Throughout the last several months there have been many new features, updates, and happenings in the world of Information Protection at Microsoft. As we continue to build out more of this story, we w...
Updated Nov 02, 2021
Version 5.0
Blog Post
Thanks for the updates on MIP. I se quite many improvements over the past some months.
We are using AIP as an "sensitivity marking tool", mean currently we do not use content protection. As a part of our cloud initiative we currently migrate our 5500 users (Insurance & Pensions) to MS Teams and therefore EXO & SPO. To comply, mean to store data in the cloud, we have to encrypt information marked with our highest sensitivity label (documents, e-mails). We use just four sensitivity labels, "strictly confidential" labels (the highest one) count for a low one digit percentage over all. This in mind we do face following significant limitations:
Incomplete decryption capability in eDiscovery on e-mail messages
AFAIK messages with custom protection configuration cannot be decrypted by advanced eDiscovery (core cannot do that as well). Furthermore this is the only known configuration where users can send protected email to any email-address.
Incomplete labelling & protection capability cross-platform
Lately labels were made available on mobile & web client. However,
- web & mobile cannot handle protected content.
- enforcement of labelling is working in web, but not on mobile
- protected content is not working in web & not working on mobile
Using this MIP behaving, we create content ourselves that does not ensure labelling nor protection in a cross platform setup - users cannot work in a compliant way, this is not satisfactory.
If you could provide any hint how to mitigate above points or information on plans on your roadmap, this would be really helpful.
Thanks for your time & assistance.
Max