In June-2016, Microsoft announced the preview of Azure Information Protection (Azure IP) service. Azure IP provides security controls to protect the sensitive information even for those who share data to external network. Azure IP evolves after Microsoft acquired Secure Islands last year. Secure Islands earlier provided classification / label services for the documents built on top of Microsoft RMS.
In this blog let's explore what Azure IP offers.
The core of Azure IP is its classification / label engine. And then it optionally protects the classified document by applying Azure RMS.
Azure IP is blend of classification service and Azure RMS. The classification and labeling service is offered through the technology acquired from Secure Islands. The rest of the process (protect, monitor and respond) is done through Azure RMS.
The DLP policies work by creating the Transport Rules in Exchange Online and the information are checked only at the time of exit. In Azure IP, user needs to label the document at the time of creation and update. Once the label is selected, corresponding Azure RMS policy is applied and the document is protected. So there is no escape for the documents from protection.
Normally when the level of security increases, the convenience for the users will get decreased. But Azure IP strike the chord with perfect balance, where it just prompts the user to select the label and for automatic label application, it just shows the notification to the user. The ease-of-use with Azure IP is the main point of attraction.
Below shown is the strip down screen-shot of "Internal" label in Azure IP portal.
Similar to DLP, Azure IP offers built-in conditions which can be used to automatically apply the label to the documents. Even we can create custom conditions using regular expressions also
Azure IP Add-In currently supports:
Word, Excel, PowerPoint, and Outlook (2010/13/16)
For detailed steps please check this blog.
Whenever a document is opened, the Azure IP Add-In automatically downloads the updated policy details and place it locally. So, even if you are not connected to internet, the Azure IP Add-In uses the locally saved policy details. Since the Azure IP label properties are not changed often, maintaining the details locally won't harm in most of the cases.
The existing Azure RMS premium becomes Azure Information Protection Premium P1 after GA. For more details, check this EMS license announcement blog
Your last visit:x