When compared to many of the Cloud providers, Microsoft is for sure making leaps and bounds in the areas of data privacy. Probably one of the best advancements it has made for the latter is in the CMMC, creating new tools for the Defense Industrial Base (DIB). But they are also making privacy and compliance tools for the private sector, especially that of the SMB (Small and Medium Businesses).
In this article, we take a closer look at such a tool, called “Purview”.
What It Is All About
In s nutshell, Purview can be considered as a unified governance system that allows you to manage all of your datasets whether they are in the Cloud, On Prem, or even in a Hybrid like environment, where part of your IT/Network infrastructure is in a Private Cloud, and the other is at the physical site of your business. You can get all of this from one unified view, with the following functionalities:
- You can get a bird’s eye view of all of your datasets, as well as a version of history of how the data was collected and used. You can even utilize the mapping function to see the location of where all of your database servers are located. The advantage of this is that if you are ever asked about the location of your datasets by a regulator and/or auditor, you will be able to answer them in a matter of minutes.
- Your data specialists can manage your datasets on a real time basis, following the principles of Least Privilege and Privileged Access Management (PAM).
- It allows your customers to view their own data sets, with of course the right access being granted (most likely this will just be read level permissions).
All of this can be seen in the illustration below:
(SOURCE: 1).
The Functionalities of Microsoft Purview
The following are also available in Purview:
1. The Data Map:
As mentioned earlier, this gives you access to all of your data sets from one dashboard. This includes the following:
*You can capture the data about your datasets (which is technically known as the “Metadata”);
*The Data Map is updated on a real time basis, even as more data is being ingested into your VMs and VDs;
*Owners of datasets (such as your customers and employees) can custom create their own views in order to see what they want about their PII.
More information about the Data Map can be seen here.
2. The Data Catalog:
*With this particular functionality, you can categorize and classify data into various formats, but which are also compatible with the data privacy laws.
*You can create a glossary or even a dictionary about your datasets, which also allows for tagging.
*Also, a detailed version history is kept of the datasets, from when it was first input into your systems to what happened to it most recently. Through the custom configuration of the views, data owners can see as much or as little information as they desire to.
More information about the Data Catalog can be seen here.
3. The Data Estate Insights:
This tool has been designed specifically for the Chief Data Officers, and the other Data Stewards that help to manage the datasets. From here, these individuals will be able to keep a closer eye on malicious behavior that is happening to the PII information and data, and make sure that holes or vulnerabilities found in them are quickly remediated. In a way, these specialists can also serve as a back up to the already burdened IT Security teams.
More information about the Data Estate Insights can be seen here.
4. The Data Sharing:
The sharing of PII datasets and other pieces of confidential information has always been a huge security risk for companies. But given the digital world that we live in today, sharing this has almost become a must. Therefore, Purview has functionalities that are embedded from within it allow for the safe and encrypted transfer from one party to another. This tool also allows you to centrally manage all of your datasets, and immediately terminate any sharing rights if anomalous behavior is detected.
More information about the Data Sharing can be seen here.
Conclusions
Keep in mind that using Purview is done on a consumption basis, meaning you only pay for what you use. There are no monthly subscriptions known at the present time.
If you have questions or need any help, please contact us.
Sources
- https://docs.microsoft.com/en-us/azure/purview/overview
