Before we start, please note that if you want to see a table of contents for all the sections of this blog, you can locate them at the following URL:
Microsoft Purview and Modern Work (Part 1) - Overview
This document is not meant to replace any official documentation, including those found at docs.microsoft.com. Those documents are continually updated and maintained by Microsoft Corporation. If there is a discrepancy between this document and what you find in the Compliance User Interface (UI) or inside of a reference in docs.microsoft.com, you should always defer to that official documentation and contact your Microsoft Account team as needed. Links to the docs.microsoft.com data will be referenced both in the document steps as well as in the appendix.
All of the following steps should be done with test data, and where possible, testing should be performed in a test environment. Testing should never be performed against production data.
The Information Life Cycle Management section of this blog series is aimed at Security and Compliance and Modern Work officers who need to properly label data, encrypt it where needed.
This blog and document are meant to help an IT administrator who is looking to secure their data throughout the lifecycle of the data.
It is presumed that you already have a basic understanding of the Purview tools and the Modern Work tools (including Exchange, Teams, SharePoint and OneDrive).
This document does not cover configuring any of the below, ie. Holding your hand through the process of configuration”, as that is covered via other blogs, official Microsoft documents, or through the aid of Microsoft implementation teams or Microsoft partners:
After each section of this blog, I will make a note of which of the 3 parts of the CIA Triad that Microsoft tool will help you meet. Here are a few examples.
Example #1 –
CIA component – Integrity & Availability
Example #2 –
CIA component – Confidentiality & Availability
Example #3 –
CIA component – Integrity
For this part of the blog, I have broken down the Purview workloads, mapped them to the SharePoint File/Site activity, and then mapped those to the corresponding stage of the Information Lifecycle.
Here is the high-level view of this mapping.
Please note I’ve added a new stage to the Information Lifecycle and called it Pre-data creation. This was done to help show that Microsoft Auditing is always enabled within your Microsoft tenant.
After each Purview workload, you will find a CIA triad “indicator” to show which part of the triad Purview is supported. In addition, you will also find assorted links to assorted Microsoft documents or blog postings that can help you enable that functionality in your environment, presuming you are appropriately licensed.
Pre-data Creation
Microsoft Purview Audit (Premium) - Microsoft Purview (compliance) | Microsoft Learn
CIA component – Confidentiality & Integrity
Create (data)
Microsoft Purview Audit (Premium) - Microsoft Purview (compliance) | Microsoft Learn
CIA component – Confidentiality & Integrity
Learn about sensitivity labels - Microsoft Purview (compliance) | Microsoft Learn
CIA component – Confidentiality & Integrity
Microsoft Purview - Paint By Numbers Series (Part 4) - Records Management - Microsoft Community Hub
CIA component – Integrity
Use & Retain (data)
Microsoft Purview Audit (Premium) - Microsoft Purview (compliance) | Microsoft Learn
CIA component – Confidentiality & Integrity
Learn about data loss prevention - Microsoft Purview (compliance) | Microsoft Learn
CIA component – Confidentiality &Integrity
Learn about sensitivity labels - Microsoft Purview (compliance) | Microsoft Learn
CIA component – Confidentiality & Integrity
Microsoft Purview - Paint By Numbers Series (Part 4) - Records Management - Microsoft Community Hub
CIA component – Integrity
Learn about insider risk management - Microsoft Purview (compliance) | Microsoft Learn
CIA component – Confidentiality
Microsoft Purview eDiscovery solutions - Microsoft Purview (compliance) | Microsoft Learn
Microsoft Purview - Paint By Numbers Series (Part 5) - Advanced eDiscovery - Microsoft Community Hub
CIA component – Integrity
Destroy (data)
Microsoft Purview Audit (Premium) - Microsoft Purview (compliance) | Microsoft Learn
CIA component – Confidentiality & Integrity
Learn about insider risk management - Microsoft Purview (compliance) | Microsoft Learn
CIA component – Confidentiality
Microsoft Purview - Paint By Numbers Series (Part 4) - Records Management - Microsoft Community Hub
CIA component – Integrity
We will now move to look at OneDrive and specific Purview workloads that can be mapped to data within that platform.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.