Microsoft Dynamics 365 Blog

A look into the world of Microsoft Dynamics.

What Is Azure Information Protection? Why Is It Important?

Posted by Alanna Friedberg on May 18, 2021 9:30:00 AM

AZURE-INFORMATION-PROTECTIONElectronic record management, especially documents and emails, is often one of the biggest pain points for both large and small organizations. Think about how many emails you send and receive throughout the course of a day. Your job role may require you to reference various documents housed within the organization.

Proper categorization and security are significant concerns, especially when it comes to improper password protection or other human errors that can lead to a data breach. That’s what Azure Information Protection works to address.

What is Azure Information Protection?

Azure Information Protection (AIP) is a subscription-based cloud product from Microsoft that assists organizations by applying labels to documents and emails to help with categorizing, discovering, classifying, and protecting those electronic records. AIP is one piece of the overall Microsoft Information Protection (MIP) framework.  

You can use AIP directly within Office 365 to provide encryption security to an outgoing message. The solution protects documents created using Office products like Excel, Word, and PowerPoint. AIP protects electronic records kept on your desktop or in the cloud.

How Does Azure Information Protection Work?

Many organizations find themselves shifting to a model where a large part of their workforce requires remote access to the company network. It’s common for businesses to store a lot of their information in the cloud. AIP protects documents throughout their entire lifecycle, regardless of the point of creation.  

Organizations need a way of protecting sensitive information from getting into the wrong hands. If an employee accidentally leaves a company thumbnail at a coffee shop, you don’t want hackers gaining access to information that could compromise your company’s security infrastructure.

AIP lets organizations set up role-based access to sensitive information. You control everything from which users can view specific documents to who can send them out via email transmission. If someone leaves the company or moves into a different role, AIP lets you revoke that user’s document permissions.

With AIP, organizations can stop individuals from illegally modifying, storing, and distributing documents and emails containing critical business data. It also keeps unauthorized users from viewing content meant for others in specific company roles. AIP helps companies meet any regulatory data protection obligations and compliance standards required by their industry.

What Do I Need to Work with Azure Information Protection?

To get started, you need to sign up for an AIP plan to take advantage of the solution’s labeling, classification, and protection features. Organizations must have Azure Active Directory (AD) set up. Client devices must run an operating system capable of supporting Azure Information Protection. Clients capable of running AIP Include:

  • Windows 10
  • Windows 8.1
  • Windows 8
  • Windows Server 2019
  • Windows Server 2016
  • Windows Server 2012 R2
  • Windows Server 2012

If you plan on using AIP on a virtual machine, verify whether any software installed on the virtual desktop has additional configuration requirements for AIP unified labeling or the client. Citrix solutions may require you to disable API hooks for AIP components that use files like:

  • Winword.exe
  • Excel.exe
  • Outlook.exe
  • Powerpnt.exe
  • Msip.app.exe
  • Msip.viewer.exe

You can use API clients to label and protect document and emails for Word, PowerPoint, Outlook, and Excel from the following Office editions:

  • Office 365 Business
  • Office 365 for Enterprise
  • Office Professional Plus 2019
  • Office Professional Plus 2016
  • Office Professional Plus 2013 SP 1
  • Office Professional Plus 2010 SP 2

How Do I Label Documents and Emails for Tracking?

With AIP, you can add a classification and protect documents at the time of creation or when editing them inside Word, Excel, PowerPoint, or Outlook. File Explorer lets you classify and protect additional file types and work with multiple files at once.

Keep in mind that you may not be able to save protected documents to SharePoint or OneDrive. Check with admins to confirm if they’ve enabled sensitivity labels for those solutions.

AIP lets you create labels specifically for sending protected documents to people outside of your organization. That feature becomes useful when you need to send communications to regular B2B customers. Any documents sent via restricted emails receive the same level of protection.

How Do I Track and Revoke Access with Azure Information Protection?

The document tracking feature in AIP tells administrators who accessed protected documents. It’s possible to give both admins and users the right to revoke access to tracked documents. You can do this even if you don’t label the documents.

Users can revoke access to a document from Word, Excel, and PowerPoint by clicking the Sensitivity button, then selecting Revoke Access. However, they may still be able to view the document if you’ve made it available for offline viewing.

Incorporate Azure Information Protection into Your Organization

Azure Information Protection gives organizations more control over the security of company emails and documents. Internet eBusiness Solutions can help you configure AIP within your Office 36 installation. Set up a consultation with us today and learn more about the benefits of Azure Information Protection.

New Call-to-action

Topics: azure