Forum Discussion
IvanWilson
Sep 18, 2024Iron Contributor
Sensitivity Labels applied to email attachments versus directly on the document
I've noticed that the encryption applied to email attachments via sensitivity labels behaves differently than if the encryption is applied directly to the document.
Example 1: I create an email and choose a sensitivity label that encrypts contents based on the specified users. I attach a Word document that does not have a sensitivity label applied. The email and attachment are encrypted. The email is sent to an external user
Example 2: I create an email and attach a Word document that has already been assigned a sensitivity label that includes encryption. The email is sent to an external user.
In Example 1, the recipient can view the attachment in Outlook Web. In Example 2, the document can't be viewed in Outlook Web. You will see a message "Sorry, Word can't open this document in a browser because it's protected by Information Rights Management".
In example 1, the recipient can forward the email to someone in a separate tenant. They can also view the email and attachment.
Is this expected behavior?
- vicwingsingIron Contributor
hi Ivan,
In your Example 1, does your policy have the Inherit label from attachments turned on? Because if it's not turned on, and you don't have any default labels for email, then your email is not protected and the external user will be able to forward this email to someone else.