TrustRadius: an HG Insights company

Microsoft Purview Data Loss Prevention

Score7.3 out of 10

16 Reviews and Ratings

Get a Demo

What is Microsoft Purview Data Loss Prevention?

Microsoft Purview Data Loss Prevention is used to provide intelligent detection and control of sensitive information across Office 365, OneDrive, SharePoint, Microsoft Teams, and on the endpoint. It also helps prevent data loss through identifying and preventing risky or inappropriate sharing, transfer, or use of sensitive data on endpoints, apps, and services.

Categories & Use Cases

Media

Screenshot of pre-built policy templates to easily get started
Screenshot of DLP analytics to help recommend new policies and fine tune existing ones
Screenshot of the step that enables one policy to be applied to several locations
Screenshot of then next step, that enables policies to be scoped to specific users and user groups
Screenshot of composite conditions using groups of AND /OR and exceptions with NOT
Screenshot of granular restrictions for different actions
Screenshot of configuring different restrictions for different groups of devices
Screenshot of custom user notifications and policy tips
Screenshot of policy creation in Simulation mode to gain confidence before deploying in production
Screenshot of a migration of existing DLP policies to Microsoft Purview DLP, which occurs automatically
Screenshot of a display DLP incidents within the context of Security incidents in Microsoft Defender XDR
Screenshot of viewable sensitive information and surrounding context relevant to an incident
Screenshot of manual remediation actions that can be run from the event page

1 / 13

Screenshot of pre-built policy templates to easily get started

Key Features

Learn about the best (and worst!) features Microsoft Purview Data Loss Prevention has to offer, as determined by TrustRadius' reviewers.
Based on 16 ratings of Microsoft Purview Data Loss Prevention's features
View all features

Top Performing Features

  • Data Encryption

    Data encryption to ensure data privacy

    Category average: 7.7

Areas for Improvement

Reviews

What users are saying about Microsoft Purview Data Loss Prevention.
View all reviews

The most effective DLP suite for Microsoft environments

Incentivized
Peter Marshall
Director, Information Security and Compliance in Information Technology at Gore Mutual (201-500 employees employees)

Use Cases and Deployment Scope

I oversee our Information Security program and utilize Microsoft Purview to govern and enforce aspects of our Data Security including data discovery, data classification, data retention, and data loss prevention. As an E5 customer, Microsoft Purview is included and has strong integration into the Microsoft ecosystem. We utilize it to scan our files stores including OneDrive, SharePoint, Teams, and Email as well as data stores within Azure. The product comes with built in classifiers to detect sensitive content (e.g. SIN/SSN, financial information, health information, etc...). It also allows trainable classifiers to be created to detect content that is proprietary to organizations.

There are multiple levels of DLP controls which can be applied at various points in the data path to reduce risk of unwanted data disclosure, or malicious exfiltration.

Pros

  • Extensive library for data content classifiers.
  • Strong integration with Microsoft products allowing effective controls to be applied (e.g. Exchange/M365 for email, Microsoft Defender for Cloud Apps to control web, SharePoint/OneDrive to apply policies on sharing.)
  • Insider Risk module provides visibility into suspicious activities which may not be detected by regular DLP rules.

Cons

  • Requires a lot of time to configure. This is not unique to Purview DLP, but new customers should anticipate this and allocate sufficient time and resources to plan for a successful deployment.
  • Steep learning curve. There are a lot of sections, pages, and tabs which need to be configured. Learning where to find these and what each setting does will require subject matter expertise.
  • Integration with Microsoft Defender suite is lacking. Purview is designed for Data Governance, Compliance, and Privacy. For this reason, it makes sense to be standalone; however, the DLP modules should have stronger integration into the Microsoft Defender console where Security teams spend the bulk of their time.

Return on Investment

  • Microsoft Purview Data Loss Prevention is included within the E5 license suite providing value to organizations who are using Microsoft technologies for their organization.
  • Provides the most extensive integration for Microsoft technologies.
  • Highly effective for building out a Data Security program and reducing risk exposure associated with data exfiltration.
  • Provides cross collaboration between assurance functions in a company (Security, Privacy, Risk, Audit)

Alternatives Considered

Varonis Data Security Platform

Other Software Used

Varonis Data Security Platform

Microsoft Purview Data Loss Prevention Review

Incentivized
Verified User
Team Lead in Information Technology (1001-5000 employees employees)

Use Cases and Deployment Scope

Data loss prevention. Preventing exfiltration of data.

Pros

  • Well, it has a direct integration with all the Microsoft products, which makes integration a lot easier and seamless.

Cons

  • Overall, Microsoft DLP is not my number one choice because there's not much flexibility. There's a lot of restrictions and the way they set up rules a lot really restrictive. Thus it takes a lot more time for my team to build the rules and establish the controls as needed. So it's very clunky in that way and they have not improved it over the years, but I know they're trying to get a better, however it takes time because Microsoft, as we all knows, not a really security centric company.

Return on Investment

  • Well, the ROI is a lot better because since we already paid for a license for other purposes, so it's more of an instant gain, it's a capability gain, so we're not really losing anything or losing money because we got to buy additional product.

Alternatives Considered

Symantec Data Loss Prevention and Forcepoint Data Loss Prevention

Microsoft Purview Data Loss Prevention Review

Incentivized
Verified User
Director in Product Management (5001-10,000 employees employees)

Use Cases and Deployment Scope

We provide services and solutions using Microsoft products to companies that are contractors in the defense industrial base or the DOD contracting space. Our job is to help them get compliant to help them meet compliant standards. We do so by leveraging Microsoft 365 features like Purview and configuring those to incorporate principles and controls and practices of cybersecurity. So it's to secure the organization. So for us, DLP comes really important because CMMC, which is the regulatory standard which we must help our customers achieve, it's a data-centric standard - so it follows the data. Something like Purview where we can add the sensitivity labels to the data, where we can do protection of the data to stop it from unauthorized disclosure, unauthorized viewing, or whatever it may be. It's actually a real MVP for us because we're able to, because our entire compliance standard once again is data-centric and it's focused on controlled and classified information, we're able to attach DLP and sensitivity labels and things like that using Purview to the type of data that's really important to us to protect. It helps in everything: activates some of the instant response techniques, make sure that we are enforcing mechanisms and it helps us discover C, but it helps us also discover CUI within the environments when we're doing discovery for new clients and onboarding or if we're validating protections that they have in place.

Pros

  • Automatic labeling, once we've trained the naming conventions and things like that and we get the labels placed on things. One of the biggest problems that our clients face is the fact that they don't particularly know every single time exactly the data that they're trying to protect, how to identify it when it comes into the system or when they create it, right? So we're using Purview and we're using the abilities that Purview has to auto-label things based off of either taxonomy that you have produced or created or that have been automatically populated through AI. That makes it a lot easier and kind of thwarts possible user error that causes problems for organizations.

Cons

  • I think this is going to be everybody that has to operate primarily in GCCI, all of the cool high speed features that we can read about in Purview, making sure that they're all available in GCCI for all the clients and we know that that's a process. It has to go through vetting and things like that, but the sooner that we get the entire suite available to the GCCI customers, I think the better off we'll be.

Return on Investment

  • I think it's integral to everything, it has to be positive and the positivity has to be the ability to use Purview in a situation for an organization. For us as a provider, we're not sure if we need your services or we think we're doing this thing correctly. We also evaluate compliance team. So first thing that we may do is if we don't have a footprint in the organization and we don't know what their data parameter or their data flow capabilities are, if we don't think that they're controlling it confidently, we validate and verify. We may do a content search and that content search immediately will be the most revealing thing. They'll be like, "alright, so right here on this diagram, this and this area are the areas that you have protected that are capable of protecting CUI. How come your CUIs in all of these 18 other different areas in which you see as like scope creep happens because the enforcement mechanisms haven't been tested, validated or whatever, or haven't been effective." It allows us to do quick cleanup, quick discovery, and things like that for new onboarding clients.

Purview Review

Incentivized
Verified User
Professional in Information Technology (10,001+ employees employees)

Use Cases and Deployment Scope

It discovers data that we need to address for PCI compliance.

Pros

  • It does everything that Microsoft touches automagically, and it's incredibly easy to deploy for our cloud-based environment.

Cons

  • It does not hit things that are not in the Microsoft environment.

Return on Investment

  • It has allowed us to address PCI needs in an accelerated manner.

Alternatives Considered

Varonis Data Security Platform

Microsoft Purview Data Loss Prevention review

Incentivized
Verified User
Director in Engineering (10,001+ employees employees)

Use Cases and Deployment Scope

Help prevent risky or unauthorized use of sensitive data on apps, services, and devices.

Pros

  • Cloud-native solution
  • Prevent unauthorized sharing, transfer, or use of sensitive data across apps
  • Alerting in time using AI
  • Central place for policies

Cons

  • Retention policies limit
  • Cost factor to process large data sets
  • Inter operability

Return on Investment

  • Protect documents
  • Integration between other hyperscalers need to improve
  • Specifically Azure and MS

Alternatives Considered

AI Cyber Experts Cybersecurity as a Service (CSaaS)

Other Software Used

Microsoft Copilot, Microsoft Copilot Studio, ActiveDEFENDER

Related Products

Products similar to Microsoft Purview Data Loss Prevention that may also meet your needs.
All comparisons
Forcepoint Data Loss Prevention
CompareLearn more
Symantec Data Loss Prevention
CompareLearn more
Digital Guardian
CompareLearn more
McAfee DLP Endpoint
CompareLearn more