Microsoft Purview is a unified platform for data governance, data security, risk management, and compliance across your entire data estate—not just Microsoft 365. Instead of stitching together separate tools for data discovery, classification, protection, and compliance, Purview brings these capabilities into one portfolio so you can: - **Understand and govern your data**: - Build a unified map of your data with **Microsoft Purview Data Map**, which captures metadata across SaaS, analytics, and operational systems in hybrid, on-premises, and multicloud environments. - Automatically **scan and classify** data so you know what you have, where it lives, and how it’s used. - Use **Microsoft Purview Data Catalog** to make curated, high‑value data assets easily discoverable for business users, with business-friendly terms, standardized controls, and built‑in reports. - Apply **data access and usage policies** with Microsoft Purview Data Policy to control who can access, move, or share data across sources. - **Secure your data throughout its lifecycle**: - Use **Microsoft Purview Information Protection** to automatically discover, label, and protect sensitive data across apps, services (including Copilot for Microsoft 365), devices, SaaS apps, and both cloud and on‑premises environments. - Extend labeling and protection into third‑party apps via the **Information Protection SDK**. - Deploy **Data Loss Prevention (DLP)** policies to reduce data leakage across endpoints, apps, services, and on‑premises files. - Use **Insider Risk Management** with machine learning to correlate user activity signals and flag potential insider risks. - **Improve risk and compliance posture**: - Automate classification and governance at scale with **Data Lifecycle Management**, using file properties, pattern recognition, 90+ sensitive info types, and machine learning. - Manage and retain business‑critical records in compliant, unalterable formats with **Records Management**. - Run end‑to‑end legal and internal investigations with **eDiscovery**, including deep indexing, email threading, and near‑duplicate detection. - Support forensic investigations and long‑term audit requirements (up to 10 years of logs) with **Microsoft Purview Audit**. - Detect potential communication violations and sensitive content—including in AI prompts and responses from Copilot for Microsoft 365—with **Communication Compliance**. - Continuously assess and track compliance effectiveness using **Compliance Manager**, which offers pre‑built assessments, step‑by‑step guidance, and a risk‑based compliance score. For organizations navigating hybrid work, multicloud environments, and AI adoption, Purview helps you reimagine data protection by consolidating tools, closing exposure gaps, and giving security, compliance, and data teams a shared, unified view of the data estate.

Microsoft Purview is designed to give you a clear, actionable view of your data so you can govern it effectively and make it usable for analytics and AI. Here’s how it helps you understand and govern your data estate: 1. **Create a unified data map** - **Microsoft Purview Data Map** automatically captures metadata from analytics platforms, SaaS apps, and operational systems across hybrid, on‑premises, and multicloud environments. - Built‑in scanning and classification keep the map up to date, so you can see where data lives, how it travels, and how it’s used. - Support for **Apache Atlas APIs** lets you integrate existing data catalogs and systems, helping you avoid starting from scratch. 2. **Make data easily discoverable for business users** - **Microsoft Purview Data Catalog** allows data stewards and owners to curate data assets and publish them as governed data products. - Business users can search using **business‑friendly terms**, not just technical metadata, which reduces dependency on specialized data teams. - Standardized controls, policies, and rules are backed by built‑in reports and health actions, giving your data office better oversight. 3. **Apply consistent access and usage policies** - With **Microsoft Purview Data Policy**, you can define and enforce policies for accessing, moving, and sharing data across sources. - Policies can be tailored by role or scenario—for example, different access rules for DevOps teams, data owners, and self‑service users. - Automated access policies help people get to the data they need while keeping sensitive assets protected. 4. **Activate data for analytics and AI** - Once data is mapped, classified, and curated, Purview helps you identify **critical data assets** that need higher levels of quality, lineage tracking, and protection. - This foundation supports modern, federated data governance and enables safe use of data for analytics, AI‑based applications, and generative AI scenarios. In practice, this means your teams spend less time hunting for data and more time using it—while your governance and security teams maintain control through consistent policies and visibility.

Microsoft Purview brings together several capabilities to help you manage regulatory obligations, reduce risk, and streamline investigations. 1. **Automated classification and lifecycle governance** - **Microsoft Purview Data Lifecycle Management** helps you manage records and information across their lifecycle to meet legal, business, privacy, and regulatory needs. - It uses built‑in classification to automatically apply policies based on: - File properties - Pattern recognition - **90+ sensitive information types** (for example, passport or Social Security numbers) - Machine learning - You can automatically apply retention labels to content containing PII or other sensitive data, keeping what you must and disposing of what you no longer need. 2. **Records management and retention** - **Microsoft Purview Records Management** provides a reliable system to store and manage regulatory, legal, and business‑critical records. - Records can be retained in **unalterable, compliant formats**, helping you demonstrate adherence to regulations while also enabling defensible disposal of data that is no longer required. 3. **eDiscovery and legal investigations** - **Microsoft Purview eDiscovery** offers an end‑to‑end workflow for internal and external investigations, including data spillage scenarios. - You can: - Identify persons of interest and their data sources - Apply legal holds to preserve relevant data - Collect, analyze, review, and export content - Intelligent features such as **deep indexing**, **email threading**, and **near‑duplicate detection** help narrow large data sets. - **Copilot for Security in Microsoft Purview** can generate contextual summaries of review set items, helping reviewers quickly identify what’s relevant for tagging or export. 4. **Forensic investigations and audit readiness** - **Microsoft Purview Audit** provides detailed insights into user activity and data access, which is critical when investigating potential breaches or suspicious behavior. - It supports long‑term log retention—**up to 10 years**—to help meet regulatory and audit requirements. - Audit reporting helps you understand patterns such as high‑bandwidth data access and specific user actions (for example, when emails were accessed, replied to, or forwarded). 5. **Communication and behavioral compliance** - **Microsoft Purview Communication Compliance** helps detect potential violations in communications, such as: - Sharing sensitive information - Harassing or threatening language - Adult or otherwise inappropriate content - It supports regulatory requirements (for example, SEC or FINRA‑related scenarios) and extends to **Generative AI content**, including prompts and responses from Copilot for Microsoft 365. - Privacy is built in through role‑based access controls, pseudonymized usernames by default, and maintained audit logs. 6. **Continuous compliance management** - **Microsoft Purview Compliance Manager** helps you continuously assess and track your compliance posture. - It provides: - Pre‑built assessments for common standards and regulations - Step‑by‑step guidance on how to improve control implementation - A **risk‑based compliance score** so you can see where you stand and where to focus next Together, these capabilities help you move from reactive, manual compliance work to a more proactive, automated approach—reducing risk while making it easier to respond to audits, legal matters, and internal investigations.