microsoft purview
32 TopicsConfiguring Purview policy to email user's Leader for approval, using external HR Database
Hello, Wondering if anybody could confirm within Microsoft Purview if it is possible to: Have a DLP Policy configured with a Policy Tip Override and have it configured so if the email for example is blocked it sends a Notification to the users 'Leader' to either Accept or Deny it. If Accepted by the user's Leader, the content is released. In the same configuration have Purview user a Data Connector to say a SAP database that the HR Department uses or any type of external database to automatically determine the users leader??? If so, any Microsoft articles and or videos???? Also want this compatibility to also be used for any type of Policy for say a SIT, Sensitivity Label, Trainable Classifier etc. etc. Thank you kindly, J11Views1like0CommentsMicrosoft Purview - Structured Database Management, Governance, Security and Protection
Since Microsoft Purview is a Data Governance and Data Security platform, I need to integrate Microsoft Purview with both structured and non-structured databases hosted in the public cloud and on-premises. The goal is to leverage Microsoft Purview to manage user roles and permissions, enforce data loss prevention policies and rules (e.g., statement-based rules), mask specific columns to restrict certain users from viewing actual data, implement field-level encryption for database fields, and, most importantly, ensure data quality and integrity by preventing unauthorized direct modifications. I am uncertain about the current capabilities of Microsoft Purview to meet the mentioned requirements. I believe that some features may already be available, while others might not be supported yet.24Views0likes1CommentLegal Hold Communication Acknowledgment links broken by Welcome pop-up
The acknowledgment link generated by Microsoft in a legal hold communication typically takes users to a Purview page with the message "Thank you! Your acknowledgment has been recorded." But now, the ever-present"Welcome to the new Microsoft Purview portal!" pop-up displays, regardless of the user's permissions, and there's no way to close it or bypass it to reach that "Thank you" page. The "Thank you" page loads in the background, but it's partially obscured by the "Welcome" message. Can we please do something to either get rid of this welcome message or disassociate it from these legal hold acknowledgment links?Solved93Views0likes2CommentsPurview DLP Override Email Notification for Admins
We know that our admins can go into the alerts in Purview and see if a user has chosen to override a DLP policy, but is there a way to set up email notification to individuals when a user clicks Override in the policy tip and chooses to override the block? So, in the attached "Override window.png" file, once they click the Override button, security admins are alerted via email immediately?222Views0likes2CommentsDLP policy tips differ between Outlook desktop and OWA
Is it expected behavior that the policy tips we get in an Outlook desktop message are different than the policy tips we get in an Outlook web message? We have a DLP policy set up for SSNs, targeting the Exchange location right now, and policy tips are enabled. I've attached images, but in Outlook desktop, we get two lines in the policy tip and in Outlook web we get four lines in the policy tip. Please advise. Is this expected or is something wonky?104Views0likes0CommentsFind emails with attachments over 1 year old and remove those attachments for governance purposes
Hi All, I have a somewhat unusual requirement and would appreciate any help. I need to find emails with attachments that are over 1 year old and automatically remove the attachments from those emails. I was wondering if there is a way to achieve this using Microsoft Purview or any other Microsoft feature. At the very least, if there is a way to identify emails with attachments that are over 1 year old, that would be helpful. Thanks in advance, Dilan155Views0likes0CommentsPurview Activity Explorer - Logs on recommendation to apply Labels
Hi all, for purposes linked to generate statistics, I have the need to monitor how users exploit the feature that recommends them the application of a specific label in Office Apps (this feature is configured in the specific Sensitivity Label with the "Auto-labeling for files and emails" and recommending users to apply that label). I tried look at the logs generated and appearing in the Activity Explorer. In order to monitor what mentioned above, I used the following logic: Filter only on the "Activity" field for "Sensitivity label recommended for file" value (this to monitor instances in which the label has been recommended to users) Filter only on the "How applied" field for "Recommended" value (this to monitor instances in which users actually accepted the recommendation provided to them) then: are the filtering conditions above enough and adequate for the purposes above? are there any other filtering criteria that I should take into account in this regard? Thank you in advance!😊164Views0likes0CommentsAzure Purview Self-Service Access policy not working.
Using this official Purview document, we created a Workflow for self-service data access policy. When a consumer submits a request for a Read access to a data asset, it successfully sends the request to the data owner of the asset. Data Owner approves the request, and after approval, a policy gets successfully auto generated. But the consumer still does not have Read access to the data asset via Azure Portal or Azure Storage Explorer. According to following official documentations and a video from Purview teams, the consumer should have a Read access to the data asset. Question: What we may have been missing and how the issue can be resolved? Remarks: We have verified all the prerequisites described in the above link, as follows: Ran the short PowerShell script: # Install the Az module Install-Module -Name Az -Scope CurrentUser -Repository PSGallery -Force # Login into the subscription Connect-AzAccount -Subscription <SubscriptionID> # Register the feature Register-AzProviderFeature -FeatureName AllowPurviewPolicyEnforcement -ProviderNamespace Microsoft.Storage Data Asset: ADLSGen2 Storage Account [This was created after the above script run] Purview Collection: Collection1 (subcollection of root collection) Data Owner roles on the storage account:IAM Owner, Storage Blob Data Contributor Data Owner roles onCollection1:Data Curator, Data Reader Consumer role on Collection1: Reader A screenshot of the policy auto-generated after an approval from data owner: Ref: Microsoft Purview Self-service data discovery and access Self-service access workflows for hybrid data estates Enable data policy enforcement on your Microsoft Purview sources Short video: Microsoft Purview data owner provisioning with Azure Storage572Views1like1CommentUpload to a restricted cloud service domain or access from an unallowed browser
-The action in DLP rules "Upload to a restricted cloud service domain or access from an unallowed browser" does not seem to be working as expected. -Currently a number of policies are meant to detect certain sensitivity labels as well as certain information types and among the actions taken to restrict data/files being shared, Is the action named above. -The activity explorer shows the policy match but the enforcement action is always audit instead of block(which is specified in the policy) -Service domains and domain groups are added with an action of block in DLP settings. -Unallowed browser also specified. What could be the issue here? Any Ideas?543Views0likes3Comments