8%2Fimage-size%2Flarge%3Fv%3Dv2%26amp%3Bpx%3D999%22%20role%3D%22button%22%20title%3D%22Picture2.png%22%20alt%3D%22Picture2.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%E2%80%83%3C%2FP%3E%0A%3CP%3E%E2%80%83%3C%2FP%3E%0A%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22Picture3.png%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F271398i8390A7A1431B1C46%2Fimage-size%2Fmedium%3Fv%3Dv2%26amp%3Bpx%3D400%22%20role%3D%22button%22%20title%3D%22Picture3.png%22%20alt%3D%22Picture3.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3E%26nbsp%3B%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3E%3CFONT%20size%3D%224%22%3E%3CSTRONG%3ECreate%20or%20update%20M365%20Auto-labeling%20Rules%3C%2FSTRONG%3E%3C%2FFONT%3E%3C%2FP%3E%0A%3CP%3EIt%20is%20important%20to%20identify%20which%20team%20in%20your%20organization%20is%20responsible%20for%20defining%20Sensitivity%20Labels%20in%20Microsoft%20365.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3ETo%20extend%20a%20label%20to%20Azure%20Purview%2C%20you%20can%20create%20a%20new%20M365%20Sensitivity%20Label%20or%20update%20an%20existing%20one%20in%20%3CSTRONG%3EMicrosoft%20365%20Security%20and%20Compliance%20Center%3C%2FSTRONG%3E%2C%20by%20configuring%20the%20following%20settings%3A%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CUL%3E%0A%3CLI%3EFrom%20%3CSTRONG%3EDefine%20the%20scope%20for%20this%20label%3C%2FSTRONG%3E%20enable%20%3CSTRONG%3EAzure%20Purview%20Assets.%3C%2FSTRONG%3E%3C%2FLI%3E%0A%3CLI%3EAdd%3CSTRONG%3E%20Auto-labeling%20rule%3C%2FSTRONG%3E%3C%2FLI%3E%0A%3CLI%3EFrom%3CSTRONG%3E%20Auto-labeling%20for%20database%20columns%20%3C%2FSTRONG%3Eenable%3CSTRONG%3E%20Auto-labeling%20for%20database%20columns.%3C%2FSTRONG%3E%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3EInformation%20Protection%20Administrator%3C%2FSTRONG%3E%20or%20%3CSTRONG%3EGlobal%20Administrator%20%3C%2FSTRONG%3Eroles%20can%20be%20used%20to%20create%20or%20update%20Sensitivity%20Labels.%3C%2FP%3E%0A%3CDIV%20id%3D%22tinyMceEditorZeinab%20Mokhtarian%20Koorabbasloo_3%22%20class%3D%22mceNonEditable%20lia-copypaste-placeholder%22%3E%26nbsp%3B%3C%2FDIV%3E%0A%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22Picture4.png%22%20style%3D%22width%3A%20999px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F271400iC0CA10ECDD291E45%2Fimage-size%2Flarge%3Fv%3Dv2%26amp%3Bpx%3D999%22%20role%3D%22button%22%20title%3D%22Picture4.png%22%20alt%3D%22Picture4.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%E2%80%83%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3E%26nbsp%3B%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3EIf%20you%20are%20looking%20to%20expand%20visibility%20of%20your%20M365%20Sensitivity%20Labels%20to%20other%20teams%2C%20you%20can%20provide%20them%20with%20Read-only%20access%20to%20view%20of%20M365%20Sensitivity%20Labels%20in%20your%20tenant%2C%20you%20can%20assign%20the%20user%20with%20%3CSTRONG%3ESecurity%20Reader%3C%2FSTRONG%3E%20role%20in%20Azure%20AD%20or%20more%20specifically%20assign%20them%20with%20%3CSTRONG%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fmicrosoft-365%2Fcompliance%2Fget-started-with-sensitivity-labels%3Fview%3Do365-worldwide%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3ESensitivity%20Label%20Reader%3C%2FA%3E%20%3C%2FSTRONG%3Ein%20Microsoft%20365%20Security%20and%20Compliance%20Center%3CSTRONG%3E.%20%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3E%26nbsp%3B%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3E%E2%80%83%3C%2FP%3E%0A%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22Picture5.png%22%20style%3D%22width%3A%20999px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F271401i72C6E900AB76FD4D%2Fimage-size%2Flarge%3Fv%3Dv2%26amp%3Bpx%3D999%22%20role%3D%22button%22%20title%3D%22Picture5.png%22%20alt%3D%22Picture5.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%0A%3CDIV%20id%3D%22tinyMceEditorZeinab%20Mokhtarian%20Koorabbasloo_4%22%20class%3D%22mceNonEditable%20lia-copypaste-placeholder%22%3E%26nbsp%3B%3C%2FDIV%3E%0A%3CP%3E%3CFONT%20size%3D%224%22%3E%3CSTRONG%3ERegister%20and%20Scan%20data%20sources%20in%20Azure%20Purview%3C%2FSTRONG%3E%3C%2FFONT%3E%3C%2FP%3E%0A%3CP%3EUse%20%3CSTRONG%3EAzure%20Purview%20Studio%3C%2FSTRONG%3E%20to%20register%20data%20sources%20such%20as%20Azure%20SQL%20Servers%20or%20Blob%20Storage.%20Once%20you%20scan%20your%20data%20sources%2C%20Sensitivity%20Labels%20are%20automatically%20assigned%20based%20on%20auto-labeling%20rules%20and%20then%20you%20will%20be%20search%2C%20browse%20and%20filter%20assets%20based%20on%20Sensitivity%20Labels%20or%20view%20Insights%20Reports.%20View%20my%20%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fblogs%2Fblogworkflowpage%2Fblog-id%2FAzurePurviewBlog%2Farticle-id%2F28%22%20target%3D%22_self%22%3Epast%20blog%20post%3C%2FA%3E%20to%20read%20more%20about%20setting%20up%20and%20exploring%20assets%20by%20Sensitivity%20Labels%20in%20Azure%20Purview.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3EPurview%20Data%20Curator%3C%2FSTRONG%3E%20%2B%20%3CSTRONG%3EData%20Source%20Administrator%3C%2FSTRONG%3E%20or%20%3CSTRONG%3EPurview%20Data%20Reader%20%2B%20Data%20Source%20Administrator%3C%2FSTRONG%3E%20roles%20can%20be%20used%20to%20scan%20data%20in%20Azure%20Purview.%20To%20search%20assets%20and%20view%20reports%2C%20you%20can%20use%20at%20least%20%3CSTRONG%3EPurview%20Data%20Reader%3C%2FSTRONG%3E%20role.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CFONT%20size%3D%224%22%3E%3CSTRONG%3ESummary%20and%20Call%20to%20Action%3C%2FSTRONG%3E%3C%2FFONT%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EThrough%20close%20integration%20with%20Microsoft%20Information%20Protection%20offered%20in%20Microsoft%20365%20Azure%20Purview%20enables%20direct%20ways%20to%20extend%20visibility%20into%20your%20data%20estate%2C%20and%20classify%20and%20label%20your%20data.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EWe%20would%20love%20you%20hear%20your%20feedback%20and%20know%20how%20Azure%20Purview%20helped%20tracking%20your%20sensitive%20data%20estate%20using%20automatic%20labeling.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3COL%3E%0A%3CLI%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Fpurview%2Fcreate-catalog-portal%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3ECreate%20an%20Azure%20Purview%20account%20now%3C%2FA%3E%20and%20extend%20your%20M365%20Sensitivity%20Labels%20across%20your%20files%20and%20database%20columns%20in%20Azure%20Purview.%3C%2FLI%3E%0A%3CLI%3EUse%20Sensitivity%20Labels%20Insights%20to%20get%20a%20bird%E2%80%99s%20eye%20view%20of%20your%20data%20estate%20by%20the%20sensitivity%20labels.%3C%2FLI%3E%0A%3CLI%3ELearn%20more%20about%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Fpurview%2Fcreate-sensitivity-label%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3EAzure%20Purview%20Autolabeling%3C%2FA%3E%20and%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Fpurview%2Fsensitivity-insights%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3ESensitivity%20Label%20Insights%3C%2FA%3E.%3C%2FLI%3E%0A%3CLI%3EProvide%20your%20%3CA%20href%3D%22https%3A%2F%2Ffeedback.azure.com%2Fforums%2F932437-azure-purview%22%20target%3D%22_blank%22%20rel%3D%22noopener%20nofollow%20noreferrer%22%3Efeedback%3C%2FA%3E.%3C%2FLI%3E%0A%3C%2FOL%3E%3C%2FLINGO-BODY%3E%3CLINGO-TEASER%20id%3D%22lingo-teaser-2262722%22%20slang%3D%22en-US%22%3E%3CP%3E%3CSPAN%3ELearn%20about%20roles%20in%20Azure%20and%20M365%20to%20extend%20your%20Sensitivity%20Labels%20to%20Azure%20Purview!%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-TEASER%3E%3CLINGO-LABS%20id%3D%22lingo-labs-2262722%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAzure%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EAzure%20Purview%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3Edata%20catalog%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EData%20Governance%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
Version history
Last update:
‎Apr 22 2021 12:43 PM
Updated by: