Azure Purview is a preview no more: Microsoft is ready to sniff your sensitive data
Governance and compliance are the watchwords here
Azure Purview has hit general availability, affording assistance to admins facing governance data overload.
The service is pointed at an organisation's data estate, offering up a map of data assets over the likes of SQL Server, Oracle and Salesforce regardless of their location (on-prem or – heaven forbid – some cloud that is not Microsoft's).
AWS S3 scanning is present in the generally available product while scans for Erwin, IBM DB2, Salesforce, Google BigQuery, Looker, and Cassandra remain in public preview.
Microsoft's thinking is that the resulting catalogue, built from automated data classifications, will help customers separate what is important from what is mere fluff. Purview is heavily integrated with Microsoft's data wrangler, Azure Synapse Analytics, as well as the usual suspects, such as Power BI, with the intent of helping Microsoft 365 users gain insight into the relationships lurking within the enterprise.
As with the preview, at the heart of things lie automated classifiers, more than 200 of which are set to spot sensitive data types, such as names, government IDs, and business terms.
- WTF? Microsoft makes fixing deadly OMIGOD flaws on Azure your job
- El Reg talks to Azure Data veep as Microsoft flicks the switch on Azure Arc for SQL Managed Instances
- Microsoft's Azure Virtual Desktop now works without Active Directory – but there are caveats
- Microsoft hasn't had a good time with privacy recently – so here's a tool that checks your data compliance is up to snuff
Back when the preview was rolled out, Prof Alan Woodward from the Centre for Cyber Security, University of Surrey, described it as a "welcome step," having cautioned that the very act of searching for sensitive terms by a human might accidentally cause unwanted intrusions. By using automated tools like Purview to catalogue data, he explained, "the technology can flag it without necessarily having to reveal to full content."
Information and privacy expert John Wunderlich noted Purview likely had a challenge on its hands, both in terms of context and dodging false positives. When the preview dropped, he told The Register: "Doing a comprehensive data inventory of an enterprise is expensive and time consuming. So the temptation will be to do the 'easy' stuff and call it done."
Since the preview, Microsoft has added resource set pattern rules to allow users to override how Purview detects and catalogues assets, dropped in a glossary and added support for Apache Hadoop, Cloudera, Hortonworks, and Databricks.
The Register asked Microsoft to clarify what else it had tweaked, but the company has yet to respond. ®
- Internet Explorer
- Microsoft 365
- Microsoft Build
- Microsoft Edge
- Microsoft Office
- Microsoft Surface
- Microsoft Teams
- Office 365
- Patch Tuesday
- SQL Server
- Visual Studio
- Visual Studio Code
- Windows 10
- Windows 11
- Windows 7
- Windows 8
- Windows Server
- Windows Server 2003
- Windows Server 2008
- Windows Server 2012
- Windows Server 2013
- Windows Server 2016
- Windows XP
- Xbox 360