cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Home

AIP, DLP and eDiscovery

%3CLINGO-SUB%20id%3D%22lingo-sub-568023%22%20slang%3D%22en-US%22%3EAIP%2C%20DLP%20and%20eDiscovery%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-568023%22%20slang%3D%22en-US%22%3E%3CP%3EI%20did%20some%20tests%20yesterday%20to%20verify%20some%20DLP%20and%20eDiscovery%20behavior%20for%20AIP%20protected%20documents%3A%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3Ea)%20DLP%3A%20I%20setup%20a%20DLP%20policy%20with%20a%20rule%20do%20prevent%20users%20from%20saving%20documents%20that%20are%20marked%20as%20%22Streng%20Vertraulich%22%20(Highly%20Confidential)%20on%20SharePoint%2C%20ODfB%20and%20send%20through%20Exchange.%3C%2FP%3E%3CP%3EI%20used%20a%20rule%20that%20looks%20at%20a%20file%20property%20and%20named%20the%20property%20%22Sensitivity%22%2C%20with%20the%20Value%20%22Streng%20Vertraulich%22%20(see%20screenshot).%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20style%3D%22width%3A%20422px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Fgxcuf89792.i.lithium.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F113318i1C2533AC4D1D13EA%2Fimage-dimensions%2F422x142%3Fv%3D1.0%22%20width%3D%22422%22%20height%3D%22142%22%20alt%3D%22screen1.PNG%22%20title%3D%22screen1.PNG%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3EI%20activated%20the%20policy.%20(%22Yes%2C%20turn%20it%20on%20right%20away%22).%3C%2FP%3E%3CP%3EResult%3A%20Saving%20these%20documents%20was%20not%20prevented%2C%20no%20warning%20messages%20to%20the%20user%20and%20not%20alert%20to%20the%20adminstrators.%3C%2FP%3E%3CP%3EWhy%20is%20this%20policy%20not%20working%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EWhat%20also%20bothered%20me%20was%2C%20that%20the%20Sensitivity%20property%20value%20was%20not%20listed%20in%20the%20Windows%20Explorer%2C%20see%20attached%20screenshot.%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20style%3D%22width%3A%20421px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Fgxcuf89792.i.lithium.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F113319i290A20FA371FC9D1%2Fimage-dimensions%2F421x295%3Fv%3D1.0%22%20width%3D%22421%22%20height%3D%22295%22%20alt%3D%22Screen2.PNG%22%20title%3D%22Screen2.PNG%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-568023%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EInformation%20Protection%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-618904%22%20slang%3D%22en-US%22%3ERe%3A%20AIP%2C%20DLP%20and%20eDiscovery%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-618904%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F203532%22%20target%3D%22_blank%22%3E%40Franck%20Marteaux%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F90352%22%20target%3D%22_blank%22%3E%40Enrique%20Saggese%3C%2FA%3E%3A%20Is%20this%20something%20you%20can%20speak%20to%3F%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-619268%22%20slang%3D%22en-US%22%3ERe%3A%20AIP%2C%20DLP%20and%20eDiscovery%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-619268%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F203532%22%20target%3D%22_blank%22%3E%40Franck%20Marteaux%3C%2FA%3E%26nbsp%3BHo%20Franck!%20Did%20the%20label%20you%20applied%20involve%20protection%20or%20not%3F%3C%2FP%3E%0A%3CP%3EIn%20labels%20without%20protection%20the%20label%20metadata%20is%20only%20encoded%20as%20an%20Office%20Document%20metadata%20(which%20you%20can%20see%20from%20within%20Office%20by%20going%20to%20File%2FInfo%2FProperties).%20Only%20when%20you%20involve%20protection%20the%20labels%20are%20visible%20within%20Explorer.%3C%2FP%3E%0A%3CP%3EWe%20are%20working%20to%20integrate%20labeling%20with%20SPO%20so%20Office%20365%20DLP%20can%20act%20on%20labels%20whether%20the%20document%20is%20protected%20or%20not.%20We%20are%20also%20working%20to%20integrate%20labels%20in%20Explorer%20so%20the%20labels%20are%20visible%20as%20an%20Explorer%20column.%20We%20don't%20have%20ETA%20for%20this%20work%20to%20be%20complete%2C%20in%20the%20meantime%20unfortunately%20the%20results%20my%20not%20be%20consistent%20depending%20on%20whether%20the%20label%20applies%20protection%20or%20not.%26nbsp%3B%3C%2FP%3E%0A%3CP%3EHTH%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-649499%22%20slang%3D%22en-US%22%3ERe%3A%20AIP%2C%20DLP%20and%20eDiscovery%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-649499%22%20slang%3D%22en-US%22%3E%3CP%3EHi%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F90352%22%20target%3D%22_blank%22%3E%40Enrique%20Saggese%3C%2FA%3E%26nbsp%3B%2C%20yes%2C%20most%20of%20the%20documents%20in%20the%20screenshot%20are%20protected%2C%20specifically%20the%20one%20%22Geb%C3%A4ude%22%20with%20the%20open%20properties%20dialog%20box.%3C%2FP%3E%3CP%3ERegards%2C%3CBR%20%2F%3EFranck%3C%2FP%3E%3C%2FLINGO-BODY%3E
Highlighted
Franck Marteaux
Franck Marteaux
Occasional Contributor

‎05-14-2019 11:55 PM

‎05-14-2019 11:55 PM

AIP, DLP and eDiscovery

I did some tests yesterday to verify some DLP and eDiscovery behavior for AIP protected documents:

 

a) DLP: I setup a DLP policy with a rule do prevent users from saving documents that are marked as "Streng Vertraulich" (Highly Confidential) on SharePoint, ODfB and send through Exchange.

I used a rule that looks at a file property and named the property "Sensitivity", with the Value "Streng Vertraulich" (see screenshot).

screen1.PNG

I activated the policy. ("Yes, turn it on right away").

Result: Saving these documents was not prevented, no warning messages to the user and not alert to the adminstrators.

Why is this policy not working?

 

What also bothered me was, that the Sensitivity property value was not listed in the Windows Explorer, see attached screenshot.

Screen2.PNG

 

352 Views
0 Likes
3 Replies
Reply
3 Replies
Valon_Kolica

‎05-20-2019 02:24 PM

‎05-20-2019 02:24 PM

Re: AIP, DLP and eDiscovery

@Franck Marteaux 

 

@Enrique Saggese: Is this something you can speak to? 

0 Likes
Reply
Enrique Saggese

‎05-20-2019 02:54 PM

‎05-20-2019 02:54 PM

Re: AIP, DLP and eDiscovery

@Franck Marteaux Ho Franck! Did the label you applied involve protection or not?

In labels without protection the label metadata is only encoded as an Office Document metadata (which you can see from within Office by going to File/Info/Properties). Only when you involve protection the labels are visible within Explorer.

We are working to integrate labeling with SPO so Office 365 DLP can act on labels whether the document is protected or not. We are also working to integrate labels in Explorer so the labels are visible as an Explorer column. We don't have ETA for this work to be complete, in the meantime unfortunately the results my not be consistent depending on whether the label applies protection or not. 

HTH

 

0 Likes
Reply
Franck Marteaux

‎05-27-2019 01:58 AM

‎05-27-2019 01:58 AM

Re: AIP, DLP and eDiscovery

Hi@Enrique Saggese , yes, most of the documents in the screenshot are protected, specifically the one "Gebäude" with the open properties dialog box.

Regards,
Franck

0 Likes
Reply
Related Conversations
Tabs and Dark Mode
 cjc2112 in Discussions on 09-18-2019
46 Replies
Extentions Synchronization
 Deleted in Discussions on 11-13-2019
3 Replies
Stable version of Edge insider browser
 HotCakeX in Discussions on 10-12-2019
35 Replies
How to Prevent Teams from Auto-Launch
 chenrylee in Microsoft Teams on 06-27-2019
30 Replies
flashing a white screen while open new tab
 Deleted in Discussions on 10-05-2019
14 Replies
Security Community Webinars
 Valon_Kolica in Security, Privacy & Compliance on 10-22-2019
13 Replies