{"id":120251,"date":"2022-08-24T09:00:00","date_gmt":"2022-08-24T16:00:00","guid":{"rendered":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/?p=120251"},"modified":"2024-04-08T13:46:48","modified_gmt":"2024-04-08T20:46:48","slug":"data-governance-5-tips-for-holistic-data-protection","status":"publish","type":"post","link":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/08\/24\/data-governance-5-tips-for-holistic-data-protection\/","title":{"rendered":"Data governance: 5 tips for holistic data protection"},"content":{"rendered":"\n\n\n<p>Your data is a strategic asset. To benefit your business, data requires strict controls around structure, access, and lifecycle. However, most security leaders have doubts about data security\u2014nearly 70 percent of chief information security officers (CISOs) expect to have their data compromised in a ransomware attack.<sup>1<\/sup> Part of the problem lies in traditional data-management solutions, which tend to be overly complex with multiple unconnected, duplicative processes augmented with point-wise integrations. This patchwork approach can expose infrastructure gaps that attackers will exploit.<\/p>\n\n\n<div class=\"wp-block-msxcm-kicker-container\">\n\t<div class=\" wp-block-msxcm-kicker-block wp-block-msxcm-kicker--align-left\" data-bi-an=\"Kicker Left\">\n\t\t<p class=\"wp-block-msxcm-kicker__title small text-neutral-400 text-uppercase\">\n\t\t\tWhat is a data breach?\t\t<\/p>\n\t\t<a\n\t\t\tclass=\"wp-block-msxcm-kicker__cta btn btn-link p-0 text-decoration-none\"\n\t\t\thref=\"https:\/\/www.microsoft.com\/en-us\/security\/business\/security-101\/what-is-a-data-breach\"\n\t\t\t\t\t>\n\t\t\t<span>Learn more<\/span> <span class=\"glyph-append glyph-append-xsmall wp-block-msxcm-kicker__glyph glyph-append-go\"><\/span>\n\t\t<\/a>\n\t<\/div>\n<\/div>\n\n\n\n<p>In contrast, proactive data governance offers a holistic approach that conserves resources and simplifies the protection of your data assets. This integrated approach to data governance is a vital component of Zero Trust security and spans the complete lifecycle of your data. It also reduces the cost incurred by a data breach, both by shrinking the blast radius and preventing an attacker from moving laterally within your network. <a href=\"https:\/\/azure.microsoft.com\/services\/purview\/\" target=\"_blank\" rel=\"noreferrer noopener\">Microsoft Purview<\/a> provides a comprehensive data governance solution designed to help manage your on-premises, multicloud, and software as a service (SaaS) data. To help you get more from your data, we\u2019ve put together five guideposts.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"1-create-a-data-map-of-all-your-data-assets\">1. Create a data map of all your data assets<\/h2>\n\n\n\n<p>Before you can protect your data, you\u2019ll need to know where it\u2019s stored and who has access. That means creating comprehensive descriptions of all data assets across your entire digital estate, including data classifications, how it\u2019s accessed, and who owns it. Ideally, you should have a fully managed data scanning and classification service that handles automated data discovery, sensitive data classification, and <a href=\"https:\/\/docs.microsoft.com\/azure\/purview\/concept-elastic-data-map\" target=\"_blank\" rel=\"noreferrer noopener\">mapping an end-to-end data lineage<\/a> for every asset. You\u2019ll also want to make data easily discoverable by labeling it with familiar business and technical search terms.<\/p>\n\n\n\n<p>Storage is a vital component of any data map and should include technical, business, operational, and semantic metadata. This includes schema, data type, columns, and other information that can be quickly discovered with automated data scanning. Business metadata should include automated tagging of things like descriptions and glossary terms. Semantic metadata can include mapping to data sources or classifications, and operational metadata can include data flow activity such as run status and run time.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"2-build-a-decision-and-accountability-framework\">2. Build a decision and accountability framework<\/h2>\n\n\n\n<p>Once you know where all your data is located, you\u2019ll need to document the roles and responsibilities of each asset. Start by answering seven basic questions:<\/p>\n\n\n\n<ol class=\"wp-block-list\" style=\"list-style-type:1\">\n<li>How is our data accessed and used?&nbsp;<\/li>\n\n\n\n<li>Who is accountable for our data?<\/li>\n\n\n\n<li>How will we respond when business or regulatory requirements change? &nbsp;<\/li>\n\n\n\n<li>What is the process for revoking access due to a role change or an employee leaving?<\/li>\n\n\n\n<li>Have we implemented monitoring and reporting to track data access?<\/li>\n\n\n\n<li>How do we handle lifecycle management?<\/li>\n\n\n\n<li>Are we automating permissions management to enforce security and compliance?<\/li>\n<\/ol>\n\n\n\n<p>In response to question number one, you should develop a detailed lifecycle for data access that covers employees, guests, partners, and vendors. When deciding what data someone may need to access, consider both the person\u2019s role and how the data in question will be used. Business unit leaders should determine how much access each position requires.<\/p>\n\n\n\n<p>Based on the information gathered, your IT and security partners can create <a href=\"https:\/\/docs.microsoft.com\/azure\/role-based-access-control\/overview\" target=\"_blank\" rel=\"noreferrer noopener\">role-based access controls<\/a> (RBAC) for each employee position and partner or vendor request. The compliance team will then be responsible for monitoring and reporting to ensure that these controls are put into practice. Implementing a <a href=\"https:\/\/www.microsoft.com\/security\/business\/identity-access\/microsoft-entra-permissions-management\">permissions management solution<\/a> can also help your organization by preventing misuse and malicious exploitation of permissions. By automatically detecting anomalous alerts, your organization can reduce IT workloads, conserve resources, and increase user productivity.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"3-monitor-access-and-use-policies\">3. Monitor access and use policies<\/h2>\n\n\n\n<p>Next, you\u2019ll need to document the policies for each data repository. Determine who can access the data\u2014including read versus write access\u2014and how it can be shared and used in other applications or with external users. Will your organization be storing personal identifiable information (PII) such as names, identification numbers, and home or IP addresses in this repository? With any sensitive data, it\u2019s imperative to enforce the <a href=\"https:\/\/www.microsoft.com\/security\/business\/zero-trust\">Zero Trust<\/a> principle of least privilege or just-in-time (JIT) access.<\/p>\n\n\n\n<p>The JIT permissions model strengthens the principle of least privilege by reducing the attack surface to only those times when privileges are actively being used (unlike the all-day, every day attack surface of standing privileges). This is similar to the just-enough-privilege (JEP), wherein a user completes a request describing the task and data they need to access. If the request is approved, the user is provisioned with a temporary identity to complete the task. Once the task is completed, the identity can be disabled or deleted. There\u2019s also a \u201cbroker-and-remove-access\u201d approach, wherein standing privileged accounts are created and their credentials stored securely. Users must then provide a justification when requesting to use one of the accounts to access data for a specific amount of time.<\/p>\n\n\n\n<p>Your organization can protect itself by maintaining a log of every request for elevated access (granted or declined), including when the access was revoked. All organizations, especially those storing PII, need to be able to prove to auditors and regulators that privacy policies are being enforced. Eliminating standing privileged accounts can help your organization avoid audit troubles.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"4-track-both-structured-and-unstructured-data\">4. Track both structured and unstructured data<\/h2>\n\n\n\n<p>Traditionally, <a href=\"https:\/\/www.microsoft.com\/en-us\/security\/business\/security-101\/what-is-data-governance-for-enterprise\">data governance<\/a> has focused on business files and emails. But stricter regulations now require organizations to <a href=\"https:\/\/www.microsoft.com\/security\/business\/information-protection\/microsoft-purview-data-loss-prevention\">ensure that all data is protected<\/a>. This includes both structured and unstructured data shared on cloud apps, on-premises data, shadow IT apps\u2014everything. Structured data is comprised of clearly defined data types with patterns that make them easily searchable, such as Microsoft Office or Google Docs. Unstructured data can include anything else, such as audio files, videos, and even social media posts.<\/p>\n\n\n\n<p>So, should you leave it up to the individual asset owner to implement their own data protections across such a vast data landscape? An alternative that some of Microsoft\u2019s customers have embraced involves developing a matrixed approach to data governance, wherein security and compliance experts help data owners meet requirements for protecting their data. In this scenario, a \u201ccommon data matrix\u201d is used to track how data domains are interacted with across your organization. This can help document which areas of your business can simply create data versus read, access, or remove data assets. Your data matrix should identify the data\u2019s source, including any shadow IT systems in use. Make sure to capture any domains and sub-domains containing sensitive or confidential data, subject to government regulation. Also, documenting roles and responsibilities for each business unit allows everyone to understand who is using specific data for a particular job, as well as who is adding data into a system and who is responsible for it.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"5-delete-data-that-s-no-longer-needed\">5. Delete data that\u2019s no longer needed<\/h2>\n\n\n\n<p>\u201cDark data,\u201d which organizations pay to store but goes underutilized in decision making, is now growing at a rate of 62 percent per year.<sup>2<\/sup> Given that most IT teams are already overstretched, asking them to stand guard over vast data lakes is not a recipe for security. So, how do you know when some data is no longer useful to your organization?<\/p>\n\n\n\n<p>Sometimes the easiest way to protect data is to delete it. In keeping with the Zero Trust principle of \u201cassume breach,\u201d less data means less risk. Theft of intellectual property (IP) can be financially hazardous, whereas theft of customer PII can be disastrous long-term for your brand. Privacy laws require that businesses keep PII only for as long as it has served its original purpose.<sup>3 <\/sup>However, manually tracking which files are subject to deletion would be nearly impossible. A better approach is to implement ongoing controls to auto-expire PII or set up automated reminders for reviewing sensitive data to decide if it\u2019s still needed.<\/p>\n\n\n\n<p>Understanding the <a href=\"https:\/\/www.microsoft.com\/security\/business\/information-protection\/microsoft-purview-data-lifecycle-management\">lifecycle of data<\/a> makes it easier to delete when it\u2019s no longer needed. An integrated data governance solution with intelligent machine learning capabilities can do the work for you, classifying content when it\u2019s created and automatically applying appropriate sunset policies.<sup>4<\/sup> Or, use <a href=\"https:\/\/techcommunity.microsoft.com\/t5\/security-compliance-and-identity\/announcing-multi-stage-retention-in-microsoft-purview-data\/ba-p\/3282126\" target=\"_blank\" rel=\"noreferrer noopener\">multi-stage retention<\/a> policies to automatically apply a new label at the end of a retention period.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"learn-more\">Learn more<\/h2>\n\n\n\n<p>Proactive, holistic data governance is an integral part of <a href=\"https:\/\/www.microsoft.com\/en-us\/security\/business\/security-101\/what-is-data-protection\">data protection<\/a>, spanning the complete lifecycle and helping drive business outcomes by ensuring that your data is discoverable, accurate, and secure. <a href=\"https:\/\/azure.microsoft.com\/services\/purview\/\" target=\"_blank\" rel=\"noreferrer noopener\">Microsoft Purview<\/a> integrates and automates data governance by setting lifecycle controls on your sensitive data, protecting against data loss, and managing RBAC. To experience Purview in your organization, you\u2019re welcome to start with a <a href=\"https:\/\/aka.ms\/purviewtrial\" target=\"_blank\" rel=\"noreferrer noopener\">free trial<\/a>.<\/p>\n\n\n\n<p>Learn some top-level information about <a href=\"https:\/\/www.microsoft.com\/en-us\/security\/business\/security-101\/what-is-data-governance-for-enterprise\">data governance for enterprise businesses<\/a>.<\/p>\n\n\n\n<p>To learn more about Microsoft Security solutions,&nbsp;<a href=\"https:\/\/www.microsoft.com\/security\/\">visit our&nbsp;website<\/a>.&nbsp;Bookmark the&nbsp;<a href=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\">Security blog<\/a>&nbsp;to keep up with our expert coverage on security matters. Also, follow us at&nbsp;<a href=\"https:\/\/twitter.com\/@MSFTSecurity\">@MSFTSecurity<\/a>&nbsp;for the latest news and updates on cybersecurity.<\/p>\n\n\n\n<div style=\"height:100px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity is-style-wide\"\/>\n\n\n\n<p><sup>1<\/sup><a href=\"https:\/\/www.itpro.com\/security\/ransomware\/361298\/nearly-seven-in-ten-cisos-expect-a-ransomware-attack\" target=\"_blank\" rel=\"noreferrer noopener\">Almost 70% of CISOs expect a ransomware attack<\/a>, Danny Bradbury. October 19, 2021.<\/p>\n\n\n\n<p><sup>2<\/sup>September 2021 survey of 512 United States compliance decision-makers commissioned by Microsoft from Vital Findings.<\/p>\n\n\n\n<p><sup>3<\/sup><a href=\"https:\/\/www.gdpreu.org\/the-regulation\/key-concepts\/personal-data\/\" target=\"_blank\" rel=\"noreferrer noopener\">GDPR personal data\u2014what information does this cover?<\/a>, GDPR. 2022.<\/p>\n\n\n\n<p><sup>4<\/sup>Microsoft is committed to making sure AI systems are developed responsibly and in ways that warrant people\u2019s trust. As part of this commitment, Microsoft Purview engineering teams are operationalizing the six core principles of <a href=\"https:\/\/www.microsoft.com\/ai\/our-approach?activetab=pivot1:primaryr5\">Microsoft\u2019s Responsible AI strategy<\/a> to design, build and manage AI solutions. As part of our effort to responsibly deploy AI, we provide documentation, gating, scenario attestation, and more to help organizations use AI systems responsibly.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Proactive data governance offers a holistic approach that conserves resources and simplifies the protection of your data assets. Microsoft Purview provides a comprehensive data governance solution designed to help manage your on-premises, multicloud, and software as a service (SaaS) data. Here are five ways it can help.<\/p>\n","protected":false},"author":162,"featured_media":120254,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"ms_queue_id":[],"ep_exclude_from_search":false,"_classifai_error":"","_classifai_text_to_speech_error":"","footnotes":""},"content-type":[3659],"topic":[3669,3689],"products":[3710],"threat-intelligence":[],"tags":[],"coauthors":[2573,3000],"class_list":["post-120251","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","content-type-best-practices","topic-data-protection","topic-zero-trust","products-microsoft-purview","review-flag-1-1694638265-354","review-flag-2-1694638266-864","review-flag-3-1694638266-241","review-flag-4-1694638266-512","review-flag-5-1694638266-171","review-flag-disabled","review-flag-machi-1694638272-641","review-flag-new-1694638263-340","review-flag-partn-1694638263-177","review-flag-percent"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v24.7 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Data governance: 5 tips for holistic data protection | Microsoft Security Blog<\/title>\n<meta name=\"description\" content=\"Microsoft Purview provides a comprehensive data governance solution designed to help manage your on-premises, multicloud, and SaaS data.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/08\/24\/data-governance-5-tips-for-holistic-data-protection\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Data governance: 5 tips for holistic data protection | Microsoft Security Blog\" \/>\n<meta property=\"og:description\" content=\"Microsoft Purview provides a comprehensive data governance solution designed to help manage your on-premises, multicloud, and SaaS data.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/08\/24\/data-governance-5-tips-for-holistic-data-protection\/\" \/>\n<meta property=\"og:site_name\" content=\"Microsoft Security Blog\" \/>\n<meta property=\"article:published_time\" content=\"2022-08-24T16:00:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-04-08T20:46:48+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2022\/08\/Manufacturing_1920x1080.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"675\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Malli Vangala, Erica Toelle\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2022\/08\/Manufacturing_1920x1080.png\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Malli Vangala, Erica Toelle\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/08\/24\/data-governance-5-tips-for-holistic-data-protection\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/08\/24\/data-governance-5-tips-for-holistic-data-protection\/\"},\"author\":[{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/author\/malli-vangala\/\",\"@type\":\"Person\",\"@name\":\"Malli Vangala\"},{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/author\/erica-toelle\/\",\"@type\":\"Person\",\"@name\":\"Erica Toelle\"}],\"headline\":\"Data governance: 5 tips for holistic data protection\",\"datePublished\":\"2022-08-24T16:00:00+00:00\",\"dateModified\":\"2024-04-08T20:46:48+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/08\/24\/data-governance-5-tips-for-holistic-data-protection\/\"},\"wordCount\":1584,\"publisher\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/08\/24\/data-governance-5-tips-for-holistic-data-protection\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2022\/08\/Manufacturing_1920x1080.png\",\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/08\/24\/data-governance-5-tips-for-holistic-data-protection\/\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/08\/24\/data-governance-5-tips-for-holistic-data-protection\/\",\"name\":\"Data governance: 5 tips for holistic data protection | Microsoft Security Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/08\/24\/data-governance-5-tips-for-holistic-data-protection\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/08\/24\/data-governance-5-tips-for-holistic-data-protection\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2022\/08\/Manufacturing_1920x1080.png\",\"datePublished\":\"2022-08-24T16:00:00+00:00\",\"dateModified\":\"2024-04-08T20:46:48+00:00\",\"description\":\"Microsoft Purview provides a comprehensive data governance solution designed to help manage your on-premises, multicloud, and SaaS data.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/08\/24\/data-governance-5-tips-for-holistic-data-protection\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/08\/24\/data-governance-5-tips-for-holistic-data-protection\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/08\/24\/data-governance-5-tips-for-holistic-data-protection\/#primaryimage\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2022\/08\/Manufacturing_1920x1080.png\",\"contentUrl\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2022\/08\/Manufacturing_1920x1080.png\",\"width\":1200,\"height\":675,\"caption\":\"Two people working in a warehouse.\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/08\/24\/data-governance-5-tips-for-holistic-data-protection\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Data governance: 5 tips for holistic data protection\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#website\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\",\"name\":\"Microsoft Security Blog\",\"description\":\"Expert coverage of cybersecurity topics\",\"publisher\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization\",\"name\":\"Microsoft Security Blog\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-cropped-microsoft_logo_element.png\",\"contentUrl\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-cropped-microsoft_logo_element.png\",\"width\":512,\"height\":512,\"caption\":\"Microsoft Security Blog\"},\"image\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/logo\/image\/\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Data governance: 5 tips for holistic data protection | Microsoft Security Blog","description":"Microsoft Purview provides a comprehensive data governance solution designed to help manage your on-premises, multicloud, and SaaS data.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/08\/24\/data-governance-5-tips-for-holistic-data-protection\/","og_locale":"en_US","og_type":"article","og_title":"Data governance: 5 tips for holistic data protection | Microsoft Security Blog","og_description":"Microsoft Purview provides a comprehensive data governance solution designed to help manage your on-premises, multicloud, and SaaS data.","og_url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/08\/24\/data-governance-5-tips-for-holistic-data-protection\/","og_site_name":"Microsoft Security Blog","article_published_time":"2022-08-24T16:00:00+00:00","article_modified_time":"2024-04-08T20:46:48+00:00","og_image":[{"width":1200,"height":675,"url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2022\/08\/Manufacturing_1920x1080.png","type":"image\/png"}],"author":"Malli Vangala, Erica Toelle","twitter_card":"summary_large_image","twitter_image":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2022\/08\/Manufacturing_1920x1080.png","twitter_misc":{"Written by":"Malli Vangala, Erica Toelle","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/08\/24\/data-governance-5-tips-for-holistic-data-protection\/#article","isPartOf":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/08\/24\/data-governance-5-tips-for-holistic-data-protection\/"},"author":[{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/author\/malli-vangala\/","@type":"Person","@name":"Malli Vangala"},{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/author\/erica-toelle\/","@type":"Person","@name":"Erica Toelle"}],"headline":"Data governance: 5 tips for holistic data protection","datePublished":"2022-08-24T16:00:00+00:00","dateModified":"2024-04-08T20:46:48+00:00","mainEntityOfPage":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/08\/24\/data-governance-5-tips-for-holistic-data-protection\/"},"wordCount":1584,"publisher":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization"},"image":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/08\/24\/data-governance-5-tips-for-holistic-data-protection\/#primaryimage"},"thumbnailUrl":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2022\/08\/Manufacturing_1920x1080.png","inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/08\/24\/data-governance-5-tips-for-holistic-data-protection\/","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/08\/24\/data-governance-5-tips-for-holistic-data-protection\/","name":"Data governance: 5 tips for holistic data protection | Microsoft Security Blog","isPartOf":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/08\/24\/data-governance-5-tips-for-holistic-data-protection\/#primaryimage"},"image":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/08\/24\/data-governance-5-tips-for-holistic-data-protection\/#primaryimage"},"thumbnailUrl":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2022\/08\/Manufacturing_1920x1080.png","datePublished":"2022-08-24T16:00:00+00:00","dateModified":"2024-04-08T20:46:48+00:00","description":"Microsoft Purview provides a comprehensive data governance solution designed to help manage your on-premises, multicloud, and SaaS data.","breadcrumb":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/08\/24\/data-governance-5-tips-for-holistic-data-protection\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/08\/24\/data-governance-5-tips-for-holistic-data-protection\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/08\/24\/data-governance-5-tips-for-holistic-data-protection\/#primaryimage","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2022\/08\/Manufacturing_1920x1080.png","contentUrl":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2022\/08\/Manufacturing_1920x1080.png","width":1200,"height":675,"caption":"Two people working in a warehouse."},{"@type":"BreadcrumbList","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/08\/24\/data-governance-5-tips-for-holistic-data-protection\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/"},{"@type":"ListItem","position":2,"name":"Data governance: 5 tips for holistic data protection"}]},{"@type":"WebSite","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#website","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/","name":"Microsoft Security Blog","description":"Expert coverage of cybersecurity topics","publisher":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization","name":"Microsoft Security Blog","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-cropped-microsoft_logo_element.png","contentUrl":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-cropped-microsoft_logo_element.png","width":512,"height":512,"caption":"Microsoft Security Blog"},"image":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/logo\/image\/"}}]}},"msxcm_display_generated_audio":false,"distributor_meta":false,"distributor_terms":false,"distributor_media":false,"distributor_original_site_name":"Microsoft Security Blog","distributor_original_site_url":"https:\/\/www.microsoft.com\/en-us\/security\/blog","push-errors":false,"_links":{"self":[{"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/posts\/120251","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/users\/162"}],"replies":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/comments?post=120251"}],"version-history":[{"count":2,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/posts\/120251\/revisions"}],"predecessor-version":[{"id":133956,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/posts\/120251\/revisions\/133956"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/media\/120254"}],"wp:attachment":[{"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/media?parent=120251"}],"wp:term":[{"taxonomy":"content-type","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/content-type?post=120251"},{"taxonomy":"topic","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/topic?post=120251"},{"taxonomy":"products","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/products?post=120251"},{"taxonomy":"threat-intelligence","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/threat-intelligence?post=120251"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/tags?post=120251"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/coauthors?post=120251"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}