Forum Discussion

James Vink's avatar
James Vink
Copper Contributor
Jun 26, 2018
Solved

On-Prem AIP for DLP

I am looking into introducing DLP policies and during the learning process i have come to learn about AIP. The AIP integration with Office is really slick and love the labeling feature. I'm looking ...
  • Carol Bailey's avatar
    Carol Bailey
    Jun 27, 2018

    Yes, for users to be authenticated so they can then download the labels that you configure, install and configure AD Connect.  You configure the labels from the Azure portal, using any number of labels (create scoped policies if you want users to have specific labels), using your choice of classification names, any color, specifying whatever header/footer/watermark you want etc.

     

    You can configure clients to be offline, but it's not a sustainable solution and won't offer the best user experience: https://docs.microsoft.com/en-us/azure/information-protection/rms-client/client-admin-guide-customizations#support-for-disconnected-computers

     

    Only if you need documents and emails to be protected (as well as classified) do you need the RMS connector for your on-premises servers - for example so users can apply a label in Outlook that classifies and protects right from the client.  You can always add the protection piece later.