Companies across all different industries and regulatory environments have a need to manage the lifecycle of their data – keeping sensitive data secure and ensuring that their data and records are governed in accordance with compliance requirements – all the while ensuring end-user productivity isn’t hindered. More than ever, users share and move their data across devices, apps, and services. This has made protecting important data even more challenging.
In our Information Protection blog we announced a new unified labeling experience in the Security & Compliance Center. With unified labels, you have a single place to manage sensitivity labels that help classify and protect your sensitive data, as well as manage retention labels that help govern the lifecycle of your data (e.g. data retention and expiration). With this update also comes interoperability between Azure Information Protection labels and labels in Office 365. This means, for example, if you have content labeled by Azure Information Protection, you won’t need to reclassify or relabel your content. With unified labels, you can assign multiple labels to a single file, helping ensure your sensitive information is protected while it’s also controlled according to your governance needs.
The new unified label management experience in the Security & Compliance Center
Getting started with sensitivity labels
Getting started with sensitivity labels is an easy two-step process. First, you want to establish your taxonomy for defining different levels of sensitive content. You should use common names or terms that make sense to your end-users. For example, many customers start with labels such as Personal, Public, General, Confidential, and Highly Confidential. Then, configure the protection settings you want associated with each label. For example, lower sensitivity content (e.g. a “General” label) might have content watermarking or header/footers applied, while higher sensitivity content (e.g. a “Confidential” label) may have access controls and encryption applied to ensure only privileged users can access it. After you define your organization’s labels, you “publish” a label policy that controls which labels users can assign to their content – and this also makes labels available in Office apps and other services. More detailed instructions are available directly in the product help at https://aka.ms/manageMIP.
Guidance for customers using Azure Information Protection labels
The new unified labelling is designed to interoperate with Azure Information Protection labels. If you have content that’s already been labeled by Azure Information Protection, you won’t need to re-classify or re-label it. We have made it easy to merge and re-use your existing Azure Information Protection labels with the new unified labelling in the Security & Compliance Center.
Azure Information Protection users are currently able to classify and label content on Windows using the Azure Information Protection add-in for Office. Customers have long requested the need for classification and labelling on other platform, and today we’re announcing a public preview for existing Azure Information Protection customers – the ability to migrate Azure Information Protection labels to the unified labeling in the Security & Compliance Center. Get started today with the preview versions of the Office apps that support native labeling (as described in our Information Protection blog). To prevent confusion, we recommend you avoid creating labels in the Security & Compliance Center. Our documentation has important information and some specific caveats – you can find out more on the Azure Information Protection portal. If you are not yet ready to migrate your production tenants to unified labels then there is no cause for concern; for the moment, your users can continue using the Azure Information Protection client and admins can use the Azure portal for management. The new reporting and analytics capabilities in Azure Information Protection are also available in public preview in the Azure portal.
Together, these updates for Azure Information Protection represent another step towards a complete data protection strategy. Get started today!
The Microsoft Information Protection team