Microsoft Purview Data Loss Prevention

Our use cases are primarily helping customers around their regulatory requirements. Their requirements are to understand, discover sensitive information going outside their network, whether it be device or to another partner, another vendor that they're working with. They just need discovery around it. Now, recently we have also been engaged with customers around use cases where they want to understand what sensitive information is flowing into the AI space. So if users are accessing unapproved AI applications within the environment, they want to understand if any corporate sensitive information or corporate confidential files are going into those apps or not. So those are some use cases that we are currently working on.

• Microsoft Purview Data Loss Prevention is definitely something... It's hard to give an ROI, unless you're talking to the right people. We try to speak to the legal compliance team, so that if the project is led by the legal team, they understand the risk around it. So the ROI is basically you not getting into, in legalities or in legal cases where somebody could, a customer or a partner that you're working with can sue you because you don't have these controls in place. That also helps you comply with certain regulatory requirements like ISO 27,001, at least have these enabled in monitoring mode, and have the discovery being done.
• But overall, from starting with discovery and then having enforced protection, it really helps you understand the ROI from that pact. It may not have a real monetary value attached to it, but the monetary value may be attached. If you're talking to the legal guys, they understand how many from a data exfiltration standpoint, what incidents they have come across, and how much fines they have paid. So, having Microsoft Purview Data Loss Prevention is a low-hanging fruit. At least start enabling them to start seeing what's coming back in your tenant, and understand what data is being used and shared externally. So that's the ROI I see: protecting your compliance teams from any unintended fees or subpoenas, and getting around this.

Microsoft Azure, Microsoft Dynamics 365

The reason it's important is that, as our company, we use it internally and as part of our platform. Our solution allows us to manage how users collaborate internally and externally within the organization, and we also use Microsoft Purview Data Loss Prevention and labels to drive our policy. So this way, we can automate how our solution will serve our customers, both internally and externally.

• From an ROI perspective, being able to have a robust DLP capability within 365 and with eShare, again, providing the defensive depth and keeping data 365 gives both us as well as our customers an ROI by being able to not use third party repositories to share data externally and by keeping data inside of 365. It gives me much more visibility into my data landscape. One of the things we advise our customers to do when they're starting to explore the advanced capabilities of Microsoft Purview Data Loss Prevention, for example, is to use that DLP product to monitor and understand the flows of sensitive data within the organization. By being able to look at that DLP, identify those sensitive niche types, and see which transactions occur internally within the organization, I get a clearer picture of what I'm doing.

It's for data protection, data loss protection. We use it for MIP labeling. It's to label the files with confidential sensitivity so they're not allowed to be sent outside the organization.

• As a public company, I don't focus on ROI too much. Okay. But it has a positive impact because we're stopping data leakage.

CrowdStrike Falcon

So we started using AIP, a previous version of Microsoft Purview Data Loss Prevention, because we had major data leakage of office documents being copied outside the organization, and we had no way to control it. So that's why we started implementing it when we originally did it nearly 10 years ago. Since then, the product has changed dramatically and gone into the cloud. It was before an on-premise type of product. So the business rationale for doing that is that we needed something that could provide a label of confidentiality to our most critical documents. So we could segment the access. So we will have access lists to it. It will get encrypted. So if you're not on the access list, you cannot access it. Also, if you try to open it from outside the organization and you don't have permission, you can't do it.

• This is a cybersecurity prevention component that we are looking at. I think it has paid for itself. However, the deprecation, some of the issues that I'm facing, like the lack of legacy support, reduced traceability, and some of the hiccups of implementing. So we cannot label more than 100,000 documents per day, or assess more than 4 million documents with Microsoft Purview Data Loss Prevention. We have a lot of documents. So, without doing that, is it repaying itself? We're paying for the product every year as part of the subscription model, so I'm not sure it will still pay for itself in the future if some of these issues can't be remediated quickly.

It addresses, for us, kind of security and managing the accounts that we have, and where everybody kind of goes, and how everybody accesses Microsoft, it keeps everything organized for us.

• I think managing costs was probably the biggest one as a nonprofit. We're always worried about the financial impact that any product can have. And as licenses get changed or they get shut down, dictated, we are migrating to the proper product without going over budget is always something we are concerned about. But for the most part, it's been positive. Microsoft works for us as nonprofits to make sure that we get very fair pricing.