top of page
Search
People-First Purview (Strategy): Insider Risk Management
Insider Risk Management (IRM) is one of those topics that makes people uncomfortable fast. When it comes up, most organizations go one of three directions: They assume it means they don’t trust their people. They picture some kind of internal surveillance program. Or they say, “We don’t have anything worth stealing.” None of those are risk conversations. They’re fear, optics, or denial. Insider risk isn’t about catching bad employees. It’s about recognizing when normal access
E.C. Scherer
Jan 134 min read
The Safe Inbox Initiative with Purview
This isn’t a typical Purview use case. When a university leader’s inbox was effectively denial-of-serviced by harassment and threats, the problem stopped being technical and became human. This post explains how Microsoft Purview was adapted to protect people, not just inboxes.
E.C. Scherer
Dec 15, 20255 min read
People-First Purview (Technical): Sensitivity Labels as Architecture
Sensitivity labels are not sticky notes or filing systems. They are architecture. This technical guide walks through how to design a label foundation in Microsoft Purview that supports real workflows, DLP, and long-term scale without breaking trust.
E.C. Scherer
Dec 29, 20256 min read
People-First Purview (Strategy): DLP Without Breaking Trust
Most DLP programs fail because they treat data protection like a binary rule engine instead of a human system. This post explores a people-first approach to Microsoft Purview DLP that reduces risk without surveillance.
E.C. Scherer
Dec 28, 20254 min read
People-First Purview (Strategy): Labeling
People-First Labeling isn’t about lowering standards. It’s about making them work.
When sensitivity labels rely on perfect user behavior, they fail quietly and early. This post breaks down how to design labeling in Microsoft Purview around real workflows, not wishful thinking. From audit-first auto-labeling to label-based DLP exceptions, this is practical guidance for security leaders who need controls that protect data and keep the business moving.
E.C. Scherer
Dec 28, 20255 min read
Layoff Recovery Phase 3: Rebuilding
This post explores the rebuilding phase after a layoff, when survival gives way to standards, confidence starts to return, and the power dynamic quietly shifts. From interviews that felt human instead of performative to choosing companies based on values, not fear, this is a reflection on rebuilding a career without losing yourself in the process.
If you’re navigating what comes after stabilization, this chapter is for you.
E.C. Scherer
Dec 23, 20254 min read
When Fraud Prevention Works and Still Fails
Fraud prevention is meant to protect people, but sometimes it protects systems at the expense of real life. This post explores what that experience reveals about fraud models, adaptive controls, and why verification should unlock progress.
E.C. Scherer
Dec 22, 20254 min read
Information Protection: Label It or Block It?
Understand When to Use Data Loss Prevention versus Sensitivity Labels
E.C. Scherer
Dec 11, 20254 min read
Layoff Recovery Phase 2: Stabilizing After Losing Your Job
The shock fades faster than people think. Not because you suddenly feel better, but because your brain realizes it can’t stay in freefall forever. Stabilization isn’t graceful. It’s not peaceful. It’s the point where you stop spiraling long enough to put your feet on the ground and say, “I have to handle this.” Not “I can.” Not “I’m ready.” Just “I have to.” DoorDash, Survival Mode, and the First Look at Control The very first thing that helped me feel even a sliver of contro
E.C. Scherer
Nov 17, 20254 min read
So You’ve Been Laid Off, RIF-ed, Fired: Phase 1 – The First Impact
I didn’t expect the call. I mean, part of me did. The weeks leading up to it had been tense. My manager and I were no longer aligned. Our 1:1s had become increasingly difficult and unproductive, and even when I walked him through my work in detail, the conversations felt circular. It often seemed like expectations were shifting without context, and no matter how clearly I demonstrated progress, something wasn’t connecting. It left me with a quiet sense that something was comi
E.C. Scherer
Nov 14, 20254 min read
What Every Parent Should Know Before Giving Their Child a Phone
An easy checklist to save you stress, arguments, and surprise data charges. Giving your kid their first phone is a big deal. It’s...
E.C. Scherer
Jul 22, 20252 min read
Start Here: A No-Judgment Guide to Keeping Your Family Safe Online
Howdy! If you’ve made it here, chances are you’ve got kids using the internet and no idea where to start. Or maybe you do have an idea,...
E.C. Scherer
Jul 22, 20252 min read
Join the Mailing List
Join our email list and get updates on new blog posts!
ABOUT ME
Welcome! I'm Elias (or maybe you know me by my middle name, Cade) Scherer.
I help organizations protect sensitive data without making people miserable.
I’m a Microsoft Purview engineer focused on people-first information protection: clear classification, proportional controls, and security that respects context instead of assuming bad intent. This blog covers Purview, data protection architecture, insider risk, and the gray areas most teams struggle to navigate.
You’ll also see the occasional wildlife photo. That’s on purpose. Brains work better with breaks.
bottom of page