The Documentation for Azure Information Protection has been updated on the web and the latest content has a July 2018 (or later) date at the top of the article.
This month sees a new preview release of the client, with supporting documentation for the changes. For example, support for GDPR sensitive information types and some important updates for the Azure Information Protection scanner. In addition, the documentation is updated for a small but much-requested change: When you have the latest subscription Office version, Track Changes in protected Word documents no longer requires the Full Control usage right. Note that in this scenario, the Lock Tracking option can be used to prevent people from disabling Track Changes (via password protection).
We listen to your feedback and try to incorporate it whenever possible. Let me know if you have feedback about the technical documentation and I also encourage you to head over to our Yammer site to see what others are discussing.
What's new in the documentation for Azure Information Protection, July 2018
What is Azure Information Protection?
- Added a new section, Classifying and protecting existing documents, which provides an overview of using the Azure Information Protection scanner for on-premises data stores, and provides links to Microsoft Cloud App Security for cloud data stores.
Frequently asked questions for Azure Information Protection
- Updated the entry What's the difference between Windows Server FCI and the Azure Information Protection scanner? to update the scanner information that SharePoint Server 2010 is now supported with the preview version of the scanner.
Configuring usage rights for Azure Rights Management
- Updated the description for the Edit Content, Edit (DOCEDIT) usage right with the information that Full Control is no longer needed for Track Changes when you have the latest Office version. You can read confirmation about this change from the Word: Feature updates section in the Office Release notes for version 1807.
- Updated for the new sensitive information types that are becoming available in the Azure portal, to help you identify personal data in documents and emails. To detect these new information types, you must use the preview client.
Deploying the Azure Information Protection scanner to automatically classify and protect files
- Updated throughout to include the changes for the preview version. There's also a new prerequisite added to clarify that to discover and label Office documents, they must be in 97-2003 file formats or Office Open XML file formats.
Azure Information Protection client: Version release history and support policy
- Updated for the new preview release.
Azure Information Protection client administrator guide
- Added a new section, Post installation tasks, which includes instructions to modify macros in Excel spreadsheets. Updated the Upgrading the Azure Information Protection scanner section to include instructions for the new preview version.
Admin Guide: Custom configurations for the Azure Information Protection client
- Updated for the following entries:
- Support for disconnected computers clarifies that exporting the policy does not support the scenario where a user belongs to more than one scoped policy. The policy versioning table is also updated for the preview client.
- Protect PDF files by using the ISO standard for PDF encryption is a new advanced client setting that's supported only by the preview client. When this setting is enabled and the Azure Information Protection client protects a PDF file, this action creates a protected PDF document that doesn't change the file name extension and that adheres to the ISO standard for PDF encryption. The resulting protected PDF file can be opened with the preview version of the Azure Information Protection client for Windows, and other PDF readers that support the ISO standard for PDF encryption.
- Support for files protected by Secure Islands is a new customization that requires a registry edit and the preview client. This configuration enables the client to decrypt non-Office files that were protected by Secure Islands. This ability lights up many new scenarios, such as using the Azure Information Protection scanner to inspect these protected files for sensitive information, and using PowerShell scripts to unprotect or reprotect these files by using Azure Information Protection labels.
Admin Guide: File types supported by the Azure Information Protection client
- Updated to clarify that the Office file formats supported are the 97-2003 file formats and Office Open XML formats. Unless you have the preview client, Strict Open XML isn't supported. Also added the statement that the maximum file size supported to unprotect .pst files is 5 GB, and this information is also added to Unprotect-RMSFile. Information about PDF files is updated throughout this article, to include the difference in behavior when the preview client is configured for the ISO standard for PDF encryption.
AzureInformationProtection PowerShell module:
- New cmdlets for the preview version: Get-AIPScannerStatus, Start-AIPScan, and Update-AIPScanner.
- Cmdlets that are updated to include changes for the preview version: Add-AIPScannerRepository, Get-AIPScannerRepository, Set-AIPScannerConfiguration, and Set-AIPScannerRepository.