Microsoft Purview Data Loss Prevention is used to provide intelligent detection and control of sensitive information across Office 365, OneDrive, SharePoint, Microsoft Teams, and on the endpoint. It also helps prevent data loss through identifying and preventing risky or inappropriate sharing, transfer, or use of sensitive data on endpoints, apps, and services.
Practice Lead | Microsoft 365 Security & Compliance
Chose Microsoft Purview Data Loss Prevention
We are a complete Microsoft shop. Competitors, we have come across Symantec DLP, that's one. We've come across Nexscope DLP. I've personally migrated customers from Nextscope DLP to Microsoft Purview Data Loss Prevention. There is McAfee DLP as well, which we have worked with. …
I don't think anything that Microsoft does, I've tried to conversate. We haven't even discussed another option. It does it well. So for us, it's pretty much going to stay where it is for now.
Microsoft Purview Data Loss Prevention is included in the E5 license as part of other purchases, so we've done what we can to get the best functionality from it. We are actively investigating implementing Veronas or Cyera just simply because the on-prem capabilities are not …
The licensing is maybe the biggest reason. Purview Data Loss Prevention is included in the Microsoft 365 SKU we already have, so if the functionality is equivalent, it makes sense to save money. We also appreciate how Purview automatically integrates with other Microsoft 365 …
Varonis provided great visibility into file permissions and audit records. It did not provide DLP controls for things like email, and endpoints therefore making it incomplete to provide proactive controls against DLP threats.
Symantec or now? Brocom. Forcepoint, GPV. I'm trying to think of, there's a couple more. I can't think of the top of my head. I would say closer to the bottom then rather than the top. So because of the fact that yes, it integrates well. But in terms of the actual …
Not used any product other than Microsoft Purview Data Loss Prevention. As I mentioned in my earlier point that we did all the researches for the best suitable product for our environment, but Microsoft Purview Data Loss Prevention proved to be best and is working as per our …
There are much more comprehensive and granular DLP solutions out there like Trellix and Sophos but ultimately they are expensive and require significant administrative oversight for implementation and deployment. For a company of our size, they are just not economically …
The DLP in Exchange Online and Purview by proxy is okay, but fails to catch a lot of HIPAA-specific information. We supplemented with Barracuda to make up for it. Purview is still better at identification across the entire tenant though, Barracuda is just doing our email DLP.
The DLP was already part of our tenant so we saved money by using it. With others, we would have to built/implement VMs to connect to the tenant, which we were not willing do. Since we had access to it, we decided to stick with it and we are happy with that result
As the customer already had Microsoft Office 365 E5 license, it made sense to implement Microsoft Purview Data Loss Prevention instead of other products.
Microsoft Purview Data Loss Prevention is well suited to provide a consistent user experience. So all the different products blend together quite well for an office environment. So Teams connects well with Office Outlook. It connects well with SharePoint. So we have a unique connectivity experience in terms of the digital experience of a typical user. And now, with Copilot, it's a great mix and blend that empowers users to adopt AI in their day-to-day office work. And I think that's great.
Strong integration with Microsoft products allowing effective controls to be applied (e.g. Exchange/M365 for email, Microsoft Defender for Cloud Apps to control web, SharePoint/OneDrive to apply policies on sharing.)
Insider Risk module provides visibility into suspicious activities which may not be detected by regular DLP rules.
Overall, Microsoft DLP is not my number one choice because there's not much flexibility. There's a lot of restrictions and the way they set up rules a lot really restrictive. Thus it takes a lot more time for my team to build the rules and establish the controls as needed. So it's very clunky in that way and they have not improved it over the years, but I know they're trying to get a better, however it takes time because Microsoft, as we all knows, not a really security centric company.
Just because it's so easy to navigate and, for the most part, even areas that I don't know about, the support channels are very clear and concise, and they respond very quickly to whatever I need. They'll guide me through whatever I don't understand, and sometimes there are a lot of things added in there.
We are a complete Microsoft shop. Competitors, we have come across Symantec DLP, that's one. We've come across Nexscope DLP. I've personally migrated customers from Nextscope DLP to Microsoft Purview Data Loss Prevention. There is McAfee DLP as well, which we have worked with. Microsoft Purview Data Loss Prevention, definitely, because we don't require another agent to be deployed on Windows machines. It's part of the OS, easy deployment, easy onboarding. So also within email, SharePoint, OneDrive, customers don't have to build any other connectors. It's already integrated. All you have to do is start creating policies, start monitoring them. So the ease of deployment and integration across the Microsoft stack is what we like.
From an ROI perspective, being able to have a robust DLP capability within 365 and with eShare, again, providing the defensive depth and keeping data 365 gives both us as well as our customers an ROI by being able to not use third party repositories to share data externally and by keeping data inside of 365. It gives me much more visibility into my data landscape. One of the things we advise our customers to do when they're starting to explore the advanced capabilities of Microsoft Purview Data Loss Prevention, for example, is to use that DLP product to monitor and understand the flows of sensitive data within the organization. By being able to look at that DLP, identify those sensitive niche types, and see which transactions occur internally within the organization, I get a clearer picture of what I'm doing.