How Microsoft Purview Simplifies and Secures Your Organization's Data
By David Barter, GreenPages Microsoft Technologies Practice Lead
Managing disparate data sources is a challenge for today’s hybrid workforces. But Microsoft Purview can simplify your data security, governance, and compliance.
I have been a consultant in the IT industry for almost 30 years. Blogs are not my thing. But Microsoft technology? Sure, that is my thing. One technology that’s come up in conversations more often with midsized enterprises is called Microsoft Purview. At its core, Microsoft Purview is a unified suite of cloud-based tools for corporate data governance. Many of the curious IT executives and business decision makers I’ve consulted for recently hear that and ask: “OK, but what exactly does a Microsoft Purview solution do for my company?” To answer this, I focus on Microsoft Purview’s capabilities around data mapping, compliance, and awareness.
The key to unlocking the value of Microsoft Purview at your company comes down to how you answer the question: “Do you have a lot of disparate data and do you know exactly where it all is?“
Defining Disparate Data
What does it mean to have disparate data in an organization? Disparate data is made up of multiple data sources that are unalike and are distinctly different. Disparate datasets are heterogeneous in nature and unable to be integrated with one another in their current state. These disparate datasets are difficult to work with, making it a pain for the people in the organization that collect data to provide any useful and holistic insights about the business.
So, think of data from HRIS systems, EMR systems, ERP systems, and the siloed applications with homespun databases on legacy platforms. You know the ones I’m talking about. The ones that IT looks at and says: “Leave it alone, if it is not broken, we are not touching it.” Each of these platforms, with few exceptions, tend to be siloed in their data—some of it’s likely on-prem, some in a collocated datacenter, some of it may even be in the cloud. Integrating the disparate data from each of these siloed platforms into large data models requires middleware, money, and a lot of labor. Some of the more modern cloud-based solutions obviously are more receptive to integration and data co-joining, but even then, customers tend to keep disparate data sources separated. The adage from our CEO at GreenPages, Ron Dupler, is that fear, uncertainty, and doubt are often the dominant factors when deciding how companies approach data consolidation.
Data, Data, Everywhere
The problem with disparate data in various silos is that data is everywhere—and people are sick of it. The need for IT to enable hybrid workforces and remote collaboration in 2020 didn’t help. Every C-suite executive at your company wants integrations and reports, a magic dashboard that shows the health of the company at a glance. Analysts want to “drill down” and see each data bit and byte. Board members want slick graphs and easy-to-digest narratives on how their investment is being handled. And your IT and cybersecurity teams are at odds over all of it. The CIO or CTO struggles to know where all the data is. Your company’s CISO is pushing for limited data sharing, heavy identity management, and even heavier data leak protections. But the IT team can’t make those magic dashboards, slick graphs, and detailed drill downs if every dataset is too locked down. All of this gets even more difficult when you add the regulatory compliance for data required for government/SLED and financial services customers.
Microsoft Purview is designed to solve these very real problems. Microsoft Purview enables organizations to have true “unified data governance,” three words that can create confidence or abject terror for IT teams. Microsoft brings together multiple tools in the Purview solution to provide holistic insight into an organization’s disparate data sources; governance over how the data is modeled, managed (very important for compliance regulations in SLED and finance), and secured; and finally, visualization to the consumers of the data.
What Are the Key Components of Microsoft Purview?
Microsoft has taken four different tools and brought them under one banner, Purview. At a high level, Microsoft Purview consists of the following:
- Microsoft Purview Data Map
- Microsoft Purview Data Catalog
- Microsoft Purview Data Estate Insights
- Microsoft Purview Data Policy and Sharing
What Is the Microsoft Purview Data Map?
Simply put, the Purview Data Map is the tool to collect, collate, and manage the data from disparate resources or data sources. Data analysts use the Microsoft Purview Data Map to help:
- Automate and manage metadata from hybrid sources.
- Classify data using built-in and custom classifiers and Microsoft Information Protection sensitivity labels.
- Label sensitive data consistently across SQL Server, Azure, Microsoft 365, and Power BI.
- Easily integrate all your data catalogs and systems using Apache Atlas APIs.
The Microsoft Purview Data Map can also apply global sensitivity labels to that data as long as it’s in the Microsoft products listed above. Because it uses an industry-standard API for integrating that data, you can think of this tool as “the bone collector.”
What is the Microsoft Purview Data Catalog?
If the Purview Data Map is the bone collector for your disparate data, think of the Microsoft Purview Data Catalog as “data management speed dating.” The toolset builds a catalog (called a Data Dictionary) that keeps the end user from needing to manage it via Microsoft Excel spreadsheets. Consider it the middleware for data scientists, analysts, and data junkies in your corporation or SLED organization.
Years ago, IT teams would build help data models, data lakes, or combine data sources by giving the data consumers direct access to the disparate data sources. Due to the evolving needs for corporate data security and regulatory compliance, IT teams have been counseled to build middleware data repositories, often in Microsoft SQL or SQL-style databases. This presents a layer of protection between the data consumers and the source data. Microsoft Purview Data Catalog simplifies building that layer of protection and stores it in Microsoft Azure. By centralizing the Data Catalog in a secure cloud environment, the consumers of the data have access to their “single source of truth,” the security teams are happy that the source data is protected, and IT can manage all of it efficiently using the Microsoft tools with which they’re already familiar.
What Is the Microsoft Purview Data Insights Tool?
Speaking of efficient, familiar tools, Microsoft Purview Data Insights is the IT team’s tool to watch the data and the health of both the source and the Data Catalog. Microsoft Purview Data Insights presents this information in dashboard style and in near real-time on a global scale:
What Is Microsoft Purview Data Policy and Sharing?
Once a Data Map and Data Catalog are established for an organization, the consumers of the data must be given secure access to only the data they need—and share that data only with those authorized to view it. In the past, this has been a bit of a manual process, often relying on Active Directory or database access controls. But Microsoft Purview moves the data into a secure cloud environment with “single pane of glass” visibility and administration. Microsoft Purview Data Policy and Sharing enables IT managers to simplify and centralize the secure access of disparate data to users using policy schemas.
Any IT manager or security professional familiar with policy requirements in Microsoft Azure, Microsoft 365, and Power Platform will see similarities with the Purview Data Policy. When a policy is published to one or more data systems under Purview’s governance, it’s then enforced by that activity and policy statement. A policy definition includes a policy name, description, and a list of one or more policy statements. Based on the Purview Data Policy, a user can access and share only the data for which they have authorization—and the options for access are very granular. eaking of efficient, familiar tools, Microsoft Purview Data Insights is the IT team’s tool to watch the d
Sharing Data Securely from a Single Source of Truth
Up until now, companies and departments have shared data with internal teams or external partners by generating data feeds requiring investment in data copy and refresh pipelines. This is heavy and cumbersome and often difficult to secure, often resulting in higher cost for data storage and movement, data proliferation (that is, multiple copies of data), and delay in access to time-sensitive data.
With Microsoft Purview Data Sharing, IT departments or data managers or data consumers (based on the data access policy discussed above) can now share data in-place from specific areas that are built for this, like Azure Data Lake Storage Gen2 and Azure Storage accounts, both within and across organizations. Microsoft Purview Data Sharing allows data consumers to have near real-time access to shared data. Storage data access and transactions are charged to the data consumers based on what they use, and at no more cost to the data providers.
What’s the catch? Well, the cost. Every advantage of Microsoft Purview I’ve described in this blog post depends on the Microsoft Azure cloud platform. Depending on your organization’s need for near real-time speed to access the data, there will be a need to map an Azure solution to match your service level expectations. Storage costs in Azure can add up. The more unique data models you have, and the more datasets you integrate into this middleware, the more storage you need. If you plan to archive data offline but “rehydrate” the data to meet recovery time objectives (RTO) using less expensive storage accounts in Azure, it still incurs a cost. A strategy is needed to ensure your Microsoft Purview solution is set up to match your desired business outcomes.
GreenPages Helps You Get Control of Your Data with Microsoft Purview
A robust data governance strategy with built-in security is crucial in today’s data-driven economy. We’re all trying to do more with less, and simplifying and centralizing data management can help make quick, strategic decisions in a competitive market. Microsoft Purview solutions can keep your disparate datasets secure, accurate, and accessible—all while maintaining regulatory compliance for private and public organizations. But jumping into this without business requirements and a limited understanding of the rewards-versus-costs of deploying Microsoft Purview can be a costly mistake for your organization.
Well-planned and executed implementations of data modeling and middleware sourcing tools like Microsoft Purview will move your organization into the future. If you would like to know more about this platform, please reach out to GreenPages , as we would be happy to assist in your journey. For organizations in SLED and the finance industry, our specialists have the expertise to architect a Purview solution for maintaining data compliance requirements.