Forum Discussion
How do you work around the client restrictions for opening encrypted documents?
We are wanting to roll out Purview sensitivity labels. Specifically, encrypted labels so we can implement controls such as preventing printing, copy/paste, etc. The issue we have ran into is that once an Office doc is encrypted, there appears to only be two ways to open the document:
- In a licensed Office desktop client
- Sharing a link to the document in SharePoint so it can be opened in a web browser.
We share documents with a large variety of 3rd parties that do not use Office. Many are small businesses who seem to prefer Google Workspace, so no Office clients. The SharePoint web browser option also does not work for us as we require users to have an Entra ID account to access our SharePoint, and it would not be feasible to onboard the number of external users we share documents with (nor to purchase O365 licenses for all of them). We considered using both encrypted and non-encrypted labels and using encrypted only when the recipient uses office. However there is no way for our internal users to know if the person they are sending a document to is using Office. So now we are left not really knowing what to do. I would love to hear some suggestions for how other organizations handled this.
1 Reply
You need an "enlightened" app to work with IRM-protected documents, there is no other way around it. So you're at the classical crossroad - decide between usability and security.
