Enterprise’s business processes are generating data at a rapid pace. In addition to internal data, businesses are progressively utilizing external data in different forms for their strategic decisions. Enterprises require data-driven decision-making at every level, including stakeholders, executives, managers, and operational analysts. Sharing the right data with customers, suppliers, and partners not only builds trust but also creates opportunities to monetize the data and insights.

Enterprises are undertaking initiatives to democratize data access, ensuring that every user within the organization has access to data. Accessibility to data is being facilitated through various channels, including data portals, file shares, emails, and collaboration platforms such as Teams. The more data is accessed, the more critical it becomes to effectively govern it, addressing questions such as:

  • Where is the data located?
  • How is the data stored?
  • What is the data classification?
  • When should the data be archived or disposed of?
  • Who has accessed the data?
  • Why the data has quality issues
  • Which data is critical for business operations and decision-making

As businesses increasingly adopt multi-cloud and multi-platform ecosystems to meet their demands, managing the threats to data, protecting data, and ensuring compliance become more complex, requiring greater effort to build and monitor data protection systems.

Introducing Microsoft Purview

The effective management of data in an enterprise involves the combination of data governance and data protection. Microsoft Purview is the only platform that provides functionalities for governing, safeguarding, and complying.

Microsoft Purview incorporates artificial intelligence into data protection by actively comprehending user activities and behavior, and customizing data protection policies for each individual user.

Adaptive Protection in Microsoft Purview

Adaptive Protection is a feature that combines the functionalities of Microsoft Purview Insider Risk Management and Microsoft Purview Data Loss Prevention (DLP) with Artificial Intelligence. It’s designed to provide enhanced protection for an organization’s sensitive data by leveraging AI to identify and mitigate potential risks. As a new addition to the Microsoft Purview platform, Adaptive Protection enables organizations to proactively manage insider risk and prevent data loss through a more intelligent and adaptive approach.

When insider risk identifies a user who is engaging in risky behavior, they are dynamically assigned to a risk level. Then adaptive protection automatically creates a DLP policy to help protect the organization against risky behavior that’s associated with that risk level. As users risk levels change in insider risk management, the DLP policies applied to users also adjusts. Policies need not be added to each user separately.

Source: Microsoft Tech Community

By integrating risk management and data loss prevention capabilities, Purview is able to provide a more comprehensive approach to protecting sensitive data and mitigating insider threats. With the Adaptive Protection feature of Microsoft Purview, data security engineers can reduce the time and effort required for monitoring and customizing policies, as it automates and adapts to changes in the data environment. Purview detects risky users, assigns risk levels and dynamically applies preventive controls to risky users. Detection of risky users is done at three levels

  • Outlier activities (anomaly detection)
  • Sequence of activities (associated with data loss)
  • Relationship and context of independent activities

The first level is outlier activities, which utilizes anomaly detection algorithms to identify abnormal behavior patterns that deviate from the usual activities of a user. The second level involves analyzing the sequence of activities performed by a user, with a focus on identifying any patterns or sequences that are associated with data loss or other security risks. The third level examines the relationship and context of independent activities to identify any potential security risks that may not be apparent when analyzing individual activities in isolation. Together, these three levels of analysis help to provide a comprehensive understanding of a user’s behavior and any potential risks associated with their actions.

Based on the risk level the preventive controls applied. These controls may include blocking certain actions or access to data, requiring additional approvals or reviews for certain activities, or generating alerts to notify relevant parties of potential security risks.

Please refer to Adaptive Protection in Microsoft Purview to learn more about Microsoft Purview’s Adaptive Protection comprehensive features, supported platforms as well as the specific rules and actions that can be taken.

By leveraging AI and machine learning algorithms, Adaptive Protection is able to provide a more intelligent and adaptive approach to risk management. By integrating with various Microsoft platforms like SharePoint, Teams, OneDrive it enables Enterprises to apply consistent policies and controls across the entire data ecosystem, helping to reduce the risk of security breaches and other data loss incidents.

To understand how WinWire can help in adopting Microsoft Purview for Data Governance and Data Protection in a three weeks exercise, please check the Azure Marketplace offer Data Governance with Azure Purview and the joint Webinar with Microsoft  at Democratize your enterprise data with Microsoft Purview.