Login

What Is Microsoft Purview?

What Is Microsoft Purview?

If you already manage Microsoft 365, think of Microsoft Purview as the compliance, governance, and data‑protection side of Microsoft 365.
Where the Microsoft 365 admin center handles apps, licensing, and users, Purview controls what happens to your data:

  • Who can see it
  • How long it must be kept
  • When it must be deleted
  • How sensitive it is
  • How it is protected
  • What happens if someone tries to misuse it
  • How legal teams search & hold data

Purview brings together many compliance solutions into one place, making it easier to govern, protect, and manage your organisation’s data wherever it lives.

1. Why Does Purview Matter to Admins?

Modern M365 tenants generate enormous amounts of data.
Purview helps admins:

  • Stop sensitive data leaking (DLP)
  • Classify and label files and emails
  • Investigate breaches or insider risks
  • Handle legal compliance and eDiscovery
  • Manage retention & records
  • Protect chats, emails, files, and Copilot interactions
  • Apply encryption, including Customer Key or Double Key Encryption

If you’ve ever thought “How do I control what users do with data?”, Purview is the answer.

2. Understanding Purview Licensing

Purview is a tenant‑level service. This means some features are automatically turned on or available across the tenant — but every user who benefits from Purview still needs the correct license.

Who needs a license?

Any user who is touched by a Purview feature:

  • Users assigned a Purview role in the Purview portal
  • A user whose mailbox, OneDrive, device, or Teams chats are processed by a Purview policy
  • SharePoint/Teams owners or members when a site or team is under retention or DLP policy
  • Users in adaptive scope policies

Who does not need a license?

  • SharePoint or Teams visitors / view‑only roles
  • Inactive mailboxes

Shared mailboxes

Most Purview features do not require a shared mailbox license.
BUT: if the feature explicitly requires E5/A5/G5‑level licensing, then the shared mailbox needs a license too.

3. Key Purview Feature Areas

Below are the major Purview product areas explained simply — so you know what they do and why they matter.

3.1 Audit (Standard & Premium)

Audit (Standard)

Lets you search audit logs for user/admin activity, useful for troubleshooting or investigations.

Audit Standard is included in:

  • Microsoft 365 E5 + Copilot
  • Microsoft 365 E3 + Copilot
  • Microsoft 365 E5/A5/G5

Audit (Premium)

Adds:

  • 1‑year log retention
  • High‑value audit events (e.g., “mail item opened/read”)
  • Custom retention policies
  • High‑bandwidth API access

Who benefits?
Any user whose activities are logged under Premium will need the corresponding E5‑level license.

3.2 Collection Policies

This is where you decide what signals Purview should collect:

  • Sensitive info types
  • Activities
  • Copilot prompts/responses
  • Data sources for risk/AI/DLP

Admin tip:
No licensing is required to create the policies, but the workload you target does require its relevant license (e.g., endpoint DLP requires endpoint DLP licensing).

3.3 Communication Compliance

Monitors messages across Microsoft and third‑party apps for:

  • Sensitive data sharing
  • Harassment / threats
  • Regulatory compliance
  • Policy violations

Includes Teams, Viva Engage, Outlook, WhatsApp (via connectors), and Copilot messages too depending on license.

Licensing: Available across E5, Purview Suite, and Defender + Purview Suite.

3.4 Compliance Manager

A tool to help admins and compliance teams:

  • Track regulatory requirements
  • Complete assessments
  • Follow guided actions
  • Improve compliance posture (compliance score)

Included with:

  • Office 365 and Microsoft 365 licenses including Business Premium
  • GCC, GCC High, DoD

3.5 Customer Lockbox

Prevents Microsoft engineers from accessing customer content unless your organisation explicitly approves it.

Included with:

  • Office 365 E5/A5/G5
  • Microsoft 365 E5/A5/G5 and Purview Suite SKUs

3.6 Data Connectors

Allows importing third‑party data (e.g., WhatsApp, Zoom, social platforms) into Microsoft 365 so Purview features can process it.

Example: Bringing WhatsApp messages into M365 so DLP or eDiscovery can scan them.
Licensing applies to every user benefiting from connector services.

3.7 Data Lifecycle & Records Management

Controls:

  • How long data must be retained
  • When it must be deleted
  • Regulatory records
  • Email archiving

Admin tip:
This area is complex because each location (Exchange, SharePoint, OneDrive, Teams, Copilot interactions) has different licensing requirements.

3.8 Data Loss Prevention (DLP)

DLP scans data for sensitive information and applies real‑time protections.

Purview DLP covers:

1. Endpoint DLP

Monitors sensitive data saved, copied, or transferred on Windows/macOS endpoints.
Requires E5 or equivalent.

2. DLP for cloud apps (browser)

Controls how data is shared to unmanaged cloud apps.
Pay‑as‑you‑go capability.

3. DLP for network traffic

Protects sensitive data moving across the network to cloud apps.
Pay‑as‑you‑go capability.

4. DLP for Teams

Prevents sending sensitive information in Teams chats/channels.

5. DLP for Exchange, SharePoint, OneDrive

The classic M365 DLP.
Enabled by default on these workloads.

3.9 eDiscovery (Standard & Premium)

eDiscovery Standard

Lets admins:

  • Create cases
  • Run content searches
  • Export data
  • Apply simple holds

eDiscovery Premium

Adds:

  • End‑to‑end review workflow
  • Custodian management
  • Advanced analytics
  • Legal hold notifications
  • Copilot interaction search

Admins AND custodians need the appropriate licenses.

3.10 Information Barriers

Prevents certain groups of users from:

  • Communicating
  • Sharing
  • Finding each other in people search

Used heavily in finance, legal, healthcare, and high‑risk industries.

3.11 Information Protection (Sensitivity Labels)

This area controls:

  • Sensitivity labels
  • Encryption
  • Label inheritance
  • Auto‑labeling
  • S/MIME encryption
  • Conditional access via labels

Labels can apply to:

  • Files
  • Emails
  • Meetings
  • Sites and Groups

Features span all licensing levels from Business Premium → E5.

3.12 Advanced Message Encryption

Allows:

  • Expiring encrypted emails
  • Revoking access
  • Custom branded encrypted email templates

3.13 Customer Key & Double Key Encryption

Customer Key: You supply your own encryption key for Microsoft 365 data-at-rest.
Double Key Encryption: Microsoft stores one key, you hold the other. Microsoft can never decrypt alone.

3.14 Insider Risk Management

Detects risky or malicious internal behaviour such as:

  • Data exfiltration
  • Insider threats
  • High‑risk user activity

Also includes optional Forensic Evidence, purchasable in 100GB increments

Share :

Latest News