Microsoft Purview Overview - AZ-900 Certification Course - August 2023 New
Summary
TLDRThis lesson delves into Microsoft Purview, a data governance tool evolved from Azure Purview and Microsoft 365 compliance solutions. It offers a comprehensive view of an organization's data estate across various platforms like Microsoft 365, Azure, AWS, and on-premises. Key features include data classification, sensitivity labeling, data lineage, and a unified data catalog. Microsoft Purview also facilitates data sharing without duplication and provides estate insights for governance stakeholders, all aimed at enhancing data governance and minimizing exposure risks.
Takeaways
- 📚 Microsoft Purview is an evolution of Azure Purview and Microsoft 365 compliance solutions, designed to manage and govern an organization's entire data estate.
- 🌐 It provides a unified view of data across various platforms including Microsoft 365, Azure, Amazon Web Services, and other cloud and on-premises solutions.
- 🔍 The core functionality of Microsoft Purview is to discover, classify, and understand the organization's data, including its location and sensitivity.
- 🔏 A critical goal is to prevent data exposure by identifying sensitive data and applying appropriate actions such as labeling and data leakage prevention.
- 🆓 There are two versions of Microsoft Purview: a free version with limited capabilities and an Enterprise version that offers a comprehensive set of features.
- 🔍 The free version primarily offers a data catalog with limited support for Azure services, while the Enterprise version includes advanced features like data sharing and estate insights.
- 📊 Microsoft Purview can scan data in place without the need to import or move data, simplifying the process of data governance.
- 🏷️ It includes over 200 built-in classifications and allows for custom classifications to identify and label sensitive information like Social Security numbers or credit card details.
- 🔗 Data lineage is a feature that provides a historical view of data transformations and movements, offering insights into data usage and storage.
- 🤝 Data sharing in preview allows for secure sharing of data with external organizations without data replication, maintaining data governance boundaries.
- 📊 Estate insights provide high-level governance stakeholders with actionable compliance information and analytics across the entire data estate.
Q & A
What is the primary purpose of Microsoft Purview?
-Microsoft Purview is designed to help organizations understand and manage their entire data estate by identifying where data is, classifying it, and applying appropriate actions to prevent data exposure.
What are the two versions of Microsoft Purview mentioned in the transcript?
-There are two versions of Microsoft Purview: a free version and an Enterprise version, each offering different sets of capabilities.
What is the difference between the free and Enterprise versions of Microsoft Purview?
-The free version of Microsoft Purview offers limited capabilities, including a data catalog and basic data sharing in preview. The Enterprise version, however, provides access to all applications and a broader range of functionalities.
How does Microsoft Purview support data from various sources?
-Microsoft Purview supports a vast array of data sources, including Microsoft 365, Azure services, Amazon Web Services, Power BI, and on-premises solutions, among others.
What is the significance of the data map feature in Microsoft Purview?
-The data map feature in Microsoft Purview allows for scanning data in place without the need to import or move data, providing a comprehensive view of the data estate.
What are some of the built-in capabilities of Microsoft Purview?
-Microsoft Purview offers capabilities such as data classification, sensitivity labeling, data lineage, and data sharing, which help in understanding, governing, and acting on data across the organization.
How does Microsoft Purview help in avoiding data exposure?
-Microsoft Purview helps avoid data exposure by identifying the location of sensitive data and enabling actions such as labeling and data leakage prevention.
What is the role of sensitivity labels in Microsoft Purview?
-Sensitivity labels in Microsoft Purview are metadata added to data based on its classification, which can then trigger actions like data leakage prevention, data retention, and data deletion policies.
How does Microsoft Purview's data sharing feature work?
-Microsoft Purview's data sharing feature allows for in-place access to data without duplication, enabling controlled sharing of data with external organizations while maintaining data governance boundaries.
What is the purpose of the catalog in Microsoft Purview?
-The catalog in Microsoft Purview provides a normalized view of all data, consolidating information from various systems to offer a single, unified view of each data item, regardless of its location or duplication.
What insights can estate insights in Microsoft Purview provide to governance stakeholders?
-Estate insights in Microsoft Purview offer governance stakeholders a high-level view of the entire data estate, including compliance and usage information, to make informed decisions and drive operational actions.
Outlines
📊 Introduction to Microsoft Purview
This paragraph introduces Microsoft Purview, highlighting its evolution from Azure Purview and Microsoft 365 compliance solutions. It emphasizes the importance of understanding an organization's data estate, which can be spread across various platforms like Microsoft 365, Azure, Amazon Web Services, and others. Microsoft Purview is designed to provide insights into data location, classification, and lineage, which are crucial for data governance and compliance. It supports a wide range of data sources and offers capabilities like data classification, sensitivity labeling, and data sharing. The paragraph also distinguishes between the free and Enterprise versions of Microsoft Purview, noting that the Enterprise version offers more comprehensive features and data source support.
🔍 Deep Dive into Microsoft Purview Capabilities
The second paragraph delves into the capabilities of Microsoft Purview, focusing on its ability to scan data in place without the need for data importation. It discusses the classification of data using built-in and custom classifications to identify sensitive information such as social security numbers and credit card details. The paragraph also covers the application of sensitivity labels to metadata, which can trigger actions like data leakage prevention and data retention policies. Additionally, it touches on data lineage, which provides a historical view of data transformations and storage, and the data catalog feature that offers a normalized view of data across different systems. The preview feature of data sharing within Azure is also mentioned, allowing for in-place access to data without duplication and the ability to revoke access as needed.
📈 Conclusion: Harnessing Microsoft Purview for Data Governance
The final paragraph summarizes the key objectives of Microsoft Purview, which is to provide comprehensive data governance and insights into an organization's entire data estate. It reiterates the tool's ability to classify and label data, enabling actionable tasks to be performed based on the data's sensitivity and importance. The paragraph concludes by emphasizing the value of Microsoft Purview in leveraging data analytics, both natively and through external tools, to make the best use of data while maintaining governance and compliance.
Mindmap
Keywords
💡Microsoft Purview
💡Data Estate
💡Data Classification
💡Sensitivity Labels
💡Data Lineage
💡Data Catalog
💡Data Sharing
💡Data Access Policies
💡Data Governance
💡Azure Blob Storage
💡Data Insights
Highlights
Microsoft Purview is built on Azure Purview and Microsoft 365 compliance solutions.
It focuses on understanding an organization's entire data estate.
Data can reside in various locations such as Microsoft 365, Azure services, other clouds, and on-premises.
Purview supports a vast number of data sources including Azure, AWS, and Power BI.
It offers capabilities like data classification, lineage, access policy, and data sharing.
The goal is to avoid data exposure by knowing the location of sensitive data.
There are two versions of Microsoft Purview: Free and Enterprise, with different capabilities.
The free version is limited to Azure blob storage, data Lake storage, Azure SQL database, and Azure subscriptions.
Enterprise Edition provides access to all applications and a more comprehensive set of features.
Purview can scan data in place without the need to import it into the solution.
It includes over 200 built-in classifications and the ability to create custom classifications.
Sensitivity labels can be applied based on data classification to trigger actions like data leakage prevention.
Data lineage provides insights into the history and transformations of data.
The catalog feature offers a normalized view of all data across different systems.
Data sharing in preview allows for in-place access to data without duplication.
Data access policies can be created for large-scale control over the data estate.
Estate insights provide high-level governance stakeholders with actionable compliance information.
Microsoft Purview aims to bring governance and insight into the entire data estate without importing data into other tools.
Transcripts
in this lesson we're going to explore
the purpose of Microsoft purview
so Microsoft purview is built on the
previous Azure purview and Microsoft 365
compliance Solutions so we have our
Microsoft
purview
and it's gold
focused on the idea of we have this
entire data estate for our organization
and we want to be able to understand
what is the data where is the data what
has it gone through
that's what it enables us to do is we
can think about our data can be in many
different places
so for example if I think of my
organization's overall data estate
all that data could be in Microsoft 365
in its various Solutions like SharePoint
teams I could have Azure services and in
Azure maybe that's blob storage maybe
it's data Lake maybe it's databases like
SQL
it could be other clouds and their
Solutions as well for example I could
think about Amazon web services and it's
S3 storage Services I might have data in
power bi I might have data in other SAS
Solutions I may even have data on
premises
and so we have all these different Data
Solutions and Microsoft purview supports
a huge number of those if we go and look
at its documentation
we can see it talks about supported data
sources and file types so here we can
see well in Azure for example blob
Cosmos DB data Explorer data Factory
and we can even see some of the
different types of capabilities its
ability to have classifications live
view lineage either history of the data
I can label the data access policy data
sharing
then we can see through the different
types of database supported file systems
here we can see for example the Amazon
S3
different services and applications so a
huge different range of data sources is
available for us
and so what we want to be able to do
is I need to understand and this is the
key point of what purview is doing
where is my data
foreign
what data is it is it important data
because fundamentally what we want to be
able to do is avoid data exposure
and the way we avoid data exposure is to
know exactly where that sensitive data
is and then take according actions maybe
it's labeling it with a highly
classified label and then from the label
I could do other data leakage prevention
actions especially with things like
Microsoft 365. so that is the core goal
of this
now when we think about Microsoft
purview there are two versions there is
a free version
and then there is an Enterprise
now there are different sets of
capabilities if we were to go and look
at the portal
we can see I have a few options
available to me but this is the free
version so I have the data catalog I
could do data sharing which is in
preview a time of recording but it's
very limited
but if I was to go and look at what's
different between free and Enterprise
really the key Point here is in terms of
the functionality the Enterprise Edition
will expose all of the different
applications whereas free
only gives me the data catalog and even
within the data catalog is limited to
Azure blob storage data Lake storage Gen
2 Azure SQL database and Azure
subscriptions so it reduces what types
of
capabilities and data sources I can use
in addition to various other types of
limitations
and so as I mentioned there are
different capabilities that are enabled
through Microsoft purview
now one of the key capabilities we have
with Microsoft purview is we can scan
the data in place so the first layer of
the solution give myself a lot of space
over here
is the idea of the data
map
and a lot of solutions make you have to
bring and import the data into whatever
the solution is to be able to view it
you don't have to do that here so it can
do a scan in place I don't have to move
everything over
and so those first thing we often want
to do is classify the data and there's
200 plus built-in classifications I can
create custom classifications which are
built on patterns
um n number of numerics and then maybe a
slash and an alpha I could detect a
social security number or a credit card
so first we want to do is classify the
data so we know hey this data has Social
Security numbers this has credit cards
whatever that might be
I then may want to apply a sensitivity
labels which is metadata added to the
data that I could then act on based on
the classification so hey I find a
social security number I'll add a label
of pii or highly sensitive
those labels could then be used to
trigger other actions for example maybe
through ms365 it is Data leakage
prevention it might be data retention it
might be hey make sure you delete the
data after n number of days
it can also do things like data lineage
so the data came in through here went
through these Transformations it's been
saved over here and here
it can give me insights
into my data
because it's now got this complete view
of everything happening in the
environment
the next thing I can get out of this is
a catalog
so I can think of the catalog and this
is going to enable me to think about a
normalized view of all of the data if I
think that data may go through many
different systems our environment maybe
get slightly renamed in some
environments maybe it's duplicated it's
moved between all these different
systems what the catalog will do is
normalize that I'll get one view for a
particular piece of data no matter where
it's stored no matter how it's
duplicated even if there's slight
renames so it's going to make it very
easy for me to get a good understanding
then what we can do
and at time of recording this is in
preview is data sharing
now this is specific to Azure and I
could think about wool in Azure I have a
source so I have some storage of my data
now in this case specifically it's
talking about blob
or ADLs Gen 2 which is blob with a
hierarchical namespace on top of it
and what I can do now is I can send an
invitation so if I'm sitting over here
I could send an invite
to someone in another organization
and if they accept that invite what
happens is they have a Target
storage account
and what it does is I can do in place
access
and what that means is it's not
duplicating the data there's no
replication happening I create a new
storage account in my as the target the
person that's having the invite to view
this data and when I look at it I will
see
the content but the data only resides in
here so the data is not leaving my data
governance boundary for example what I
have here is read only
so I can't change it but absolutely I
could run things like my own analysis
against it against my view of that data
and as the owner of the data I could
revoke access to that at any time so
that's very very powerful
the other thing I can do here is I can
think about policy
so with policy I can create data access
policies to control at a large scale
view of my entire data estate anything
under the governance of Microsoft
purview I can create these policies so
it's access to the data it's large-scale
provisioning of the access
and it's this entirely new data plane
permission that is actually external to
the all-up data store
then the final thing
is estate insights
now I can think of this for the main
governance stakeholders which only going
up a level here maybe your c-level
executives
and it's given give me insight into the
entire data estate my compliance
is going to give me actionable
information that hey here's where I have
maybe sensitive data here's how it's
been used do I want to drive some type
of operation on that and of course when
I have all of this
foreign
analytics against it
using its native capabilities using
external tools that I would want to
Leverage
so this is the key goal of Microsoft
purview it's all about bringing this
governance this insight into my entire
data estate without having to import it
all into some other tool
it gives me the ability to classify I
understand what data is out there and
where it is I can then do labeling which
can then drive actionable tasks upon it
and overall a set of capabilities to
make the best use of my data
this concludes the lesson
関連動画をさらに表示
Copilot for Microsoft 365 – Game Changer or Risk Maker?
Transform productivity with AI experiences in Microsoft Fabric | OD24
Learn How To Use Microsoft Purview eDiscovery Premium For Creating Cases | Peter Rising MVP
Bảo mật vượt trội với Microsoft Business 365 Premium
Data Fabric Explained
Get Started with Microsoft Copilot for Microsoft 365
5.0 / 5 (0 votes)