Forum Discussion
Re: Azure Information Protection retroactive protection - AIP
“In addition, all files are inspected when the scanner downloads an Azure Information Protection policy that has new or changed conditions. The scanner refreshes the policy every hour, and when the service starts and the policy is older than one hour.”
https://docs.microsoft.com/en-us/azure/information-protection/infoprotect-quick-start-tutorial
2 Replies
Hi Bryan Haslip thanks for answering but my question si more complexed than that.
Imagine that few files that have a label were sent to external recipients or cloud spaces.
I want that the files start to be protected because of business reasons, i change the label that i know is the same of the document in the case.
I can be sure that all the document with that label will be protected. obviously also out from my systems where i can use tha aip scanner eventually (is not in the case btw) ?
The purpose is to protect documenta also (and especially i think) out from the home environment
I think I understand now. From my experience once the document has left your environment and control the only option you have is to revoke access to the document. I have not been able to apply the updated policy on a document that say I sent via email. I certainly can revoke access and send the updated document with the updated policy. Hopefully that gives you the information you are looking for.
