Microsoft Purview might be too intrusive, IT admins agree
There is a whole debate in whether Purview is intrusive or not.
5 min. read
Published on
Share this article
Read our disclosure page to find out how can you help Windows Report sustain the editorial team Read more
Key notes
- Microsoft Purview is a much better version of Windows Information Protection (WIP).
- However, some IT admins agree that it can terrifying to manage sensitive data.
- On the other hand, some agree that work life is not private anyways, so it shouldn't be a bother.
According to Microsoft, Microsoft Purview is a family of data governance, risk, and compliance solutions that can help your organization govern, protect, and manage your entire data estate. Microsoft Purview solutions provide integrated coverage and help address the recent increases in remote user connectivity, the fragmentation of data across organizations, and the blurring of traditional IT management roles.
But according to IT admins, who use it, Microsoft Purview is too intrusive. In a Reddit thread, an IT admin admits that this tool can be terrifying sometimes. Why is that? Well, you can actually see everybody’s activity, and pretty much nothing is hidden.
Literally every single thing that anyone does across all devices is right there in a near real time list. Is this all just too much? I honestly feel conflicted in using this as it feels too intrusive.
In all common sense, Microsoft Purview handles sensitive data. Last year, Microsoft announced the sunset of Windows Information Protection in favor of Microsoft Purview, because the tool is preferable when talking about organizations’ data, management, and so on. But is it intrusive, or just very justifiable in this context?
How intrusive is Microsoft Purview?
One side of the coin is this: Microsoft Purview records all the activity done by an organization, at exact times. This makes it a very useful tool when it comes to management. The tool works by bringing together all the other tools used for such kind of situations. But they’re just in one place.
Purview is a powerful tool
Of course, as an IT admin, having access to information, especially classified one, which can be dangerous to manage sometimes, can seem terrifying. But it only does its job. Another Reddit user puts it this way.
It’s a powerful tool, but all it really does is consolidate options that were previously spread amongst about 50 different control panel. Take the unified audit log, for example. Yeah, great, everything’s in one place. On the down side, everything’s in one place. Unless you know exactly how what you’re looking for is recorded, it can be an absolute nightmare to track things down. Considering the amount of data a lot of companies deal with, it’s needed, and, as with anything else, the majority of decent admins don’t actually care about the data, unless it’s flagged as bad data in terms of shouldn’t be there, or shouldn’t be sent externally. Sure, there is the occasional issue of someone having a nosey into someone else’s private data, but that’s generally the exception, and all this tracking makes it easier to record their misuse as well.
Purview records all working activity
On the other side of the coin, is work-life private?
To some extent, it is. Where GDPR is concerned, it is. To some extent. Here’s what another Reddit user says.
Iâm a sysadmin for a Critical Infrastructure facility in Germany, and we had to have more than a couple meetings about logging the actions our admins take concerning GDPR compliance. I repeat, weâre legally obligated to retain pretty much all information on our systems. Who does what, when, for what reason, how exactly, and all that for a year or so.
However, the GDPR legislations are European, and they only affect European organizations. And even so, no one can disclose any information, if that information is protected. So your work-life from the perspective of Microsoft Purview is just a recording of all of your working activity within the organization. If you decide to disclose sensitive information, then you do it at your own risk, with or without Microsoft Purview recording you.
Who has access to Purview?
Usually, the Purview has its own contained permissions that you configure in the Purview portal. You also have Azure AD roles that can be used to get back in, in case you get locked out.
Additionally, you need to be a global admin to have unrestricted access to the Purview portal. And to access additional information across all your organization, you need some other permissions as well.
So it’s not very easy to decide who is the watcher that is watching the organization. And even then, few individuals have this sort of access.
The conclusion? Microsoft Purview can seem terrifying, especially as an Admin. You’ll have a lot of access to info that is both essential and confidential, and most likely, few individuals from your organization will know about it.
But work is work. And an organization has every right to record all the activity if the recording will help it to develop and grow. And ultimately, Purview is a great tool to keep all things in control. From management to HR, to other administrative departments, at least everything is in sync.
What do you think about it? Is Microsoft Purview really intrusive? Let us know in the comments section below.
