Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Learn how to get set up to start using the Microsoft Priva solutions.
Before you begin
Here's a checklist of items for ensuring that your organization is ready to start using Priva solutions:
- Confirm you have the necessary subscription and licensing.
- Check for availability in your country or region.
- Learn which roles are required to access the solutions and perform key functions.
- If using Privacy Risk Management, enable the Microsoft 365 audit log.
Confirm subscriptions and licensing
The Privacy Risk Management and Subject Rights Requests solutions can be purchased by organizations with the licenses outlined in the Microsoft Priva service description. When obtaining licenses for subject rights requests, you can choose the appropriate licensing tier for how many requests you need to handle. You can purchase more requests at any time.
Start a trial
The free Priva trial allows you to explore all the features and functionality of Priva solutions. Learn how to sign up for the Priva trial.
Sign in and set permissions
Priva uses a role-based access control (RBAC) permission model. Only users who are assigned a role can access Priva, and the actions allowed by each user are restricted by role type. The Global Administrator for your organization has permissions to assign roles to users.
Important
Microsoft recommends that you use roles with the fewest permissions. Minimizing the number of users with the Global Administrator role helps improve security for your organization.
To assign roles, follow these steps below:
- Sign in to the Priva portal using credentials for an admin account in your Microsoft 365 organization.
- Select Settings in the upper right corner of the page, then select Roles and scopes.
- Set permissions for users by following the instructions at Permissions in the Microsoft Purview portal.
- See the descriptions of roles.
Roles and role groups
Depending on the structure of your team, you have options to assign users to specific role groups to manage different sets of Priva features. Members should be assigned to role groups depending on what tasks they need to accomplish and what level of access is appropriate. Each role group includes one or more roles. These roles might pertain to specific Priva tasks or key functions that are enabled or restricted for that group’s members. Different users might therefore have different levels of visibility and access into certain Priva features.
Important
Microsoft recommends that you use roles with the fewest permissions. This helps improve security for your organization. Global Administrator is a highly privileged role that should be limited to emergency scenarios when you can't use an existing role.
Role groups can be customized if needed. To avoid accidental loss of access, we recommend creating a copy of the existing role group you wish to customize, giving the copy an identifiable name, making and verifying your changes to the new group, and assigning people to it as appropriate.
Roles and role group descriptions
Most Priva roles for Privacy Risk Management and Subject Rights Requests are designated as "Privacy Management" in the Microsoft Purview solutions section in Settings --> Permissions. Roles specific to Priva don't appear in Microsoft Entra ID. Learn more about Permissions settings.
| Role group | Description | Roles | Applies to |
|---|---|---|---|
| Privacy Management | This role group contains all permission roles for Priva GA solutions in a single group. This group might be a good fit for organizations where the same individual performs all duties. We recommend always having at least one active member of this group. | Case Management - Data Classification Content Viewer - Data Classification List Viewer - Privacy Management Admin - Privacy Management Analysis - Privacy Management Investigation - Privacy Management Permanent Contribution - Privacy Management Temporary Contribution - Privacy Management Viewer - Subject Rights Request Admin - View-Only Case | Privacy Risk Management Subject Rights Requests |
| Privacy Management Administrators | Members have broad access to Priva functions, including permissions and settings, and creating, reading, updating, and deleting Privacy Risk Management policies. | Case Management Privacy Management Admin View-Only Case |
Privacy Risk Management Subject Rights Requests |
| Privacy Management Analysts | Members act as issue analysts. They can investigate policy matches, view file metadata, and take remediation actions. Members can't access content items. | Case Management Data Classification List Viewer Privacy Management Analysis View-Only Case |
Privacy Risk Management |
| Privacy Management Investigators | Members act as data investigators. They can investigate policy matches, view associated file content, and take remediation actions. Members can access content items. | Case Management Data Classification Content Viewer Data Classification List Viewer Privacy Management Investigation View-Only Case |
Privacy Risk Management |
| Privacy Management Viewer | Members can view analytical information, such as reports, insights, and policy trends. | Privacy Management Viewer | Privacy Risk Management Subject Rights Requests |
| Privacy Management Contributors | When a user is added as a collaborator on a subject rights request, they automatically get added as a member of this role group. Learn more about adding collaborators on subject rights requests. | Privacy Management Temporary Contribution Privacy Management Permanent Contribution |
Subject Rights Requests |
| Subject Rights Request Administrators | Members have full rights to create and manage subject rights requests, and can add approvers for requests. | Subject Rights Request Admin | Subject Rights Requests |
| Subject Rights Request Approvers | Members can approve subject rights requests to which they're added as an approver. | Subject Rights Request Approver | Subject Rights Requests |
Priva availability
Privacy Risk Management and Subject Rights Requests are available to customers worldwide.
However, if your organization provisioned its tenant in one of the local data centers listed below in order to meet data residency requirements, the Priva solutions won't be available to you:
- Norway
- Poland
- Qatar
- Singapore
- South Africa
- South Korea
- Spain
- Sweden
- Switzerland
- United Arab Emirates
Enable the Microsoft 365 audit log
Microsoft 365 audit logs are a summary of all activities within your organization. Privacy risk management policies may use these activities for generating policy insights.
Your organization might already have audit logs turned on. If you need to start using them for the first time, see Turn audit log search on or off for step-by-step instructions to turn on auditing. After you turn on auditing, a message is displayed that says the audit log is being prepared and that you can run a search in a couple of hours after the preparation is complete. You only have to do this action once. For more information about using the Microsoft 365 audit log, see Search the audit log.
How Priva works with Microsoft Purview risk and compliance solutions
Microsoft Purview Compliance Manager
Priva works hand in hand with Microsoft Purview Compliance Manager, which offers data protection and privacy assessment templates that correspond to compliance regulations and industry standards around the world. Based on the assessments you build with these templates, Compliance Manager can help you understand what steps to take to meet your organization's regulatory requirements. Taking steps in Priva to protect the personal data you store can contribute to your privacy assessments in Compliance Manager and can help improve your compliance score.
In preview: By taking specific actions in Priva, you can achieve points that count toward assessment completion and increase your overall compliance score. Examples of actions that Compliance Manager can monitor and give you credit for include setting up a Privacy Risk Management policy, and enabling data retention limits for subject rights requests. Compliance Manager automatically detects whether you've completed the actions and awards points that contribute to your compliance sore. Learn more about automated testing and monitoring in Compliance Manager.
To find Priva actions in Compliance Manager, follow the steps below:
- In the Microsoft Purview portal, select View all solutions, then select Compliance Manager.
- Select Improvement actions.
- On the Solutions filter, select "Priva Privacy Risk Management" and "Priva Subject Rights Requests."
Microsoft Purview Data Loss Prevention
Microsoft Purview Data Loss Prevention (DLP) provides robust capabilities to help prevent the unintentional sharing of sensitive items outside of an organization. Priva can extend this protection by delivering insights unique to your organization and empowering your users to address risks right away. For example, when you use Privacy Risk Management to detect transfers of personal data outside of your organization or between certain departments, users can receive email notifications with remediation actions right in the email. Get more details about user email notifications in Privacy Risk Management.