What is Azure Information Protection

Microsoft Azure Information Protection helps you classify and label sensitive information in your organization, and apply protection based on your labels to documents stored on SharePoint and OneDrive For Business as well as emails sent via Office 365. Learn how Azure Information Protection helps you protect your information by labeling, classifying, protecting, and removing access to content based on those labels.

Manage Workplace Security Through Policy Management

Azure Information Protection allows you to create policies for centrally managing your company’s confidential data across multiple platforms and devices. With an information protection policy, you can classify and label your organization’s data using familiar labels such as Confidential, Strictly Confidential, or Public. Once classified, these labels define how that data should be protected. 

A policy might set a default protection level of Confidential; apply additional protections (such as encryption) on a label by label basis and identify actions that are not allowed with certain types of data (such as printing). 

In addition, when it comes time to dispose of any confidential data, a policy may specify what needs to happen before disposal (such as shredding documents) while also identifying who needs to verify appropriate disposal procedures have taken place.

Secure Confidentiality

All information marked as Restricted, regardless of where it’s located, is encrypted at rest and in transit. This means that no matter what device it’s on, your data will be protected by one of strongest encryption algorithms available today. To be clear: Any email message with a label applied to it that’s synced to your mobile device or desktop using Outlook 2013 or Outlook 2016 for Windows has been encrypted at rest and in transit. 

The same applies if you use a different client to access your Office 365 mailbox; all messages are being secured using Exchange Online Transport Layer Security (TLS) and Internet Message Access Protocol version 6 (IMAP6) mutual authentication without requiring any configuration from you. The only thing you need to do is make sure TLS is enabled between your clients and Office 365. 

Protect Data at Rest

To protect your data at rest, we recommend creating a policy that encrypts any PII and other sensitive data (credit card numbers, social security numbers, etc.) stored on your network. This would also apply to media assets stored on laptops or USB drives. To encrypt them, you can use a cloud-based solution like Azure Information Protection or Symantec’s Data Loss Prevention 15. DLP is free for up to 100 devices; AI protection will cost $2 per user per month, with discounts available for paid subscriptions of Office 365 Pro Plus. If you want both capabilities, it will cost $3 per user per month when you subscribe to Microsoft 365 Business Premium. 

Encrypt Your Sensitive Data

To protect your personal and business data, consider using Microsoft Azure Information Protection (Azure IP). It enables you to apply information rights management capabilities to company data stored in OneDrive for Business and SharePoint Online. This can help you meet compliance requirements by protecting business critical documents that may contain personal or sensitive information. You can also use Azure Information Protection to control how users access and share sensitive information without affecting other users’ ability to access corporate content across devices.

Work Together to Protect Sensitive Data

Data loss can be devastating. Imagine a spreadsheet with customers’ credit card numbers or bank account information suddenly making its way to your competitors. Or a customer’s sensitive data getting emailed to every recipient in an organization. Sensitive data requires special handling, which is why Microsoft developed new technology to help secure that information by applying encryption directly at rest and in transit no matter where it sits or how it travels.


Leave a Comment

Your email address will not be published.