By following this roadmap, organisations can progressively enhance their data governance capabilities, starting with essential services and expanding to advanced capabilities for comprehensive data protection and compliance.
Purview Essentials (M365 BP)
Objective: Establish a solid foundation with core services to address immediate data governance and compliance needs.
Categories and Features:
- Data Classification
- Data Discovery: Implement Purview Data Catalog to enable data discovery and classification across the organisation. This feature helps identify and organise data assets.
- Sensitive Info Types: Use built-in and custom Sensitive Info Types to automate the classification of sensitive data, ensuring compliance and enhancing data security.
- Data Discovery: Implement Purview Data Catalog to enable data discovery and classification across the organisation. This feature helps identify and organise data assets.
- Info Protection
- Sensitivity/Retention Labels: Deploy Microsoft Information Protection to apply sensitivity and retention labels, ensuring that sensitive data is appropriately labelled and retained according to compliance requirements.
- Data/Records LCM (Lifecycle Management): Implement data and records lifecycle management to automate data retention and disposal according to policies.
- Email Encryption: Implement email encryption to protect sensitive information shared through emails and ensure secure communication within and outside the organisation.
- Sensitivity/Retention Labels: Deploy Microsoft Information Protection to apply sensitivity and retention labels, ensuring that sensitive data is appropriately labelled and retained according to compliance requirements.
- DLP (Data Loss Prevention)
- Policy Design: Create and enforce DLP policies to prevent accidental sharing or leakage of sensitive information.
Purview Enhanced (E5 IP&G Add-On for M365 BP)
Objective: Expand data governance capabilities with advanced tools and integrations for better control and insights.
Categories and Features:
- Data Classification+
- Exact Data Match: Implement Exact Data Match (EDM) to improve the accuracy of data classification, especially for structured data.
- Trainable Classifiers: Develop and train custom classifiers to enhance data classification tailored to specific organisational needs.
- Doc Fingerprinting: Use document fingerprinting to identify and protect sensitive documents based on their content.
- Exact Data Match: Implement Exact Data Match (EDM) to improve the accuracy of data classification, especially for structured data.
- Info Protection+
- Automatic Labelling: Configure automatic labelling to classify and protect data without manual intervention, reducing the risk of human error.
- Advanced EE (Encryption Enhancements): Use advanced encryption enhancements to ensure robust protection of sensitive data.
- Automatic Labelling: Configure automatic labelling to classify and protect data without manual intervention, reducing the risk of human error.
- SaaS Security
- Microsoft Defender for Cloud Apps: Deploy Microsoft Defender for Cloud Apps to secure SaaS applications and provide visibility and control over cloud app usage.
Purview Advanced (M365 E5 and Beyond)
Objective: Integrate advanced premium services and broader ecosystem tools for comprehensive data governance and compliance.
Categories and Features:
- Data Security
- Privileged Access Management: Implement Privileged Access Management to control and monitor privileged access to critical data and systems.
- Information Barriers: Set up information barriers to prevent unauthorised communication and data sharing between different segments of the organisation.
- Privileged Access Management: Implement Privileged Access Management to control and monitor privileged access to critical data and systems.
- Risk & Compliance
- Comm Compliance (Communication Compliance): Use communication compliance tools to monitor and manage communication risks within the organisation.
- Compliance Manager: Deploy Compliance Manager to streamline compliance management and ensure adherence to regulatory requirements.
- Endpoint DLP: Extend DLP policies to endpoint devices to ensure comprehensive data loss prevention across all user devices.
- Insider Risk Management: Configure insider risk management to detect and mitigate risks posed by insider threats.
- Comm Compliance (Communication Compliance): Use communication compliance tools to monitor and manage communication risks within the organisation.
- Next Steps
- Microsoft Priva: Integrate Microsoft Priva for advanced privacy management and compliance with data protection regulations.
- AI and Analytics: Leverage AI and analytics tools for deeper insights into data usage and governance, enhancing decision-making and proactive risk management.
- Microsoft Priva: Integrate Microsoft Priva for advanced privacy management and compliance with data protection regulations.
M365 Senpai 