ABAC (Attribute-Based Access Control)
ABAC decides access by evaluating attributes of the person, the resource, the action, and the context against a policy, instead of by member...
Read definitionMicrosoft Purview is Microsoft's platform for data governance, data security, and compliance. It helps organisations see what data they have, where sensitive information lives, how data moves, who can access it, and which rules apply.
Microsoft Purview is Microsoft's platform for governing, securing, and managing compliance around data. It helps answer practical questions: what data do we have, where is sensitive information, who can access it, how does it move, and which rules apply?
Purview does not replace your warehouse, lakehouse, SharePoint, Exchange, Teams, or source systems. Its catalog and governance features work mainly with metadata: names, descriptions, classifications, owners, lineage, labels, and policy information. The actual business data stays in the source.
That distinction matters. A catalog role in Purview does not automatically grant access to the underlying rows in a table. Access still belongs to the source system and its security model.
Microsoft groups Purview around three connected areas: data governance, data security, and data compliance.
Data governance. The Data Map scans sources and collects metadata. The Unified Catalog lets people search for data assets, understand ownership, read descriptions, follow lineage, use glossary terms, and organise assets into data products.
Data security. Sensitivity labels, Data Loss Prevention policies, information protection, insider risk signals, and related controls help protect confidential data. These features can classify content and act when sensitive information appears in mail, files, reports, or other supported locations.
Data compliance. Audit, retention, Data Lifecycle Management, eDiscovery, records management, and Compliance Manager help organisations prove what happened, keep information for the right period, and respond to legal or regulatory requests.
The product names and portal layout have changed over time, so it is safer to think in these jobs than in old feature groupings.
The catalog side of Purview is built on metadata. It scans supported sources such as Microsoft Fabric, Power BI, Azure data services, SQL systems, storage, on-premises sources, and other clouds. The scan records assets, schemas, classifications, and relationships where the connector supports them.
The Unified Catalog gives business and data teams one place to search. A useful catalog entry tells you what the dataset is for, who owns it, when it was refreshed, which glossary terms apply, which reports depend on it, and how sensitive it is.
Lineage is part of that story. If a column changes in a source table, lineage helps you see which pipelines, semantic models, and reports might be affected before you make the change.
Purview is most natural in organisations that already use Microsoft 365, Power BI, and Microsoft Fabric. Fabric items can appear in the governance experience, and Purview can help show lakehouses, warehouses, semantic models, reports, notebooks, and other assets in one view.
Sensitivity labels can apply across Microsoft 365, Power BI, and Fabric. A report or file marked as confidential can keep that label when exported to supported formats, depending on the feature and licence in use.
Data Loss Prevention can help detect sensitive information in supported Microsoft 365 and Fabric locations. Audit records user and admin activity so teams can investigate incidents or answer audit questions.
For a Microsoft-heavy SME, this integration is often the practical reason to look at Purview before buying a separate catalog, DLP, or compliance tool.
Microsoft Fabric has its own governance features: workspaces, item permissions, endorsement, OneLake catalog experiences, sensitivity labels, and lineage inside the Fabric world. Purview is broader. It reaches into Microsoft 365, Azure, on-premises sources, and other clouds, and it connects catalog work with security and compliance.
Separate catalog products such as Collibra, Alation, Atlan, DataHub, and OpenMetadata focus deeply on catalog workflows, glossary management, stewardship, lineage, and data discovery across many ecosystems. They can be a better fit when the organisation is not Microsoft-centred or already has a mature data governance team.
The choice is less about which catalog screen looks nicer and more about where your identities, data estate, compliance work, and governance ownership already live.
Purview is not one simple licence. Some information protection, audit, DLP, and compliance features are included in certain Microsoft 365 plans, while advanced features may need E5, add-ons, or separate entitlements. Governance and catalog capabilities can also involve separate Microsoft Purview or Azure billing, depending on which features you enable.
Do not design a Purview rollout from memory or from an old price screenshot. Check the current Microsoft Purview service description and pricing pages before promising a feature to the business. The licensing details change often enough that the architecture should treat them as a rollout check, not as copy-paste documentation.
A catalog needs owners. Scans can collect technical metadata, but they cannot decide what a dataset means or who should approve changes. Assign owners before the catalog fills up.
Keep labels simple. Too many sensitivity labels confuse users and weaken adoption. A small set that people understand is easier to apply consistently.
Start with the data that matters. Bring in the reports, datasets, mailboxes, and sources that carry business or compliance risk. A complete scan of everything is less useful than a governed view of the assets people actually rely on.
Purview supports governance; it does not replace it. The platform can show assets, labels, lineage, policies, and audit trails. The organisation still needs decisions about definitions, ownership, access, retention, and acceptable use.
ABAC decides access by evaluating attributes of the person, the resource, the action, and the context against a policy, instead of by member...
Read definitionThe AI Act is the European Union regulation that governs artificial intelligence. It sorts AI systems by risk and places obligations on anyo...
Read definitionAI literacy is the knowledge and judgement people need to use AI responsibly: understanding what a model can do, checking its output, protec...
Read definitionAnomaly detection automatically flags data points, events, or patterns that do not fit normal behaviour. It can catch odd invoices, machine ...
Read definitionAnonymisation makes data no longer reasonably linkable to a person. Pseudonymisation replaces identifiers with codes but keeps a route back ...
Read definition
Find the automation opportunities in your business that are actually worth building. A five-question test, the hotspots we keep seeing, and ...
A step by step guide on how you can create an event log for process mining.