Purview Secure by Default: Jumpstart Your Data Governance
Microsoft Purview Secure by Default helps small and mid-sized businesses implement data governance efficiently. By following a structured framework, organizations can deploy sensitivity labeling, data loss prevention (DLP), and Insider Risk Management (IRM) without requiring a dedicated compliance team. Learn how Purview can help protect sensitive data, prevent AI oversharing, and ensure compliance while gradually increasing governance controls.
Achieving Successful Data Governance Is More Organizational Than Technical
Data governance isn’t just a technical challenge—it’s an organizational one. This guide breaks down the critical roles, responsibilities, and training needed to ensure your Microsoft Purview deployment delivers meaningful, lasting compliance and data protection.
Use Purview DLP Simulation Mode to Understand PII Risks
In most organizations, the end of the year is a unique time. People are scrambling to balance taking time off, finishing projects, enrolling in the new year’s benefit plans, preparing for tax reporting, and performing year-end administrative tasks. Many of these events involve sharing or processing more employee and customer PII (Personally Identifiable Information) data […]
What Should I Do with These DLP Alerts, Anyway?
Today I am going to address a common tactical and process challenge that comes up when working with clients implementing Data Loss Prevention policies: How are DLP alerts handled? Also, who performs triage, investigation, and resolution? DLP alerts are unique. They can be an indicator of a number of different issues, and they frequently require […]
Purview’s New AI Hub: Reduce AI Risks, Improve AI Visibility
I have written extensively about getting data governance programs off the ground and the fundamentals of Purview Compliance. Today, though, I would like to address the AI concerns in organizations that already have mature Purview implementations, including advanced E5 features like Endpoint DLP, Insider Risk Management, and Communication Compliance. Their AI compliance challenges are evolving […]
Dive Into Business Processes to Improve Data Governance and AI Efforts
We engage with a lot of small- to mid-sized organizations that are in different phases of planning or implementing data governance, compliance, or AI initiatives. I have noticed that there is a common circumstance that can slow down or frustrate these projects: The people tasked with getting a data governance program off the ground (often […]
Teams Governance Settings: Balance Collaboration and Risk
Microsoft Teams is an incredibly powerful tool that enables efficient collaboration and information access across an organization. That said, a remarkable number of customers that we work with struggle to manage and secure it the way that they would like to. Much of the time, Teams was enabled during the pandemic to try to help […]
AI Program Management: Lessons Learned from Infosec
The eGroup Enabling Technologies team has been spending a lot of time in the last few months helping clients preparing and deploying Microsoft 365 Copilot and other AI tools. Through this work, it has become clear that to successfully adopt and maximize the value of these tools, it will require a new program management area […]
The Case for Tabletop Exercises in Incident Response Planning
Tabletop exercises remain a mainstay of disaster recovery and incident management preparation, and with good reason: they provide an accessible and low-cost way to demonstrate the organization’s readiness (or lack thereof) for an adverse event without expensive penetration testing or Red Team attack simulations. Today we will focus on the reasons a tabletop exercise should […]
How Data Archival Brings Stronger Data Governance
The Challenge Quite often I work with clients that are trying to untie the Gordian knot that is data retention and stale data deletion. In most cases, these organizations have adopted some form of “keep everything forever” because it is difficult to get internal legal or risk teams to define a realistic retention policy—or if […]
