Microsoft Purview provides several solutions and features that complement each other. For new-to-Purview administrators, it can be overwhelming to know where to start. Existing administrators may also be less familiar with how additional Purview features could enhance their data security posture.
For example, Data Loss Prevention (DLP) administrators can benefit from features in Microsoft Information Protection (MIP) and Insider Risk Management (IRM) but may never explore them as they can be seen as ‘another solution’.
To address this and accelerate how you can augment your data security posture, the Purview engineering team is releasing a new content series available on Microsoft Learn: “Notes from engineering”.
As the series evolves, it will include different types of content:
Let’s introduce the first published Purview deployment model: Secure by default with Microsoft Purview and address oversharing.
Secure by default with Microsoft Purview and address oversharing
Microsoft Purview sensitivity labeling provides an efficient and robust capability to protect data. This protection is centered around encrypting your data and preventing oversharing. Labels can then be used as conditions in other solutions such as Microsoft Purview Data Loss Prevention (DLP) and Microsoft Purview Insider Risk Management.
The traditional 'crawl-walk-run' approach is often challenging or slow to adopt due to:
In the detailed guide, we provide a deployment model focusing on a different approach. We show how to:
Traditionally, we train users on when to label and/or attempt to auto-label what is required to be protected. With this approach, default apply protection, and we train users on how to manage exceptions, such as sharing externally.
When you derive Teams and SharePoint site labeling to file labels, you can reach high labeling volumes with limited end-user interactions. This will also achieve a measured approach that helps overcome traditional challenges.
To achieve this, the detailed guide provides a list of recommended labels that fit most organizations and maximize the potential of Microsoft Information Protection (MIP), and the list of activities to achieve this with the following blueprint:
At a high level, this guidance will:
This guidance can also be used to secure your environment for internal oversharing, accelerating how organizations are comfortable with enterprise search and Microsoft 365 Copilot. Copilot responses will also inherit from the highest priority sensitivity label.
To learn more:
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.