+44 (0)20 3051 3595 | info@coeo.com | Client portal login

Microsoft Purview's 14 Key Controls

Dr Victoria Holt

Certification for Unified Data Governance

Microsoft Purview Controls, a comprehensive data governance solution, empowers businesses to understand, manage, and protect their data assets across hybrid and multi-cloud environments.

Microsoft Purview is based on a knowledge graph and data is collected from sources that are listed in the application or through the Apache Atlas API.  It uses elements such as Open Lineage and is Apache Airflow enabled.

Microsoft have announced together with Cloud Data Management Capabilities (CMDC) that Microsoft Purview, the unified data governance and compliance solution is certified against 14 key controls to keep data safe. This certification will help customers feel assured that their sensitive data is protected when thinking of cloud adoption. With the movement to the cloud comes the heighten need to use best practices to govern the data.



The controls are:

Governance and accountability

  1. Data Control Compliance must be monitored for all data assets containing sensitive data through metrics and automated notifications.
  2. The Ownership field in a data catalog must be populated for all sensitive data or otherwise reported to a defined workflow.
  3. A register of Authoritative Data Sources and Provisioning Points must be populated for all data assets containing sensitive data.
  4. The Data Sovereignty and Cross-Border Movement of sensitive data must be recorded, auditable, and controlled according to defined policy.

Cataloging and classification

  1. Cataloging must be automated for all data at the point of creation or ingestion, with consistency across all environments.
  2. Classification must be automated for all data at the point of creation or ingestion and must always be on.

Accessibility and usage

  1. Entitlements and Access for Sensitive Data must default to the creator and owner and access must be tracked for all sensitive data.
  2. Data Consumption Purpose must be provided for all Data Sharing Agreements involving sensitive data.

Protection and privacy

  1. Appropriate Security Controls must be enabled for sensitive data and evidence must be recorded.
  2. Data Privacy Impact Assessments must be automatically triggered for all personal data according to its jurisdiction.

Data lifecycle

  1. Data Quality Measurement must be enabled for sensitive data with metrics distributed when available.
  2. Data Retention, Archiving, and Purging must be managed according to a defined retention schedule.

Data and technical architecture

  1. Data Lineage information must be available for all sensitive data.
  2. Cost Metrics directly associated with data usage, storage, and movement must be available in the catalog.

These controls enable confidence to be gained on your companies data and aid in meeting regulatory requirements across all data. To get started with managing your data, consider a Microsoft Purview Proof of Concept, a Data Strategy or a Data Governance Strategy Review.

Let us know in the comments your thoughts

Subscribe to Email Updates

Back to top