FabCon Feature: Purview

On edudatasci.net, I keep data mesh grounded in four behaviors: domains own data; data as a product; a small self‑serve platform; and federated governance (policies expressed as code and applied consistently). I also use foundational vs derived data products as a practical way to think about scope and ownership, and I recommend publishing products in Purview’s Unified Catalog so ownership, access and SLOs are discoverable to the org, not just the team that built them.

FabCon Europe 2025 dropped a number of big announcements related to Purview in Fabric, and I think they – and their connection to Data Mesh are worth talking about.

What just landed—and why it matters for mesh & products

1) Governance in Fabric (not beside it)

  • Govern tab is now GA in Fabric, and the Purview Hub surfaces sensitivity, endorsements and domain insights inside Fabric. This shrinks the distance between the people doing the work and the policies that keep that work safe. In mesh terms, that’s your self‑serve platform showing up where domain teams live.

2) Protection and DLP across Fabric data

  • Sensitivity labels for Fabric items (Information Protection) are supported end‑to‑end and survive export through supported paths. Labels aren’t decoration—they’re access control and audit, attached to the thing you’re producing. That’s federated governance you can prove.
  • Data Loss Prevention (DLP) for Fabric is GA, with policy tips/alerts when sensitive data shows up in structured data across OneLake/semantic models—and coverage has been extended to SQL in Fabric, KQL databases, and Mirrored DBs. This is what lets derived products compose safely without copy‑sprawl.

3) Risk signals and AI usage under control

  • Insider Risk Management now includes ready‑to‑use indicators for Power BI (view/download/export/label changes). In a mesh, domains have autonomy; these indicators give Security the cross‑cutting signals to spot abuse without re‑centralizing all work.
  • Data Security Posture Management (DSPM) for AI adds Data Risk Assessments for Fabric workspaces (preview) and GA controls for Copilot in Power BI—surfacing oversharing and sensitive prompts/responses so you can enable “citizen AI” against governed products.

4) Better product‑level discovery and semantics

  • Sub‑item metadata for Fabric Lakehouse (preview) means Purview can now show tables, columns and files—not just top‑level items. That increases findability and shortens the path from a business term to the exact columns that implement it.
  • Custom metadata (preview) in Unified Catalog lets you define business concept attributes (including for data products) and then filter/search products by those attributes. This is how we make the product interface—purpose, owner, SLAs, contract—first‑class and discoverable. (There are also duplicate‑name checks across business concepts, including data products.)

5) Quality you can operate against

  • Data quality scanning for Fabric Lakehouse now supports vNet‑enabled compute (GA)—important for estates behind private endpoints. That’s platform doing the undifferentiated heavy lifting for every domain.
  • Publishing data‑quality error records (preview) lets teams surface failed rows into managed storage—including Fabric OneLake—so product owners can fix issues where the data lives. That turns “quality” from a dashboard into a runbook you can execute.

How these tie back to the mesh behaviors

  • Domains own data. The Govern tab + Purview Hub meet domain teams in‑product. Unified Catalog organizes by governance domains, so discovery and responsibility line up with the org chart, not the tech stack.
  • Data as a product. Products are published (not just “some tables”), labeled for sensitivity, described with custom attributes, and now even show column‑level metadata. Consumers can subscribe to products with the context they need, and producers have a place to declare SLOs and contracts.
  • Self‑serve platform. Protection, DLP, DSPM for AI, data quality scanning, and error‑record publishing are capabilities the platform provides once so every domain uses the same guardrails. No one is re‑implementing policy by hand.
  • Federated governance. Central policy (labels/DLP/risk) is computationally enforced and auditable, while domains retain autonomy to ship. That’s exactly the balance I argue for on the site: clear ownership + executable guardrails.

A concrete way to think about it

Take a foundational product—say, Customer Core—owned by the Sales domain. You publish it to Unified Catalog with attributes for owner, purpose, data classes, and SLOs; Purview scans it down to columns; you apply a sensitivity label that travels with it; DLP and Insider Risk watch how it’s used in downstream derived products and reports; data‑quality failures land as actionable rows in OneLake for the owning team to remediate. That’s not tooling theater—that’s an operating model the platform makes sustainable.

Bottom line

The September 2025 wave closes several long‑standing gaps: governance where the work happens (Govern tab/Purview Hub), product‑level semantics and discovery (sub‑item metadata + custom attributes), enforceable guardrails(labels/DLP/insider risk/DSPM for AI), and operational quality (vNet scans + error‑record publishing). If you’re running mesh the way I outline on edudatasci, these are exactly the ingredients that let domains ship faster and make auditors smile.

Unknown's avatar

Author: Jason Miles

A solution-focused developer, engineer, and data specialist focusing on diverse industries. He has led data products and citizen data initiatives for almost twenty years and is an expert in enabling organizations to turn data into insight, and then into action. He holds MS in Analytics from Texas A&M, DAMA CDMP Master, and INFORMS CAP-Expert credentials.