By Fergal Glynn, Chief Marketing Officer at Next DLP

I recently published a blog asking if Microsoft “lock-in” is the right security strategy for your organization? and wanted to provide this summary on LinkedIn.

In the blog, I ask how finance teams became so influential in selecting cybersecurity products and provide advice for CSOs and CISOs facing CFO pressure to go all in on E5 (the license tier that includes Microsoft’s data security solution, Purview). For companies who have the E5 license, the post provides some tips on how to fix some Purview gaps and how to show the value of a specialized tool that complements Purview.

What is Vendor “lock-in”?

In the tech world, vendor lock-in refers to a situation where a customer becomes dependent on a particular vendor’s products or services and finds it difficult to switch to another vendor without substantial cost, effort, or disruption. Customers are essentially forced to stay with the providers they have and buy more from the incumbent. Providers with locked-in customers can offer an inferior service without losing customers. This removes competition from the market, meaning better companies lose out and customers have to put up with overpaying for a service that could be a lot better.

What is Purview?

Purview is a collection of different technologies, some developed in-house by Microsoft and others acquired, that have been loosely integrated and rebranded Microsoft Purview.

The Pros and Cons of Going all in on Microsoft Purview

Going all in with Microsoft Purview comes with its set of pros and cons.

Image: Microsoft Purview pros and cons

The Positives of Going all in on Purview

Purview could potentially replace other security tools and address security cost concerns. Purview claims to offer a chance to establish a more cohesive approach to the entire security stack by consolidating to one provider and replacing best-of-breed point solutions. With comprehensive reporting and integrated technologies, Microsoft touts improved insights for better decision-making and threat response.

The Negatives of Going all in on Purview

On the other hand, CISOs need to be aware of implementation costs, ongoing maintenance costs, the organization’s overall security posture, support ticket resolution timing, and feature requests and delivery.

Lengthy Deployments:

Deploying Purview, a complex amalgamation of technologies, demands expertise and resources. A Next customer with E5 faced challenges, estimating a two-year timeframe for labeling and classification before operational use. This highlights potential delays for CISOs with alternative plans for their teams until the Purview rollout is complete.


Purview configuration and optimization is notoriously complex and expensive. According to George Kurtz of Crowdstrike, enterprise customers exploring Microsoft often find the need for multiple consoles. They realize it demands a significant workforce and might incur higher costs than using the E5 license they already have in place.

Visibility Limitations:

Purview’s complete value is unlocked when fully integrated with the Microsoft OS, applications, data types, and the entire Purview stack. While it excels with O365 and native Microsoft data, analysts highlight limitations in non-Microsoft and Apple-native apps and file types, pointing out gaps in support beyond O365 and Office apps on the macOS agent.

Support Challenges:

Without additional fees for an upgraded Microsoft Support Plan, resolving support tickets can take weeks or months. Access to a support engineer familiar with your specific issue is a core challenge. Opting for a specialized data protection solution ensures quicker issue resolution, thanks to the deep product knowledge of every support engineer.

Feature Requests:

Finally, feature requests for Microsoft Purview can take months or years to be considered unless you’re a major customer with influence. Using an online form for requests can be hit or miss. Independent software vendors (ISVs) are quicker in addressing customer needs, welcoming and encouraging feature requests to deliver promptly on critical use cases. Simply put, smaller players are more agile in delivering new features.

Enhancing Microsoft Purview: Unleashing the Power of the Reveal Platform by Next DLP

If you already have a Microsoft Purview license but identified some limitations, the question becomes: How do you justify investing in a specialized insider risk and data protection platform? Enter the Reveal Platform by Next DLP, a robust augmentation for Microsoft Purview. Here are five key ways in which the Reveal Platform and Next DLP elevate Microsoft Purview:

Comprehensive Data Protection:

Safeguard your data, regardless of its location or file type. In an age where diverse applications and file types abound, Reveal offers a suite of features ensuring the security of your data, supporting various data types, seamlessly integrating with third-party applications, and accommodating data stored across different environments without the need for expensive discovery and classification projects.

Advanced DLP and IRM Support:

While Purview is adequate for basic data protection scenarios, Reveal takes Data Loss Prevention (DLP) and Insider Risk Management (IRM) to the next level. Leveraging Machine

Learning on endpoints, it establishes a baseline for normal data behavior and after the training period identifies deviations. Moreover, Reveal ensures secure data flow within your ecosystem, tracking and tracing files from origin through all user interactions, providing robust protection.

Instant Value and Policy-Free Visibility:

Unlike traditional approaches that require lengthy discovery and classification processes, Reveal provides immediate visibility into data movement and real-time inspection. Customers derive value within the first week, and the platform seamlessly imports Microsoft Purview Information Protection sensitivity labels, enabling the definition and enforcement of data protection policies without the need for complex configurations.

Unified Console View:

Overcoming the complexity of multiple consoles within the Purview collection, Reveal offers a unified console view. This consolidated view into Insider Risk Management (IRM) and Data Loss Prevention (DLP) events empowers analysts with complete and contextual visibility. This streamlines decision-making by presenting insights into “who did what with what data” along with the relevant context.

Innovative R&D and World-Class Customer Experience:

Next DLP stands out with its innovative and agile Research and Development and Customer Success teams committed to delivering a world-class customer experience.


As with any security technology-related decision, there are pros and cons that every CSO or CISO should consider when evaluating whether Purview is right for their organization. For more information on this topic, check out the blog post, fireside chat and eBook.