Forum Discussion
Securing Files in Teams
Ben_Stravinsky For highly sensitive files, the guidance is to apply an Office 365 sensitivity label to the files stored in SharePoint Online. This will ensure that only the people assigned rights to the files can access the content. Sensitivity labels are very different to retention labels. https://www.petri.com/using-office-365-sensitivity-labels.
Users can't change the sensitivity label on a file. Only the author or those with co-author permissions can do so.
Ben_Stravinsky For highly sensitive files, the guidance is to apply an Office 365 sensitivity label to the files stored in SharePoint Online. This will ensure that only the people assigned rights to the files can access the content. Sensitivity labels are very different to retention labels. https://www.petri.com/using-office-365-sensitivity-labels.
Users can't change the sensitivity label on a file. Only the author or those with co-author permissions can do so.
TonyRedmond the problem with sensitivity labels is that you have to apply to each file unlike a retention label which you could apply to a folder or SharePoint Site. This is a large overhead for users to remember
If you have the Microsoft 365 E5/A5/G5, Microsoft 365 E5/A5/G5 Compliance, Microsoft 365 Information Protection and Governance, Office 365 E5, Office 365 Advanced Compliance, Enterprise Mobility + Security E5, and AIP Plan 2 then you can benefit from automatic sensitivity labeling. However from a business perspective defining these business rules is not always easy,
Deleted There's no doubt that an overhead is incurred to assign sensitivity labels one file at a time. However, not every document needs to be labelled unless you want to make this compulsory. Users can be coached to apply labels as they create documents but gaps will exist and you'll still have many documents at rest that won't be labelled. That's why auto-label policies help, even if it incurs E5 licenses. Trainable classifiers are a great help in locating important business documents that can't be easily identified with sensitive data types. This is a complex area that is developing quickly and we will see increased automation and precision as time develops. But it will take time.