Home

Azure Information Protection – the year that was 2017!

First published on CloudBlogs on Dec 18, 2017
Hi everyone, and welcome to the very last blog from me this year! It has been an incredible year, and I wanted to take this opportunity to take a walk down memory lane and see just how far the Information Protection space has come. We have seen incredible uptake of Azure Information Protection (AIP) and it’s great to see the momentum, thank you! It’s especially rewarding to learn that our customers are benefitting from the solutions we develop. Check out our latest customer story from Yara .

What a year!

It seems like only yesterday that we were getting ready to launch AIP. After a bit of a splash at Microsoft Ignite, on October 4, 2016, AIP moved to GA and was quickly followed up with a December Preview . We looked to operate at a fast pace, so the December release moved to GA in February 2017 which to me was the beginning on when we really started to see adoption move in earnest (and it has continued to accelerate all year!). An ask we heard loud and clear from you was for more guidance, and so began the Ready, Set, Protect! Series which was designed to give you a set of guidelines and approaches as you worked through your deployment and adoption of an information protection taxonomy. We even did an adoption and deployment session at Ignite where one of our customers joined us to share their approach towards label taxonomy. Based on our experiences at Microsoft, we also developed an adoption guide that you can use to get started with information protection in your company easily and quickly. As most of you are aware, we have had Protection for a long time, first with ADRMS and then Azure RMS. This naturally came with a set of prior functions and configuration which we needed to rationalize, and we began the unification of these assets with the Unified Administration Preview in April. This unification is now complete, and we continue to invest in making it easier for our admins to configure and manage AIP. After a relatively quiet summer (as far as external releases) which included an important Do Not Track feature Preview in June, the big news for 2017 landed at Microsoft Ignite with the launch of two critically important capabilities: Office 365 Message Encryption (secure email to anyone on the planet) and the integration with Cloud App Security. You can watch Microsoft Ignite 2017 - Azure Information Protection sessions to find all the good stuff we shared at the event. And then we closed the year out with two more significant Previews in Conditional Access and Azure Information Protection scanner in October to ensure that you can leverage your information protection policies to define how and when sensitive data can be accessed, and perform large-scale interrogation and enforcement of existing data. That was quite a year! We certainly had fun working with you, learning, listening and shipping, and we hope you are gaining value from our efforts.

Themes in adoption

I would also like to capture some themes we have seen emerge over the year as we worked with you on your information protection journey.
  • There are many ways to approach defining, deploying and adopting an information protection taxonomy and policy. But two approaches have become the de facto:
    • Start broad and simple (such as labels only for everyone) and then layer on additional items
    • Go deep and complete with smaller groups (such as business units that generate the most sensitive data like M&A, HR, Finance, Legal) and move from one to the next.
  • You will spend as much time defining your taxonomy as you will deploying it.
    • I always ask for the name of the taxonomy owner. Not a role, a name. Even agreeing on that can be hard! Then agree on who gets a say, and what the approval process looks like.
    • We put a lot of effort into the defaults we provide. If you have an existing taxonomy, use it. If you don’t, use the default to get started.
  • Remember you are deploying an end user facing security solution. Spend time on user education and training. We built a lot of assets as part of the internal Microsoft deployment, and we have generalized them so you can leverage - everything from form emails to posters for the walls. Check out the adoption guide we built for you.
  • Always have a plan. A complete plan. A typical AIP deployment includes security, compliance, privacy, desktop management, mobile management, identity and collaboration teams, and then representatives from business units. That’s a lot of coordination.
  • Tell us what you think! We run a vibrant Yammer community and track all feature requests in Uservoice . We hear, we listen and we respond. (and please use your corporate details, an anonymous address is a single voice, a corporate voice is representative of your business size!).
We have had a great year, we hope you have too. THANK YOU for all the engagement, discussions, debates and feedback. We do this for you, please have a fantastic end of the year and see you in 2018! Adam Hall (on behalf of all the incredible people who deliver Azure Information Protection)