A Data Governance Approach to Microsoft Purview
Why Microsoft Purview with Bridewell?
- Implementing Microsoft Purview for Effective Data Governance and Compliance: Our approach to implementing and deploying Microsoft Purview is driven by data governance, with a focus on ensuring your organization is compliant with relevant data privacy regulations. Our Microsoft, Cloud, and Data Privacy experts will work alongside you to understand regulatory risks within your environments and remediate them through Purview’s data, compliance, and governance capabilities.
- Expertise in Cloud Security and Threat Protection with Microsoft Purview: As one of Microsoft’s leading cybersecurity partners, our team are designated solution partners for Security. We hold specialisms in Cloud Security and Threat Protection and have extensive experience in deploying Purview for some of the UK’s largest and most highly regulated organizations.
The Benefits of Purview
Our team will help you deploy Microsoft Purview quickly and effectively, so you enjoy the following benefits.
Identify Risks to Your Data
Assess your current data privacy programme for any ongoing risks.
Identify Risky User Behaviour
Identify any user behaviour that risks non-compliance or a data breach.
Achieve Best Practice for Data Protection
Meet relevant requirements for regulatory compliance and industry best practice.
Ease the Pressure on Your Security Team
Our SOC team will take on responsibilities from your in-house security team, allowing them to dedicate time and resources to other activities.
Bridewell Provides Expertise to Achieve IS027001 Accreditation
Bridewell worked with Attraqt on a five-day consultancy engagement. This gave Attraqt a full gap analysis of where the business needed to focus and a definitive project proposal from Bridewell detailing the costs and resources needed to complete the ISO27001 certification.
Attraqt provides leading retailers with the ability to power exceptional shopping experiences. Their technology, driven by AI, helps retailers to improve the customer searching experience by matching products with consumer interests in a fresh and engaging way.
The Challenge
As a market leader in its field, Attraqt understood the need to demonstrate, to its customers, that it had the necessary security standards in place under the ISO27001 framework. In addition, the business was keen to test its current security policies by using vulnerability scanning and penetration testing services.
“We deal with many prominent retail customers who increasingly expect ISO27001 accreditation as standard when they send out their RFP documentation. We already had information security practices in place, but these were not defined policies — as an industry leader we should have these,” said Hiten Kacha, IT Manager of Attraqt.
“We also found that customers were starting to ask about our cyber security practices. Using Bridewell’s expertise in cyber security services, as well as information security, we were able to test our own security posture and evidence this to our customers.”
Attraqt considered a number of options, from general consultancy to fully outsourcing the project. Although the business had the in-house skills, Attraqt wanted to complete the ISO27001 accreditation process quickly and with minimal impact on the day to day running of the business.
The Solution
Attraqt met with a number of information security consultancy providers at Infosec 2018. Following this, they had a number of scoping meetings with Bridewell to understand the project parameters and financial costs.
As a result of these meetings, the Bridewell team worked with Attraqt on a five-day consultancy engagement. This gave Attraqt a full gap analysis of where the business needed to focus and a definitive project proposal from Bridewell detailing the costs and resources needed to complete the ISO27001 certification.
“We were very impressed with how Bridewell took the time to understand our business. They gave us a defined plan which outlined the processes and methods needed to achieve our certification,” said Kacha.
“It was important for us to choose a partner that we could trust and work with as an extension of our own business. Bridewell fitted the bill,” he added.
The Results
The full engagement started in February 2019 and Attraqt achieved its full ISO27001 certification in September 2019. One key aspect of the certification was directly linked to the outcomes of penetration testing and vulnerability scanning. Having Bridewell perform all these services kept everything ‘under one roof’, ensured that the project came in on schedule and on budget.
“The project has been very successful, but we recognize that getting the certification is only the first step. Bridewell has been a valuable addition to our team over the last six months. We look forward to using their expertise in the future, particularly around security scanning and penetration testing, to help us maintain and develop our security framework, “ concluded Kacha.
Start your Microsoft Purview Journey with Bridewell
Speak with one of our consultants to see how we can support your organization with Microsoft Purview.
How it Works
Data governance isn’t just about technology, but how organizations use, process and secure data. Our Purview deployments prioritize understanding how your employees handle data so we can implement policies that support their ways of working.
Data Discovery
Our cloud security and data privacy teams will hold discovery workshops to understand:
- Your current approach to data classification, retention and data loss
- Any challenges with how your users access and share data
- Your goals with Purview
Our team will review your current approach against applicable data protection legislation and best practice standards.
Any areas of non-compliance or data risk will be highlighted immediately.
Design and Implementation
Based on our findings, we will recommend updates to relevant policies and provide a test deployment of our proposed labelling solution to address these shortcomings.
This test deployment ensures there is no risk to your current operations and allows our team to optimize your Purview deployment before it is moved to a live environment.
Why Us?
180+ Security Specialists
Our team have diverse experience across sectors and disciplines, and hold accreditations from numerous industry bodies.
Certifications
Our people and services are highly accredited by leading industry bodies including CREST, the NCSC, and more. Our SOC holds extensive accreditations from CREST (including for CSIR and SOC2) and works closely with our cyber consultancy services.
Partnerships
As a Microsoft Partner, we also hold advanced specialisms in Cloud Security and Threat Protection. We’ve also implemented some of the UK’s largest deployments of the Microsoft Security stack, inc. Sentinel, Defender, Purview and more.