Microsoft Purview Overview - AZ-900 Certification Course - August 2023 New

John Savill's Technical Training
21 Aug 202310:46

Summary

TLDRThis lesson delves into Microsoft Purview, a data governance tool evolved from Azure Purview and Microsoft 365 compliance solutions. It offers a comprehensive view of an organization's data estate across various platforms like Microsoft 365, Azure, AWS, and on-premises. Key features include data classification, sensitivity labeling, data lineage, and a unified data catalog. Microsoft Purview also facilitates data sharing without duplication and provides estate insights for governance stakeholders, all aimed at enhancing data governance and minimizing exposure risks.

Takeaways

  • 📚 Microsoft Purview is an evolution of Azure Purview and Microsoft 365 compliance solutions, designed to manage and govern an organization's entire data estate.
  • 🌐 It provides a unified view of data across various platforms including Microsoft 365, Azure, Amazon Web Services, and other cloud and on-premises solutions.
  • 🔍 The core functionality of Microsoft Purview is to discover, classify, and understand the organization's data, including its location and sensitivity.
  • 🔏 A critical goal is to prevent data exposure by identifying sensitive data and applying appropriate actions such as labeling and data leakage prevention.
  • 🆓 There are two versions of Microsoft Purview: a free version with limited capabilities and an Enterprise version that offers a comprehensive set of features.
  • 🔍 The free version primarily offers a data catalog with limited support for Azure services, while the Enterprise version includes advanced features like data sharing and estate insights.
  • 📊 Microsoft Purview can scan data in place without the need to import or move data, simplifying the process of data governance.
  • 🏷️ It includes over 200 built-in classifications and allows for custom classifications to identify and label sensitive information like Social Security numbers or credit card details.
  • 🔗 Data lineage is a feature that provides a historical view of data transformations and movements, offering insights into data usage and storage.
  • 🤝 Data sharing in preview allows for secure sharing of data with external organizations without data replication, maintaining data governance boundaries.
  • 📊 Estate insights provide high-level governance stakeholders with actionable compliance information and analytics across the entire data estate.

Q & A

  • What is the primary purpose of Microsoft Purview?

    -Microsoft Purview is designed to help organizations understand and manage their entire data estate by identifying where data is, classifying it, and applying appropriate actions to prevent data exposure.

  • What are the two versions of Microsoft Purview mentioned in the transcript?

    -There are two versions of Microsoft Purview: a free version and an Enterprise version, each offering different sets of capabilities.

  • What is the difference between the free and Enterprise versions of Microsoft Purview?

    -The free version of Microsoft Purview offers limited capabilities, including a data catalog and basic data sharing in preview. The Enterprise version, however, provides access to all applications and a broader range of functionalities.

  • How does Microsoft Purview support data from various sources?

    -Microsoft Purview supports a vast array of data sources, including Microsoft 365, Azure services, Amazon Web Services, Power BI, and on-premises solutions, among others.

  • What is the significance of the data map feature in Microsoft Purview?

    -The data map feature in Microsoft Purview allows for scanning data in place without the need to import or move data, providing a comprehensive view of the data estate.

  • What are some of the built-in capabilities of Microsoft Purview?

    -Microsoft Purview offers capabilities such as data classification, sensitivity labeling, data lineage, and data sharing, which help in understanding, governing, and acting on data across the organization.

  • How does Microsoft Purview help in avoiding data exposure?

    -Microsoft Purview helps avoid data exposure by identifying the location of sensitive data and enabling actions such as labeling and data leakage prevention.

  • What is the role of sensitivity labels in Microsoft Purview?

    -Sensitivity labels in Microsoft Purview are metadata added to data based on its classification, which can then trigger actions like data leakage prevention, data retention, and data deletion policies.

  • How does Microsoft Purview's data sharing feature work?

    -Microsoft Purview's data sharing feature allows for in-place access to data without duplication, enabling controlled sharing of data with external organizations while maintaining data governance boundaries.

  • What is the purpose of the catalog in Microsoft Purview?

    -The catalog in Microsoft Purview provides a normalized view of all data, consolidating information from various systems to offer a single, unified view of each data item, regardless of its location or duplication.

  • What insights can estate insights in Microsoft Purview provide to governance stakeholders?

    -Estate insights in Microsoft Purview offer governance stakeholders a high-level view of the entire data estate, including compliance and usage information, to make informed decisions and drive operational actions.

Outlines

00:00

📊 Introduction to Microsoft Purview

This paragraph introduces Microsoft Purview, highlighting its evolution from Azure Purview and Microsoft 365 compliance solutions. It emphasizes the importance of understanding an organization's data estate, which can be spread across various platforms like Microsoft 365, Azure, Amazon Web Services, and others. Microsoft Purview is designed to provide insights into data location, classification, and lineage, which are crucial for data governance and compliance. It supports a wide range of data sources and offers capabilities like data classification, sensitivity labeling, and data sharing. The paragraph also distinguishes between the free and Enterprise versions of Microsoft Purview, noting that the Enterprise version offers more comprehensive features and data source support.

05:02

🔍 Deep Dive into Microsoft Purview Capabilities

The second paragraph delves into the capabilities of Microsoft Purview, focusing on its ability to scan data in place without the need for data importation. It discusses the classification of data using built-in and custom classifications to identify sensitive information such as social security numbers and credit card details. The paragraph also covers the application of sensitivity labels to metadata, which can trigger actions like data leakage prevention and data retention policies. Additionally, it touches on data lineage, which provides a historical view of data transformations and storage, and the data catalog feature that offers a normalized view of data across different systems. The preview feature of data sharing within Azure is also mentioned, allowing for in-place access to data without duplication and the ability to revoke access as needed.

10:03

📈 Conclusion: Harnessing Microsoft Purview for Data Governance

The final paragraph summarizes the key objectives of Microsoft Purview, which is to provide comprehensive data governance and insights into an organization's entire data estate. It reiterates the tool's ability to classify and label data, enabling actionable tasks to be performed based on the data's sensitivity and importance. The paragraph concludes by emphasizing the value of Microsoft Purview in leveraging data analytics, both natively and through external tools, to make the best use of data while maintaining governance and compliance.

Mindmap

Keywords

💡Microsoft Purview

Microsoft Purview is a data governance solution that builds upon previous Azure Purview and Microsoft 365 compliance solutions. It is designed to help organizations understand and manage their data estate across various platforms and services. In the video, it is described as a tool that allows organizations to locate their data, understand its journey, and apply necessary governance measures to prevent data exposure.

💡Data Estate

The term 'data estate' refers to the entirety of an organization's data assets, regardless of where they reside. In the context of the video, it encompasses data stored in Microsoft 365, Azure services, other cloud solutions, and even on-premises. Understanding the data estate is crucial for implementing effective data governance and compliance strategies.

💡Data Classification

Data classification is the process of categorizing data according to its sensitivity, value, and criticality. The video mentions that Microsoft Purview offers over 200 built-in classifications and allows for the creation of custom classifications. This helps organizations to identify and protect sensitive data, such as social security numbers or credit card information.

💡Sensitivity Labels

Sensitivity labels are a form of metadata that can be applied to data to indicate its level of sensitivity. In the video, it is explained that once data is classified, sensitivity labels can be added to trigger further actions like data leakage prevention or data retention policies. This helps in managing the data's lifecycle and ensuring compliance with data protection regulations.

💡Data Lineage

Data lineage refers to the history and relationships of data as it moves through different systems and transformations. The video describes how Microsoft Purview can provide insights into data lineage, which is essential for understanding the data's journey and ensuring its integrity and compliance.

💡Data Catalog

A data catalog is a centralized repository that provides a comprehensive view of an organization's data assets. The video explains that Microsoft Purview's data catalog offers a normalized view of data, regardless of where it is stored or how it is duplicated, which aids in data discovery and management.

💡Data Sharing

Data sharing, as discussed in the video, is the ability to grant access to data without duplicating it. Microsoft Purview allows for in-place access to data, such as Azure Blob or ADLS Gen 2, by sending invitations to other organizations. This feature enables controlled data sharing while maintaining data governance boundaries.

💡Data Access Policies

Data access policies are rules that determine who can access certain data and under what conditions. The video highlights that Microsoft Purview enables the creation of data access policies at a large scale, providing a new level of control over the entire data estate. This is crucial for ensuring that data is accessed only by authorized individuals.

💡Data Governance

Data governance is the framework of policies, rules, and practices that manage an organization's data assets. In the video, Microsoft Purview is portrayed as a tool that supports data governance by providing visibility, control, and insight into the data estate, helping organizations to prevent data exposure and ensure compliance.

💡Azure Blob Storage

Azure Blob Storage is a service provided by Microsoft Azure for storing large amounts of unstructured data. The video mentions Azure Blob Storage as one of the data sources supported by Microsoft Purview, emphasizing its role in managing and governing data stored in the cloud.

💡Data Insights

Data insights refer to the actionable information derived from analyzing data. The video describes how Microsoft Purview can provide estate insights to governance stakeholders, such as C-level executives, to help them understand the organization's data estate, compliance status, and drive operational decisions based on the data's usage and location.

Highlights

Microsoft Purview is built on Azure Purview and Microsoft 365 compliance solutions.

It focuses on understanding an organization's entire data estate.

Data can reside in various locations such as Microsoft 365, Azure services, other clouds, and on-premises.

Purview supports a vast number of data sources including Azure, AWS, and Power BI.

It offers capabilities like data classification, lineage, access policy, and data sharing.

The goal is to avoid data exposure by knowing the location of sensitive data.

There are two versions of Microsoft Purview: Free and Enterprise, with different capabilities.

The free version is limited to Azure blob storage, data Lake storage, Azure SQL database, and Azure subscriptions.

Enterprise Edition provides access to all applications and a more comprehensive set of features.

Purview can scan data in place without the need to import it into the solution.

It includes over 200 built-in classifications and the ability to create custom classifications.

Sensitivity labels can be applied based on data classification to trigger actions like data leakage prevention.

Data lineage provides insights into the history and transformations of data.

The catalog feature offers a normalized view of all data across different systems.

Data sharing in preview allows for in-place access to data without duplication.

Data access policies can be created for large-scale control over the data estate.

Estate insights provide high-level governance stakeholders with actionable compliance information.

Microsoft Purview aims to bring governance and insight into the entire data estate without importing data into other tools.

Transcripts

play00:00

in this lesson we're going to explore

play00:02

the purpose of Microsoft purview

play00:05

so Microsoft purview is built on the

play00:09

previous Azure purview and Microsoft 365

play00:13

compliance Solutions so we have our

play00:16

Microsoft

play00:19

purview

play00:23

and it's gold

play00:25

focused on the idea of we have this

play00:28

entire data estate for our organization

play00:32

and we want to be able to understand

play00:34

what is the data where is the data what

play00:38

has it gone through

play00:39

that's what it enables us to do is we

play00:41

can think about our data can be in many

play00:43

different places

play00:44

so for example if I think of my

play00:46

organization's overall data estate

play00:51

all that data could be in Microsoft 365

play00:54

in its various Solutions like SharePoint

play00:57

teams I could have Azure services and in

play01:01

Azure maybe that's blob storage maybe

play01:04

it's data Lake maybe it's databases like

play01:07

SQL

play01:08

it could be other clouds and their

play01:11

Solutions as well for example I could

play01:14

think about Amazon web services and it's

play01:17

S3 storage Services I might have data in

play01:22

power bi I might have data in other SAS

play01:25

Solutions I may even have data on

play01:28

premises

play01:30

and so we have all these different Data

play01:32

Solutions and Microsoft purview supports

play01:35

a huge number of those if we go and look

play01:37

at its documentation

play01:40

we can see it talks about supported data

play01:42

sources and file types so here we can

play01:44

see well in Azure for example blob

play01:47

Cosmos DB data Explorer data Factory

play01:51

and we can even see some of the

play01:53

different types of capabilities its

play01:55

ability to have classifications live

play01:58

view lineage either history of the data

play02:01

I can label the data access policy data

play02:04

sharing

play02:05

then we can see through the different

play02:07

types of database supported file systems

play02:10

here we can see for example the Amazon

play02:11

S3

play02:13

different services and applications so a

play02:16

huge different range of data sources is

play02:19

available for us

play02:21

and so what we want to be able to do

play02:23

is I need to understand and this is the

play02:26

key point of what purview is doing

play02:32

where is my data

play02:36

foreign

play02:40

what data is it is it important data

play02:43

because fundamentally what we want to be

play02:45

able to do is avoid data exposure

play02:47

and the way we avoid data exposure is to

play02:50

know exactly where that sensitive data

play02:52

is and then take according actions maybe

play02:55

it's labeling it with a highly

play02:58

classified label and then from the label

play03:00

I could do other data leakage prevention

play03:02

actions especially with things like

play03:04

Microsoft 365. so that is the core goal

play03:07

of this

play03:08

now when we think about Microsoft

play03:10

purview there are two versions there is

play03:13

a free version

play03:16

and then there is an Enterprise

play03:21

now there are different sets of

play03:23

capabilities if we were to go and look

play03:26

at the portal

play03:27

we can see I have a few options

play03:30

available to me but this is the free

play03:32

version so I have the data catalog I

play03:34

could do data sharing which is in

play03:36

preview a time of recording but it's

play03:38

very limited

play03:39

but if I was to go and look at what's

play03:42

different between free and Enterprise

play03:43

really the key Point here is in terms of

play03:46

the functionality the Enterprise Edition

play03:49

will expose all of the different

play03:52

applications whereas free

play03:55

only gives me the data catalog and even

play03:58

within the data catalog is limited to

play04:00

Azure blob storage data Lake storage Gen

play04:03

2 Azure SQL database and Azure

play04:05

subscriptions so it reduces what types

play04:08

of

play04:09

capabilities and data sources I can use

play04:12

in addition to various other types of

play04:15

limitations

play04:17

and so as I mentioned there are

play04:20

different capabilities that are enabled

play04:22

through Microsoft purview

play04:25

now one of the key capabilities we have

play04:27

with Microsoft purview is we can scan

play04:30

the data in place so the first layer of

play04:33

the solution give myself a lot of space

play04:36

over here

play04:38

is the idea of the data

play04:42

map

play04:44

and a lot of solutions make you have to

play04:46

bring and import the data into whatever

play04:49

the solution is to be able to view it

play04:50

you don't have to do that here so it can

play04:53

do a scan in place I don't have to move

play04:56

everything over

play04:57

and so those first thing we often want

play04:59

to do is classify the data and there's

play05:01

200 plus built-in classifications I can

play05:04

create custom classifications which are

play05:06

built on patterns

play05:08

um n number of numerics and then maybe a

play05:11

slash and an alpha I could detect a

play05:13

social security number or a credit card

play05:15

so first we want to do is classify the

play05:17

data so we know hey this data has Social

play05:20

Security numbers this has credit cards

play05:22

whatever that might be

play05:24

I then may want to apply a sensitivity

play05:27

labels which is metadata added to the

play05:30

data that I could then act on based on

play05:35

the classification so hey I find a

play05:36

social security number I'll add a label

play05:39

of pii or highly sensitive

play05:42

those labels could then be used to

play05:45

trigger other actions for example maybe

play05:48

through ms365 it is Data leakage

play05:50

prevention it might be data retention it

play05:53

might be hey make sure you delete the

play05:54

data after n number of days

play05:57

it can also do things like data lineage

play06:00

so the data came in through here went

play06:02

through these Transformations it's been

play06:04

saved over here and here

play06:07

it can give me insights

play06:12

into my data

play06:14

because it's now got this complete view

play06:16

of everything happening in the

play06:18

environment

play06:20

the next thing I can get out of this is

play06:23

a catalog

play06:25

so I can think of the catalog and this

play06:28

is going to enable me to think about a

play06:30

normalized view of all of the data if I

play06:33

think that data may go through many

play06:35

different systems our environment maybe

play06:36

get slightly renamed in some

play06:38

environments maybe it's duplicated it's

play06:41

moved between all these different

play06:42

systems what the catalog will do is

play06:45

normalize that I'll get one view for a

play06:48

particular piece of data no matter where

play06:50

it's stored no matter how it's

play06:52

duplicated even if there's slight

play06:54

renames so it's going to make it very

play06:56

easy for me to get a good understanding

play06:59

then what we can do

play07:03

and at time of recording this is in

play07:04

preview is data sharing

play07:07

now this is specific to Azure and I

play07:11

could think about wool in Azure I have a

play07:14

source so I have some storage of my data

play07:19

now in this case specifically it's

play07:21

talking about blob

play07:24

or ADLs Gen 2 which is blob with a

play07:28

hierarchical namespace on top of it

play07:31

and what I can do now is I can send an

play07:33

invitation so if I'm sitting over here

play07:37

I could send an invite

play07:40

to someone in another organization

play07:43

and if they accept that invite what

play07:45

happens is they have a Target

play07:50

storage account

play07:52

and what it does is I can do in place

play07:55

access

play07:57

and what that means is it's not

play08:00

duplicating the data there's no

play08:01

replication happening I create a new

play08:04

storage account in my as the target the

play08:08

person that's having the invite to view

play08:10

this data and when I look at it I will

play08:13

see

play08:16

the content but the data only resides in

play08:20

here so the data is not leaving my data

play08:23

governance boundary for example what I

play08:25

have here is read only

play08:28

so I can't change it but absolutely I

play08:31

could run things like my own analysis

play08:34

against it against my view of that data

play08:40

and as the owner of the data I could

play08:43

revoke access to that at any time so

play08:45

that's very very powerful

play08:49

the other thing I can do here is I can

play08:52

think about policy

play08:56

so with policy I can create data access

play08:59

policies to control at a large scale

play09:04

view of my entire data estate anything

play09:07

under the governance of Microsoft

play09:08

purview I can create these policies so

play09:10

it's access to the data it's large-scale

play09:13

provisioning of the access

play09:15

and it's this entirely new data plane

play09:17

permission that is actually external to

play09:20

the all-up data store

play09:22

then the final thing

play09:29

is estate insights

play09:32

now I can think of this for the main

play09:34

governance stakeholders which only going

play09:36

up a level here maybe your c-level

play09:38

executives

play09:40

and it's given give me insight into the

play09:42

entire data estate my compliance

play09:45

is going to give me actionable

play09:48

information that hey here's where I have

play09:51

maybe sensitive data here's how it's

play09:52

been used do I want to drive some type

play09:55

of operation on that and of course when

play09:58

I have all of this

play10:02

foreign

play10:05

analytics against it

play10:07

using its native capabilities using

play10:10

external tools that I would want to

play10:12

Leverage

play10:13

so this is the key goal of Microsoft

play10:16

purview it's all about bringing this

play10:19

governance this insight into my entire

play10:22

data estate without having to import it

play10:25

all into some other tool

play10:27

it gives me the ability to classify I

play10:30

understand what data is out there and

play10:32

where it is I can then do labeling which

play10:34

can then drive actionable tasks upon it

play10:37

and overall a set of capabilities to

play10:40

make the best use of my data

play10:44

this concludes the lesson

Ver Más Videos Relacionados

Copilot for Microsoft 365 – Game Changer or Risk Maker?

Transform productivity with AI experiences in Microsoft Fabric | OD24

Learn How To Use Microsoft Purview eDiscovery Premium For Creating Cases | Peter Rising MVP

Bảo mật vượt trội với Microsoft Business 365 Premium

Data Fabric Explained

Get Started with Microsoft Copilot for Microsoft 365

Rate This

5.0 / 5 (0 votes)

Summary
Outlines
Mindmap
Keywords
Highlights
Transcripts
Etiquetas Relacionadas
Data GovernanceMicrosoft PurviewData CatalogData SharingData ClassificationData LineageData SecurityAzure ServicesCompliance SolutionsData Insights
¿Necesitas un resumen en inglés?