Blog Post

Security, Compliance, and Identity Blog
5 MIN READ

Protect your entire data estate with Microsoft Purview

Daniel_Hidalgo's avatar
Nov 15, 2023

In today’s world, data is generated at an unprecedented pace. It exists in unstructured formats like emails and documents as well as structured forms like spreadsheets, often stored in relational databases. This sheer volume makes it challenging to keep track of where sensitive data resides. Additionally, data is spread across cloud environments, on-premises servers, and a vast array of employee devices. Considering that over 80% of data within an organization is dark. In our most recent data security index report, we found that:

  • Although most decision makers agree comprehensive integrated solutions are more effective, organizations continue using an average of over 10 solutions1 to secure their data estate.
  • Having more tools doesn’t mean greater data security, in fact – it’s the opposite. Organizations experience an average of 59 security incidents per year, leading to costly impacts.
  • 83% of CISOs believe that managing cross cloud complexities and risks was their biggest pain point.

At Microsoft, we believe that data security is not an afterthought, it is table-stakes. As we unveiled earlier this year, Microsoft is committed to expanding the sphere of protection across the entire data estate. Since that announcement, our teams have been working hard to help customers secure their data wherever it lives. Today, we are excited to share some of the next steps in that journey. In this blog, we will unpack how we are enabling customers to:

  1. Gain visibility across their entire data estate
  2. Secure structured and unstructured data
  3. Detect risks across clouds and apps

Gain visibility across the data estate

Today, customers face a major challenge trying to secure their data landscape. Companies must stitch together a patchwork of solutions to protect their data estate, paying a high integration tax. You can’t protect what you can’t see, and Microsoft Purview is making it easier to gain visibility across your data from one unified platform. The new experience allows you to connect to various data sources, including Microsoft Fabric, Azure, AWS, and other cloud environments. It offers a single data scanning and classification engine providing consistent labeling and access controls across different data sources. Once data has been scanned and classified, you can gain valuable insights around the risks pertaining to your sensitive data, which will help you build a stronger data security strategy. Having both a wide aperture into where the data resides as well as an ability to zoom into the file itself is a game-changer.

Figure 1: Unified platform with data classification, labeling, and protection.

Secure your structured and unstructured data.

Another big pain point for organizations is the discrepancy in the protections across structured and unstructured data types. As the datasphere expands, this weakness becomes even more apparent. The protection mechanisms are usually not the same when data moves from one system to another or adapts to fit another system. This may occur because the source system has different enforcement policies that do not align with the ones used at the destination. You may be familiar with sensitivity labels in Microsoft 365 data like word documents or e-mails, and we are excited to announce that you will be able to extend these policies across structured data types, including Azure SQL, Azure Data Lake Storage, and Amazon S3 buckets.

 

For example, you can create label-based protection policies that specify which data sources, databases, or storage buckets are in scope, and which users or groups are allowed to access data with a certain sensitivity label. Microsoft Purview will automatically enforce the policy and block unauthorized access to sensitive data, regardless of the data format or location. This way, if a user who is not in that group tries to access a table or a file that contains Confidential data, they will be blocked. Once the user adjusts their query to include only non-sensitive data, they will be allowed to access it. We are expanding access controls so you can make sure that your data is secure as it transfers from one system to another, allowing for end-to-end protection.

 

Figure 2: Admin experience for extending labeling and protection across SQL, ADLS, and Amazon S3

Check out our most recent Microsoft Mechanics video on how we are helping secure data across the digital estate!

 

 

Detect risks across clouds and apps.

It’s not enough to know your data and classify it accordingly.  People move and interact with data, and insider risks often come from trusted users who have access to sensitive data and may intentionally or unintentionally end up doing risky activities. These often lead to potential data security incidents, such as data exfiltration, data leakage, or data sabotage. As users within organizations utilize multiple applications and cloud services in their day-to-day work, security teams must comprehend the risks associated with these user activities that may lead to potential data security incidents.

 

Microsoft Purview has enhanced its Insider Risk Management solution to seamlessly digest, process, and correlate events from cloud sources including Azure, AWS, Box, Dropbox, Google Drive, and GitHub, providing ready-to-use indicators to identify potential data theft and data leak activities that may lead to potential data security incidents across digital estates. These indicators are available in the data theft and data leak policy templates once admins with appropriate permissions opt in the use of these indicators.

 

For example, you can get an alert if a user escalates their privileges to manage all subscriptions in Azure, then makes critical files from Azure storage publicly accessible by changing the network access settings of storage accounts and blobs. All of these insights are consolidated into a single alert, enabling analysts to expedite the review and response process. You can also get alerts for similar activities in other cloud applications, such as AWS, Box, Dropbox, Google Drive, and GitHub.

 

Figure 3: Expanding Insider Risk signals to AWS and other SaaS sources (GitHub, GDrive, Box, and DropBox)

Resources and more

These capabilities are all in early access, please fill out this form to join our Customer Connection Program! We are just beginning our journey to secure your data wherever it lives and travels. Throughout the following months, we will continue adding more environments and capabilities across our solution stack. If you want to learn more about Purview and how it can help you secure and govern your data estate, check out our resources below and stay tuned for more in the following months!

  • Download Microsoft Data Security Index report to learn more about the trends and best practices for an effective data security program.
  • See how data security solutions in Microsoft Purview, including Insider Risk Management, are designed to help detect and respond to a corporate espionage incident

 

[1] The Unseen Data Conundrum

[2] Data Security Index Report

Updated Nov 27, 2023
Version 3.0
No CommentsBe the first to comment