How your data is protected with Azure Information Protection

Posted on 20 August 2017

In previous blog posts we gave an overview of the elements of Azure Information Protection (AIP). In this post we are going to look in a little more depth how it actually protects your data.

The protection technology uses Azure Rights Management (Azure RMS). This technology is integrated with other Microsoft cloud services and applications, such as Office 365 and Azure Active Directory. It can also be used with your own line-of-business applications and information protection solutions from software vendors, whether these applications and solutions are on-premises, or in the cloud.

Control of your data – even when it is shared

This protection technology uses encryption, identity, and authorization policies. Similarly to the labels that are applied, protection that is applied by using Rights Management stays with the documents and emails, independently of the location – inside or outside your organisation, networks, file servers and applications. This information protection solution keeps you in control of your data, even when it is shared with other people.

For example, you can configure a report document or sales forecast spreadsheet so that it can be accessed only by people in your organisation and control whether that document can be edited, or restricted to read-only, or prevent it from being printed.

You can configure emails similarly and in addition, prevent them from being forwarded or prevent the use of the Reply All option. These protection tasks can be simplified and streamlined by using rights management templates.

Rights management templates

As soon as you activate the Azure RMS service, two default templates are created for you that restrict data access to users within your organisation. You can use these templates to immediately help prevent data leaking from your organisation. You can also supplement these default templates by configuring your own custom templates that apply more restrictive controls.

These templates can be part of a label’s configuration, so that when a specific label is applied to a document (or email message), the data is both classified and automatically protected. The templates can also be selected by users or administrators in products and services that support the Azure RMS technology.

If you have any questions on Azure Information Protection, or how it can help your organisation safeguard its data, please contact us.

A few people we've already done it for
X