cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Azure Information Protection - UL - Sensitivity Labels in Office Web Apps - No Adhering to Controls

%3CLINGO-SUB%20id%3D%22lingo-sub-2035013%22%20slang%3D%22en-US%22%3EAzure%20Information%20Protection%20-%20UL%20-%20Sensitivity%20Labels%20in%20Office%20Web%20Apps%20-%20No%20Adhering%20to%20Controls%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2035013%22%20slang%3D%22en-US%22%3E%3CP%3EI%20have%20Unified%20Labelling%20turned%20on%2C%20Labelling%20for%20Sharepoint%20and%20OneDrive%20configured%20%2F%20enabled%20and%20a%20document%20that%20has%20been%20protected%20so%20the%20the%20end%20user%20can%20only%20VIEW%20the%20content.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EIn%20Office%20Desktop%20the%20controls%20are%20correctly%20stopping%20the%20end%20user%20from%20screen%20capturing%2C%20and%20copying%20the%20content%20of%20the%20labelled%20document%20*tick*%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EIn%20Office%20for%20the%20Web%20the%20controls%20are%20not%20stopping%20the%20end%20user%20from%20screen%20capturing%20or%20copying%20the%20content%20from%20the%20document.%20*cross*%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EWhat%20are%20my%20options%3F%20Or%20is%20there%20something%20that%20I%20have%20mis-configured%2C%20as%20this%20seems%20to%20be%20a%20significant%20hole%20in%20the%20Information%20Protection%20capabilities%20of%20the%20solution.%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-2035013%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EInformation%20Protection%20%26amp%3B%20Governance%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
Shane_Blake
New Contributor

‎Jan 05 2021 08:20 PM - edited ‎Jan 05 2021 08:20 PM

‎Jan 05 2021 08:20 PM - edited ‎Jan 05 2021 08:20 PM

Azure Information Protection - UL - Sensitivity Labels in Office Web Apps - No Adhering to Controls

I have Unified Labelling turned on, Labelling for Sharepoint and OneDrive configured / enabled and a document that has been protected so the the end user can only VIEW the content.

 

In Office Desktop the controls are correctly stopping the end user from screen capturing, and copying the content of the labelled document *tick*

 

In Office for the Web the controls are not stopping the end user from screen capturing or copying the content from the document. *cross*

 

What are my options? Or is there something that I have mis-configured, as this seems to be a significant hole in the Information Protection capabilities of the solution. 

249 Views
0 Likes
2 Replies
Reply
2 Replies
HotCakeX

‎Jan 06 2021 12:51 AM

‎Jan 06 2021 12:51 AM

Re: Azure Information Protection - UL - Sensitivity Labels in Office Web Apps - No Adhering to Contr

Hi,
if the problem is not isolated to Edge and also happens in other browsers,
you can try Azure community:
https://techcommunity.microsoft.com/t5/azure/ct-p/Azure
0 Likes
Reply
Enrique Saggese

‎Mar 09 2021 03:55 PM

‎Mar 09 2021 03:55 PM

Re: Azure Information Protection - UL - Sensitivity Labels in Office Web Apps - No Adhering to Contr

@Shane_Blake The limitation regarding screen capturing is well-known and accepted since there's no method for a web application to ask a browser to block screen capturing. 

The limitation you mention about copying is more puzzling since the Office web apps do prevent copying content from protected documents that don't grant this right. Is this something you can reproduce on documents protected by other users? What rights do you have on the document?

 

It must be highlighted that the ability to enforce limited rights on a document is a "best effort" approach, and it is not intended to stop malicious users (since if you give any form of access to a malicious user, there's nothing you can do to prevent them from reproducing the content, worst case they can take a picture of it with their phone or retype it by hand). So if you don't trust a user enough that you can't reasonably assume the user is not malicious, don't grant them rights to the content at all. 

Learn more about this here: 

https://docs.microsoft.com/en-us/enterprise-mobility-security/solutions/azure-information-protection...

1 Like
Reply