I help organizations protect sensitive data without making people miserable in the process.

​

I’m a Microsoft Purview engineer who spends most of my time working with teams that already own the tools but aren’t convinced they’re actually reducing risk.

 

Sometimes that’s because controls were turned on before intent was defined. Sometimes it’s because everything fires alerts and nothing builds trust. Usually, it’s both.

 

My work focuses on people-first information protection: clear classification, proportional controls, and security programs that respect context instead of assuming bad intent. I care about systems that hold up under audit and make sense to the humans using them.
 

I’m direct. If something isn’t working, I’ll say so. If best practice won’t land culturally or operationally, I’ll help you adapt without pretending risk disappears. Early security programs are awkward. That’s normal. Ignoring that reality is how they stay broken.

​

This blog is where I write about Microsoft Purview, data protection architecture, insider risk, and the uncomfortable gray areas in between. You’ll also see the occasional wildlife photo. That’s intentional. Brains work better with breaks.