Microsoft Purview helps you manage your data with clear rules and control. You can set up your space, add data sources, and group governance domains. You can also handle data products and check quality, all in one place. The easy tools help both IT and business teams. You can sort, label, and keep sensitive data safe. You can also make compliance and security tasks automatic. > With one place for policy management and simple features, you can see everything, lower risk, and make sure your data is trusted in your company.

Key Takeaways

• Microsoft Purview lets you keep your data in one place. It helps you organize, protect, and manage data. The tools are simple for IT and business teams to use.

• First, open Purview in the Azure portal. Set up your environment. Pick free or enterprise versions based on what you need.

• Register your data sources and scan them. This helps you label and sort data automatically. Your data catalog stays updated and safe.

• Make governance domains and give people roles. This controls who can see and manage data. It helps your group stay organized and safe.

• Use Purview’s data catalog, quality rules, and monitoring tools. These help your data stay correct, trusted, and follow the rules.

Getting Started

Access Purview

To start using Microsoft Purview, you need to get into it. You do this by going to the Azure portal. You must have a Microsoft Entra tenant and an Azure subscription. These are needed to set up and use Purview.

Tip: Use browsers like Microsoft Edge Chromium. You can also use Chrome or Firefox with extensions. This helps you use features like Data Loss Prevention.

Here are the steps to get your environment ready:

1. Go to App registrations in the Azure portal and register Microsoft Purview.

2. Pick account types and set up the redirect URI for login.

3. Find your Application (client) ID and Directory (tenant) ID.

4. Add the redirect URL for your Purview.

5. Turn on API permissions for Azure Purview and Microsoft Graph. Use both delegated and application permissions.

6. Make a client secret and keep it safe.

7. Find your Purview account’s Atlas or Scan endpoint. Use this as your base URL.

You also need to register Azure resource providers like Microsoft.Storage and Microsoft.Purview. Change your Azure Policy if you need to let these resources be set up.

Setup and Upgrade

When you set up Microsoft Purview, you can pick a free or paid version. The free version is simple and works for your whole company. You can look at and search data assets easily. It does not need a hard setup. But, it only works with a few data sources like Azure Blob Storage and Azure SQL Database. The free version is good for learning about the data catalog and basic rules.

If you want more features, you can upgrade to the enterprise version. You need to make a linked resource in the Azure portal for this. The enterprise version uses pay-as-you-go billing. It gives you more tools like workflows, business rules, and automation. Upgrading lets you use more data sources and connect with business tasks.

Note: If you delete the linked resource in the enterprise version, you lose all Purview info. If you go back to the free version, you must start over.

Your license changes what features you can use. Microsoft Purview works with Microsoft 365 plans. E3 licenses give you basic tools. E5 licenses give you more advanced tools. You can mix licenses or add compliance add-ons for more features. Your license choice decides what you can do, like eDiscovery and automation.

Make sure your users use Microsoft 365 services with supported clients. This helps you use labeling and protection controls.

Register Data Sources

Registering your data sources is very important. It helps you build strong data governance. You need to connect your data systems to Microsoft Purview. This lets you scan, classify, and manage your data. You can keep track of where your data is. You can use governance policies everywhere.

Add Sources

You can add many types of data sources. These include Azure services and Dataverse environments. Here are steps to register a new Azure data source:

1. Go to the Microsoft Purview governance portal at

https://web.purview.azure.com

1. . You can also open it from the Azure portal. Pick your Purview account and click the governance portal button.

2. Click Data Map on the left menu.

3. Press Register.

4. On the Register sources page, pick Azure (multiple).

5. Click Continue.

6. Type a name for your data source. You can pick a management group if you want.

7. Choose your subscription and resource group. This sets the registration scope.

8. Pick a collection to organize your source.

9. Click Register to finish.

To register a Dataverse source, do these steps:

1. Open the Microsoft Purview governance portal and pick your account.

2. Go to Data Map and then Sources.

3. Use the Collections menu. Make a collection hierarchy and set permissions.

4. Under Sources, pick the right collection. Click the Register icon.

5. Pick Dataverse as the data source type.

6. Type a name. Enter the Web API endpoint URL for your Dataverse environment. Pick a collection and apply.

7. Your Dataverse source will show up under the chosen collection.

Tip: Put your sources into collections that match your business units or data domains. This helps you manage permissions and see who owns the data.

When you add sources, you must follow strict security rules. Microsoft Purview uses network security group rules for integration runtimes and private endpoints. Only safe traffic on port 443 is allowed. Assign roles to groups, not people. Use multifactor authentication for special roles. Store credentials in Azure Key Vault. Use managed identities or service principals for scanning. Data is safe with encryption when moving and when stored. Only metadata leaves your network during scans. The actual data does not leave.

Configure Scans

After you register your data sources, you need to set up scans. Scanning helps you find, classify, and label your data automatically. You can schedule scans or run them after new data comes in.

Here are steps to set up a scan:

1. Pick the registered data source in the governance portal.

2. Authenticate with managed identities or service principals. Use the least-privilege principle for better security.

3. Pick the assets you want to scan. Limit the scan scope to what you need.

4. Pick a scan rule set. You can use default system rules or make custom rule sets for your data types.

5. Name your scan clearly so you can find it later.

6. Schedule the scan or run it now.

During scanning, Microsoft Purview samples your data. It adds classification tags based on your rules. If sensitive data is found, the system can add sensitivity labels using Microsoft Information Protection. You can automate scans to run on a schedule. You can also trigger them with tools like Azure Data Factory or Azure Functions. This keeps your data catalog updated as your data changes.

Note: Only metadata is taken during scans. Your actual data stays in your network. This keeps your information safe.

You should check scan results often. Change your scan rule sets as your data changes. Use clear scan names. Schedule scans during off-peak hours to lower impact on your systems.

Organize Governance Domains

Create Domains

You can set up domains to organize your data. Domains split your data map into sections. Each domain holds collections and assets. This helps you manage data by area or topic. For example, you can make domains for sales, finance, or human resources. You can also make domains for bigger topics like product or customer experience.

Domains help teams take care of their own data. Each team gets control over their domain. This makes it easier to grow and manage data as your company gets bigger.

To make good domains, follow these tips:

• Group domains by area or job to keep things clear.

• Give each domain a name and description. This helps people know what data is inside.

• Add business ideas to domains, like data products and glossary words.

• Use glossary words with access rules to set up automatic rules for data products.

• Change each domain to fit your company’s needs.

When you organize domains like this, people find data faster. Users can search in the right domain to get what they need. You also keep sensitive data safe and under control.

Assign Roles

After you make domains, you need to give out roles. Roles decide who can see or change data in each domain. You can give roles at different levels, like tenant, catalog, or domain.

Here are some common roles and what they do:

Give roles based on what people do, not just their job title. This keeps data safe and lets only the right people have access.

You can also use collection admins to control access in collections. Permissions from a parent collection go to subcollections unless you stop it. This helps you control access, especially for sensitive data.

Microsoft Purview Data Catalog

Catalog Data

The data catalog helps you organize and manage your data assets. First, register your data sources and scan them. This brings metadata into the catalog. Smart Data Search lets you find and explore assets fast. You can tag, write notes, and add details to each asset. This gives more context.

Here are steps to catalog new data assets:

1. Register your data sources and scan them for metadata.

2. Use Smart Data Search to find assets in the catalog.

3. Tag and describe assets with glossary terms and contacts.

4. Edit metadata for one or more assets with "View selected."

5. Use bulk edit to change things like classifications and schema.

6. Add more details with AI-powered suggestions from Purview Copilot.

7. Check and approve AI-suggested terms before you publish.

8. Run scans often to keep the catalog up to date.

Tip: Manual checks and regular scans help keep your catalog correct and matching your source data.

You can see how Microsoft Purview compares to other data catalog tools in this table:

Classify and Label

You can use classify and label to protect sensitive data. Microsoft Purview supports two main standards:

• Classifications: These group data by content, like credit card numbers or Social Security Numbers. You can use built-in types such as PII or financial data, or make your own. Apply classifications at the column level in databases.

• Sensitivity Labels: These show how data should be handled. Built-in labels include Public, General, Confidential, and Highly Confidential. You can also make custom labels. Sensitivity labels add protection, like encryption and access control, and work across Microsoft products.

When you scan your data, Purview can add classifications and sensitivity labels automatically. You set up autolabeling policies to decide when labels are used. The system looks for sensitive data patterns and adds the right label. Labels move with your data across Microsoft services. This helps you stay safe and follow rules.

Note: Sensitivity labels only work at the column level in databases. They do not change the files or databases, but they help you track and protect sensitive data.

You can also use custom rules and regular expressions to find data patterns. Supported data sources and file types are listed in the Purview documentation. Regular scans and manual checks help keep your classifications and labels current.

Data Quality and Monitoring

Set Quality Rules

You can make data quality rules in Microsoft Purview. These rules help your data stay correct and trustworthy. First, make a Critical Data Element (CDE). Add the columns you want to watch. Go to the Unified Catalog and find your CDE. Open the Data quality tab. Here, you can add new rules for your data.

There are different rule types you can use:

After you add your rules, set up scans to check your data. Microsoft Purview uses AI to help label and sort data. This lowers mistakes and keeps your catalog current.

Tip: Custom rules only work in one dataset. If you need to check across tables, use a tool like Synapse first.

Monitor Metrics

You can watch your data quality with built-in tools and dashboards. Microsoft Purview checks six main things: completeness, consistency, conformity, accuracy, freshness, and uniqueness. You see scores for each rule and get a health report for your data.

• See scan results, like how many finished, failed, or stopped.

• Check stats like minimum, maximum, uniqueness, and duplicates.

• Set alerts to tell you when data quality drops.

• Use dashboards to find problems and fix them fast.

If you find a problem, do these steps: First, check if the data format and source are right. Next, make sure settings and permissions are correct. Look for error messages and run scans again if needed. Use Microsoft’s help guides to solve problems.

AI tools help you find sensitive data and risky patterns. You can use health reports to see what needs work and keep your data safe.

You can have good data governance if you follow steps in Microsoft Purview. The unified catalog helps you keep your data safe and easy to find. This makes it simple for people to use the data. You get better compliance, safer access, and checks that run by themselves.

• Teams can see their data better, feel more in control, and keep things safer.

• You can also try advanced features, join the Microsoft Tech Community, or read the official guides to learn more.

Begin using data governance now to get the most from your data.

FAQ

How do you access Microsoft Purview if you are new to Azure?

First, sign in to the Azure portal with your Microsoft account. Next, make a Purview account from the marketplace. Then, follow the setup wizard to finish everything.

Can you scan data from sources outside Azure?

Yes, you can scan data from on-premises and cloud sources. For non-Azure sources, use self-hosted integration runtimes. Set up safe connections for each source you want to scan.

What happens if you delete your Purview account?

If you delete your Purview account, you lose all your cataloged data, scans, and settings. You will need to make a new account and start again. Always save important metadata before deleting your account.

How do you set up automated data quality checks?

Go to the Data quality tab for each dataset and make rules. Set scans to run on a schedule. Check reports to see problems and track changes.

Does Microsoft Purview help with compliance?

Yes, it does. Use built-in sensitivity labels and classification tools to protect sensitive data. Apply policies to keep data safe. Watch compliance with dashboards and alerts.