EY accelerates secure AI development using Microsoft Purview SDK | Microsoft Customer Stories
When EY needed stronger governance for growing volumes of data, it turned to Microsoft Purview to centralize visibility and control. This customer story shows how bringing fragmented data governance together on one platform creates a stronger foundation for secure AI development. Read the story and connect with BlueTeamAssess LLC to see how a unified data platform can help advance your AI strategy.
How does EY use Microsoft Purview SDK to secure GenAI applications?
EY embeds Microsoft Purview SDK directly into its GenAI platforms so that security and compliance are designed in from day one, not added later.
Using the Purview SDK—a set of APIs and tools—EY can:
- Apply policy-based access controls to sensitive content.
- Use sensitivity labels to protect data as it flows through AI agents and workflows.
- Monitor AI interactions and log activity to support audits and investigations.
- Provide observability into how data is used, helping reduce oversharing and leakage risks.
All AI interaction data from EY’s Dragonfly platform is routed into Microsoft Purview, where it is classified and stored according to each organization’s requirements. Security teams then use Microsoft Purview Data Security Posture Management for AI to:
- Gain centralized visibility into data risks.
- Enforce communication compliance policies.
- Receive alerts based on insider risk indicators.
This approach helps EY clients adopt GenAI while maintaining control, security, and accountability—especially important for organizations in highly regulated industries.
What business impact has EY seen from integrating Purview SDK into EY.ai and Dragonfly?
Integrating Microsoft Purview SDK into EY.ai and its low-code platform Dragonfly has had a tangible impact on how EY designs and deploys secure AI solutions.
Key outcomes include:
- 25–30% time savings when building secure features, because data security and compliance are now implemented during the initial deployment cycle instead of as a post-facto step.
- Reduced delays in rolling out GenAI tools, particularly in regulated environments where compliance checks can otherwise slow projects down.
- A shift to secure-by-design development, where teams think about data protection, governance, and observability from the start.
- Centralized oversight of AI-related data risks through a single Purview-based platform, instead of fragmented tools and processes.
For EY, this means security concerns are less likely to block or slow client projects. For clients, it means they can reimagine processes with GenAI—such as compliance management, contract review, HR, finance, and operations—while keeping data protection and regulatory requirements in focus.
How are clients using EY’s Dragonfly platform with Purview, especially in large and regulated organizations?
Clients use Dragonfly, EY’s low-code platform for AI agents, together with Microsoft Purview to scale AI across multiple business units while maintaining centralized control over data security and compliance.
One example is a US $100 billion global conglomerate operating across telecom, retail, metals, and other sectors. This organization:
- Adopted a customized Dragonfly instance called Intellect as a shared AI platform across 17 business units.
- Has around 50,000 employees using AI-driven tools for HR, finance, and operations.
- Uses Purview policy controls to maintain oversight of how data is accessed and used across these AI tools.
With Purview integrated, what used to be fragmented governance is now centralized on one platform. Data security administrators can:
- See and manage data risks from a single Purview portal.
- Support security investigations and communication compliance requirements.
- Receive insider risk alerts tied to AI interactions.
Beyond this client, EY’s own internal teams also use Dragonfly to build AI tools for compliance management, contract review, and other transformation initiatives. In all cases, Purview is part of the application architecture, helping ensure that AI solutions deployed into client environments are aligned with their security and compliance expectations.

EY accelerates secure AI development using Microsoft Purview SDK | Microsoft Customer Stories
published by BlueTeamAssess LLC
I founded BlueTeamAssess LLC to develop and offer actionable and cost effective security solutions to SMBs.
BlueTeamAssess LLC is a veteran-owned Cybersecurity Consulting business based in Onslow County, NC.
My company wants to be the trusted advisor to small businesses for cybersecurity and related information technology needs. We will help you meet compliance requirements for HIPAA, PCI, NC cybersecurity requirements for financial advisors, and NIST 800-171 and CMMC cybersecurity requirements for providing goods and services through DOD contracts.
We help small businesses understand cybersecurity threats and their vulnerability to those threats. We offer affordable products and services to protect their business and their livelihood from those threats.
We use the SAINT Security Suite and its family of assessment products to provide cybersecurity services that assess your exposure to the many threats that can impact your business. And we help you meet compliance requirements for NIST 800-171 cybersecurity requirements for providing goods and services through DOD contracts as well as for HIPAA, PCI, the NC data breach protection law and NC cybersecurity requirements for financial advisors.
We use the CyberSecurity Assessment Tool from QS Solutions to assess the security posture of your Microsoft 365 deployment and help bring your risk score to acceptable levels through our remediation services.
We will help you reduce SPAM, secure your email and defend against ransomware. To help do this, we offer a number of solutions scalable for small business budgets and environments. These include:
- Microsoft 365 email and office software and its extensive security features and advanced threat protection.
- Fortinet security solutions that provide a Security Fabric that knits together protection for your endpoints and servers, your firewalls, your wireless network, security analytics and many other services that protect your organization technology from today’s advanced threats whether the workers are working in the office or remotely from home.
- A backup and recovery solution from Acronis to protect your critical customer and business data when the next storm or other disaster impacts your business.
You can trust BlueTeamAssess LLC be the trusted advisor to small businesses for cybersecurity and related information technology needs.