- Blog
#Security
How to securely build AI Applications in Azure
- 27/11/2024
Reading time 5 minutes
This article has been co-written by Kim Grönberg, our Head of Cloud & Data Security, and Petrus Vasenius, Lead Cloud Security Advisor, who have combined their expertise to provide valuable insights.
Microsoft Purview is a comprehensive platform designed to help organizations govern, protect, and manage their data across various environments, including on-premises, multi-cloud, and SaaS. It integrates data governance, data security, and compliance solutions to provide visibility into data assets, manage data risks, and meet regulatory requirements. By unifying these capabilities, Microsoft Purview enables organizations to safeguard sensitive information and ensure data integrity throughout its lifecycle.
Microsoft Purview is a powerful tool that helps organizations govern their data, enforce compliance, and monitor data usage. It includes features like Data Loss Prevention (DLP), Insider Risk Management, Data Mapping, Audit, and Communication Compliance, to name a few. While it allows you to govern and secure your data estate, it is also a complex tool that requires processes and ownership from the company that uses and implements it.
The Data Catalog capabilities of the Purview are among the most interesting ones, since with only a few clicks away with the help of automation, you can see the whole data estate of your organization. It allows you to explore and get insights into the data, which is categorized into the governance domains. These governance domains can be business concepts, departments or ideas, such as Finance, Product team or Marketing. This helps to make the data more accessible and reachable by relevant persons.
After you have categorized your organizations’ data into the governance domains, you can start classifying it with Data Map functionality according to their criticality into the logical tags or classes. With classifications, it makes the data to be easy to retrieve, sort, or identify for future use. This gives a good baseline for overall Data Governance actions and makes your organization to be ready for the future.
When the data has been collected, identified and mapped, you can start securing it with Purview’s data security solutions. Purview’s Information Protection helps you to discover, classify, protect and govern sensitive information wherever it lives or travels. Because unintentional sharing of sensitive information can cause harm to your organization, you can use DLP features to protect from it. Add it up with Insider Risk Management features and you can also detect and respond to risky activities of your organizations’ users.
The challenge is not the tool itself, even though GDPR concerns might deter some from fully utilizing DLP, Insider Risk Management or Communication Compliance. The real issue is how to enable these features, which requires involvement from different stakeholders within the company. The difficulty with Purview lies in finding ownership within the company to start using it, as it requires stakeholders from Compliance/Security, Data, and even Platform teams.
We suggest starting with a workshop product and including relevant stakeholders from your company. This workshop should map out responsibilities, define how you should identify your data, start the relevant governance and data security actions. The workshop product outlines the steps to get started with implementing Microsoft Purview and start protecting your organization against data security risks.
Interested in learning more? Book a consultation to discuss your data governance strategy.
Our newsletters contain stuff our crew is interested in: the articles we read, Azure news, Zure job opportunities, and so forth.
Please let us know what kind of content you are most interested about. Thank you!