%3CLINGO-SUB%20id%3D%22lingo-sub-1500728%22%20slang%3D%22en-US%22%3ERe%3A%20General%20Availability%3A%20Microsoft%20Information%20Protection%20sensitivity%20labels%20in%20Teams%2FSharePoint%20si%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1500728%22%20slang%3D%22en-US%22%3E%3CP%3E%3CSPAN%3EThank%20you.%26nbsp%3B%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%3E%22To%20see%20which%20apps%20and%20services%20support%20this%20capability%2C%20read%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Freview.docs.microsoft.com%2Fen-us%2Fmicrosoft-365%2Fcompliance%2Fsensitivity-labels-teams-groups-sites%3Fview%3Do365-21vianet%26amp%3Bbranch%3Dpr-en-us-3776%23support-for-sensitivity-labels%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ethis%3C%2FA%3E%26nbsp%3Bdocumentation%20page%22.%20-%20The%20link%20is%20broken%20and%20receiving%20%22forbidden%22%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1501907%22%20slang%3D%22en-US%22%3ERe%3A%20General%20Availability%3A%20Microsoft%20Information%20Protection%20sensitivity%20labels%20in%20Teams%2FSharePoint%20si%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1501907%22%20slang%3D%22en-US%22%3E%3CP%3EMohan%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3ETry%3A%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fmicrosoft-365%2Fcompliance%2Fsensitivity-labels-teams-groups-sites%3Fview%3Do365-worldwide%23support-for-sensitivity-labels%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fmicrosoft-365%2Fcompliance%2Fsensitivity-labels-teams-groups-sites%3Fview%3Do365-worldwide%23support-for-sensitivity-labels%3C%2FA%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1497769%22%20slang%3D%22en-US%22%3EGeneral%20Availability%3A%20Microsoft%20Information%20Protection%20sensitivity%20labels%20in%20Teams%2FSharePoint%20sites%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1497769%22%20slang%3D%22en-US%22%3E%3CP%3E%3CEM%3EEnsure%20secure%20collaboration%20in%20scalable%20way%20with%20Microsoft%20Information%20Protection%3C%2FEM%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EMicrosoft%20Information%20Protection%20is%20a%20built-in%2C%20intelligent%2C%20unified%2C%20and%20extensible%20solution%20to%20protect%20sensitive%20data%20across%20your%20enterprise%20%E2%80%93%20in%20Microsoft%20365%20cloud%20services%2C%20on-premises%2C%20third-party%20SaaS%20applications%2C%20and%20more.%20Microsoft%20Information%20Protection%20provides%20a%20unified%20set%20of%20capabilities%20to%20know%20your%20data%2C%20protect%20your%20data%2C%20and%20prevent%20data%20loss%20across%20Microsoft%20365%20apps%20(e.g.%20Word%2C%20PowerPoint%2C%20Excel%2C%20Outlook)%20and%20services%20(e.g.%20Teams%2C%20SharePoint%2C%20and%20Exchange).%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%3C%2FP%3E%0A%3CP%3EMicrosoft%20Information%20Protection%E2%80%99s%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fmicrosoft-365%2Fcompliance%2Fsensitivity-labels%3Fview%3Do365-worldwide%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Esensitivity%20labels%3C%2FA%3E%26nbsp%3Bare%20central%20to%20how%20your%20business-critical%20data%20is%20protected%2C%20in%20a%20persistent%20way%2C%20throughout%20its%20lifecycle.%20Labels%20can%20be%20applied%20to%20protect%20documents%20(e.g.%20to%20encrypt%20an%20Excel%20file)%20and%20to%20containers%20(e.g.%20to%20restrict%20access%20to%20a%20confidential%20team%20or%20site%20from%20unmanaged%20devices).%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EWe%20recently%20announced%20the%20general%20availability%20of%20both%20%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fmicrosoft-security-and%2Fannouncing-general-availability-of-sensitivity-labels-with%2Fba-p%2F1356224%22%20target%3D%22_blank%22%20rel%3D%22noopener%22%3Emanual%20labeling%3C%2FA%3E%20in%20Office%20apps%20across%20all%20platforms%20and%20of%20%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fmicrosoft-security-and%2Fgeneral-availability-of-automatic-classification-with%2Fba-p%2F1422249%22%20target%3D%22_blank%22%20rel%3D%22noopener%22%3Eautomatic%20labeling%3C%2FA%3E%20for%20documents%20stored%20in%20SharePoint%20and%20Teams.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EToday%2C%20we%20are%20excited%20to%20announce%3CSTRONG%3E%26nbsp%3Bthe%20general%20availability%20of%20sensitivity%20labels%20for%20%3C%2FSTRONG%3E%3CSTRONG%3ETeams%3C%2FSTRONG%3E%3CSTRONG%3E%2C%20%3C%2FSTRONG%3E%3CSTRONG%3ESharePoint%3CSPAN%3E%20sites%3C%2FSPAN%3E%3C%2FSTRONG%3E%3CSTRONG%3E%2C%20and%20%3C%2FSTRONG%3E%3CSTRONG%3EMicrosoft%20365%20Group%3CSPAN%3Es%3C%2FSPAN%3E%3C%2FSTRONG%3E%3CSTRONG%3E.%3C%2FSTRONG%3E%20You%20can%20now%20associate%20a%20sensitivity%20label%20with%20policies%20related%20to%20privacy%2C%20external%20user%20membership%2C%20and%20unmanaged%20device%20access.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EWith%20users%20constantly%20creating%20and%20sharing%20sensitive%20data%20in%20Teams%20and%20on%20SharePoint%20sites%2C%20this%20capability%20allows%20for%20holistically%20securing%20sensitive%20content%20whether%20it%20is%20in%20a%20file%20or%20in%20a%20chat%20by%20managing%20access%20to%20these%20containers.%20This%20powerful%20capability%2C%20along%20with%20manual%20and%20auto-labeling%20of%20documents%20on%20SharePoint%20and%20Teams%2C%20helps%20you%20scale%20your%20data%20protection%20program%20to%20meet%20the%20proliferation%20of%20data%20and%20the%20challenge%20of%20secure%20collaboration%20while%20working%20remotely.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EThe%20first%20step%20to%20securing%20sensitive%20content%20in%20teams%2C%20sites%20and%20groups%20is%20to%20create%20sensitivity%20labels%20with%20policies.%20For%20example%2C%26nbsp%3Byou%20can%20create%20a%20sensitivity%20label%20called%20%E2%80%9CConfidential%E2%80%9D%20and%20specify%20that%20any%20team%2C%20site%2C%20or%20group%20created%20with%20this%20label%20will%26nbsp%3Bbe%20private%2C%20that%20even%20a%20team%20or%20site%20owner%20cannot%20add%20users%20external%20to%20the%20organization%20and%20that%20unmanaged%20devices%20will%20be%20allowed%20web%20access%20only.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22LabelsSettins.jpg%22%20style%3D%22width%3A%20999px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Fgxcuf89792.i.lithium.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F202098i998588249136DD8E%2Fimage-size%2Flarge%3Fv%3D1.0%26amp%3Bpx%3D999%22%20title%3D%22LabelsSettins.jpg%22%20alt%3D%22Figure%201%3A%20Admin%20specifying%20access%20policies%20during%20label%20creation%22%20%2F%3E%3CSPAN%20class%3D%22lia-inline-image-caption%22%20onclick%3D%22event.preventDefault()%3B%22%3EFigure%201%3A%20Admin%20specifying%20access%20policies%20during%20label%20creation%3C%2FSPAN%3E%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3ENow%20a%20user%20creating%20a%20team%2C%20or%20a%20site%20can%20choose%20from%20your%20published%20labels%2C%20and%20all%20the%20underlying%20policies%20will%20apply%20automatically%20to%20that%20team%20or%20site.%20For%20example%2C%20if%20a%20user%20selects%20the%20%E2%80%9CConfidential%E2%80%9D%20label%20during%20a%20team%20creation%2C%20this%20new%20team%20will%20automatically%20restrict%20access%20to%20approved%20members%20in%20the%20organization%20and%20prevent%20addition%20of%20people%20external%20to%20the%20organization.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22LabelsInAction%20Teams.gif%22%20style%3D%22width%3A%20999px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Fgxcuf89792.i.lithium.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F202099i41F529A6543BABA4%2Fimage-size%2Flarge%3Fv%3D1.0%26amp%3Bpx%3D999%22%20title%3D%22LabelsInAction%20Teams.gif%22%20alt%3D%22Figure%202%3A%20When%20team%20owner%20applies%20%E2%80%9CConfidential%E2%80%9D%20label%2C%20team%20and%20associated%20site%20are%20automatically%20set%20as%20private%22%20%2F%3E%3CSPAN%20class%3D%22lia-inline-image-caption%22%20onclick%3D%22event.preventDefault()%3B%22%3EFigure%202%3A%20When%20team%20owner%20applies%20%E2%80%9CConfidential%E2%80%9D%20label%2C%20team%20and%20associated%20site%20are%20automatically%20set%20as%20private%3C%2FSPAN%3E%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EAfter%20a%20user%20creates%20the%20team%2C%20this%20%E2%80%9CConfidential%E2%80%9D%20label%20will%20appear%20in%20the%20upper-right%20corner%20of%20all%20channels%20within%20this%20team.%26nbsp%3BNow%2C%20if%20users%20visit%20the%20SharePoint%20site%20associated%20with%20this%20team%2C%20they%20will%20also%20see%20the%20%E2%80%9CConfidential%E2%80%9D%20label%2C%20and%20all%20applied%20policies.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EThis%20capability%20enables%20you%20to%20protect%20sensitive%20content%20in%20a%20team%20or%20SharePoint%20site%20by%20managing%20people%20and%20device%20access%20to%20these%20containers.%20If%20you%20want%20to%20apply%20label-based%20encryption%20to%20protect%20individual%20documents%20stored%20in%20a%20team%20or%20SharePoint%20site%2C%20you%20can%20use%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fmicrosoft-365%2Fcompliance%2Fapply-sensitivity-label-automatically%3Fview%3Do365-worldwide%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Eauto-labeling%3C%2FA%3E%20or%20%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fmicrosoft-security-and%2Fannouncing-general-availability-of-sensitivity-labels-with%2Fba-p%2F1356224%22%20target%3D%22_blank%22%20rel%3D%22noopener%22%3Emanual%20labeling%3C%2FA%3E.%20Together%20these%20powerful%20Microsoft%20Information%20Protection%20capabilities%20enable%20organizations%20to%20scale%20their%20data%20protection%20programs%20across%20a%20vast%20amount%20of%20data.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EWe%20are%20continuously%20expanding%20the%20capabilities%20of%20Microsoft%20Information%20Protection.%20You%20can%20see%20in%20%3CA%20href%3D%22https%3A%2F%2Fwww.microsoft.com%2Fsecurity%2Fblog%2F2020%2F06%2F11%2Fwhats-new-microsoft-365-compliance-risk-management%2F%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ethis%20recent%20blog%3C%2FA%3E%26nbsp%3Ba%20summary%20of%20some%20of%20the%20investments%20we%E2%80%99ve%20made%20in%20the%20last%20two%20months.%20To%20learn%20more%20about%20the%20capability%20covered%20in%20this%20blog%3A%3C%2FP%3E%0A%3CUL%3E%0A%3CLI%3ERead%20our%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fmicrosoft-365%2Fcompliance%2Fsensitivity-labels-teams-groups-sites%3Fview%3Do365-worldwide%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Eonline%20documentation%3C%2FA%3E%26nbsp%3Bwith%20instructions%20to%20opt-in%2C%20configuration%20details%2C%20and%20links%20to%20a%20webinar%20with%20demos.%3CUL%3E%0A%3CLI%3EIf%20you%20are%20using%20AAD%20classification%2C%20read%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fmicrosoft-365%2Fcompliance%2Fmigrate-aad-classification-sensitivity-labels%3Fview%3Do365-worldwide%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ethis%20documentation%3C%2FA%3E%20for%20next%20steps%3C%2FLI%3E%0A%3CLI%3E%3CSPAN%3ETo%20see%20which%20apps%20and%20services%20support%20this%20capability%2C%20read%20%3C%2FSPAN%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fmicrosoft-365%2Fcompliance%2Fsensitivity-labels-teams-groups-sites%3Fview%3Do365-worldwide%23support-for-sensitivity-labels%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ethis%3C%2FA%3E%3CSPAN%3E%20documentation%20page.%20To%20apply%20these%20labels%20on%20OneDrive%2C%20start%20%3C%2FSPAN%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fmicrosoft-365%2Fcompliance%2Fsensitivity-labels-teams-groups-sites%23use-powershell-to-apply-a-sensitivity-label-to-multiple-sites%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehere%3C%2FA%3E%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3C%2FLI%3E%0A%3CLI%3EThis%20capability%20is%20included%20with%20Microsoft%20365%20E3%20and%20Office%20365%20E3%20plus%20AAD%20Premium%20P1%20and%20above.%20Learn%20more%20about%20-ERR%3AREF-NOT-FOUND-required%20licensing.%20If%20you%20are%20new%20to%20Microsoft%20365%2C%20learn%20how%20to%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fmicrosoft-365%2Fcommerce%2Ftry-or-buy-microsoft-365%3Fview%3Do365-worldwide%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Etry%20or%20buy%20a%20subscription%3C%2FA%3E%3CSPAN%3E.%3C%2FSPAN%3E%3C%2FLI%3E%0A%3CLI%3EPlease%20note%20that%20auto-labeling%20individual%20documents%20stored%20in%20team%20or%20SharePoint%20site%20requires%20either%20Microsoft%20365%20E5%20or%20Compliance%20E5%20or%20Information%20Protection%20%26amp%3B%20Governance%20E5%20add-on%20SKU.%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3CP%3EAs%20you%20navigate%20this%20challenging%20time%2C%20we%20have%20additional%20resources%20to%20help.%20For%20more%20information%20about%20securing%20your%20organization%20in%20this%20time%20of%20crisis%2C%20visit%26nbsp%3Bour%20-ERR%3AREF-NOT-FOUND-Remote%20Work%20site.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EWe%E2%80%99re%20here%20to%20help%20in%20any%20way%20we%20can.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EThank%20you!%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CEM%3ESesha%20Mani%2C%20Principal%20Group%20Program%20Manager%2C%20Microsoft%20365%20services%3C%2FEM%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CEM%3ETony%20Themelis%2C%20Principal%20PM%20Manager%2C%20Microsoft%20Information%20Protection%3C%2FEM%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-TEASER%20id%3D%22lingo-teaser-1497769%22%20slang%3D%22en-US%22%3E%3CP%3EToday%2C%20we%20are%20excited%20to%20announce%3CSTRONG%3E%26nbsp%3Bthe%20general%20availability%20of%20Microsoft%20Information%20Protection%20sensitivity%20labels%20in%20T%3C%2FSTRONG%3E%3CSTRONG%3Eeams%3C%2FSTRONG%3E%3CSTRONG%3E%2C%20%3C%2FSTRONG%3E%3CSTRONG%3ESharePoint%3C%2FSTRONG%3E%3CSPAN%3E%3CSTRONG%3E%20sites%3C%2FSTRONG%3E%3C%2FSPAN%3E%3CSTRONG%3E%2C%20and%20%3C%2FSTRONG%3E%3CSTRONG%3EMicrosoft%20365%20Group%3C%2FSTRONG%3E%3CSPAN%3E%3CSTRONG%3Es%3C%2FSTRONG%3E%3C%2FSPAN%3E%3CSTRONG%3E.%3C%2FSTRONG%3E%20You%20can%20now%20associate%20a%20sensitivity%20label%20with%20policies%20related%20to%20privacy%2C%20external%20user%20membership%2C%20and%20unmanaged%20device%20access.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-center%22%20image-alt%3D%22LabelsInAction%20Teams.gif%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Fgxcuf89792.i.lithium.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F202097iB2C83999FB54BBAA%2Fimage-size%2Fmedium%3Fv%3D1.0%26amp%3Bpx%3D400%22%20title%3D%22LabelsInAction%20Teams.gif%22%20alt%3D%22Sensitivity%20labels%20in%20action%20in%20Teams%20and%20SharePoint%20site%22%20%2F%3E%3CSPAN%20class%3D%22lia-inline-image-caption%22%20onclick%3D%22event.preventDefault()%3B%22%3ESensitivity%20labels%20in%20action%20in%20Teams%20and%20SharePoint%20site%3C%2FSPAN%3E%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-TEASER%3E%3CLINGO-LABS%20id%3D%22lingo-labs-1497769%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3ECompliance%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EMicrosoft%20365%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EMicrosoft%20365%20Groups%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EMicrosoft%20Information%20Protection%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3ESecurity%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3ESensitivity%20Labels%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3ESharePoint%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3ETeams%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1502035%22%20slang%3D%22en-US%22%3ERe%3A%20General%20Availability%3A%20Microsoft%20Information%20Protection%20sensitivity%20labels%20in%20Teams%2FSharePoint%20si%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1502035%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F32868%22%20target%3D%22_blank%22%3E%40Mohan%20Seenippandian%3C%2FA%3E%26nbsp%3B%20-%20the%20link%20is%20updated%20now%2C%20it%20is%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fmicrosoft-365%2Fcompliance%2Fsensitivity-labels-teams-groups-sites%3Fview%3Do365-worldwide%23support-for-sensitivity-labels%22%20target%3D%22_self%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehere%3C%2FA%3E%2C%20thank%20you%20for%20pointing%20that%20out.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1502311%22%20slang%3D%22en-US%22%3ERe%3A%20General%20Availability%3A%20Microsoft%20Information%20Protection%20sensitivity%20labels%20in%20Teams%2FSharePoint%20si%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1502311%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F85036%22%20target%3D%22_blank%22%3E%40Sesha%20Mani%3C%2FA%3E%26nbsp%3B%20I%20m%20in%20the%20middle%20of%20implementation%20au-labeling%20for%20SharePoint%20and%20Onedrive%20in%20our%20organization.%26nbsp%3B%20The%20following%20are%20the%20requirements.%26nbsp%3B%3C%2FP%3E%3COL%3E%3CLI%3EDocuments%20must%20be%20classified%20automatically%20when%20a%20user%20uploads%20a%20document%20to%20the%20SharePoint%20site-%20Can%20do%20with%20Auto-labeling%20%2C%20already%20test%26nbsp%3B%3C%2FLI%3E%3CLI%3E%3CSTRONG%3EContent%20marking%3C%2FSTRONG%3E%20-%20any%20document%20classified%20must%20stamp%20with%20watermarks%2C%20as%20my%20understanding%2C%20we%20cannot%20do%20with%20auto-labeling.%20Any%20way%20to%20achieve%20this%3F%26nbsp%3B%20or%20even%20why%20when%20a%20user%20downloads%20the%20auto-classified%20document%20to%20the%20computer%20the%20user%20cannot%20see%20watermarks%20that%20we%20have%20defined%20under%20labels%3F%20is%20this%20because%20auto%20labeling%20not%20opening%20the%20document%20when%20its%20stamp%20with%20the%20label%3F%26nbsp%3B%3C%2FLI%3E%3CLI%3ETo%20overcome%20the%202nd%20issue%20I%20have%20tried%20with%20word%20templates%2C%20but%20then%20auto-labeling%20%3CSTRONG%3Edoesn't%20work%20with%20.doctx%3C%2FSTRONG%3E%2C%20will%20you%20be%20able%20to%20share%20a%20reference%20for%20all%20document%20types%20that%20support%20by%20the%20auto-labeling.%20Seems%20to%20be%20pdf%20also%20not%20supporting.%3C%2FLI%3E%3C%2FOL%3E%3CP%3EThanks.%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1502715%22%20slang%3D%22en-US%22%3ERe%3A%20General%20Availability%3A%20Microsoft%20Information%20Protection%20sensitivity%20labels%20in%20Teams%2FSharePoint%20si%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1502715%22%20slang%3D%22en-US%22%3E%3CP%3EThanks%20for%20the%20great%20description%2C%20this%20will%20be%20very%20useful%20for%20sites%20%2F%20teams%20handling%20confidential%20data.%26nbsp%3B%3C%2FP%3E%3CP%3EFor%20restricting%20access%20to%20unmanaged%20devices%20using%20sensitivity%20label%2C%20does%20this%20require%20this%20feature%20to%20be%20enabled%20at%20the%20SPO%20access%20control%20level%3F%20Or%20it%20can%20be%20controlled%20at%20individual%20site%2C%20group%20or%20team%20level%20now%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1503020%22%20slang%3D%22en-US%22%3ERe%3A%20General%20Availability%3A%20Microsoft%20Information%20Protection%20sensitivity%20labels%20in%20Teams%2FSharePoint%20si%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1503020%22%20slang%3D%22en-US%22%3E%3CP%3EDo%20you%20need%20a%20corresponding%20Session%20Control%20Conditional%20Access%20policy%20(Application%20enforced%20restrictions)%20for%20the%20unmanaged%20device%20settings%20to%20work%3F%26nbsp%3B%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1503348%22%20slang%3D%22en-US%22%3ERe%3A%20General%20Availability%3A%20Microsoft%20Information%20Protection%20sensitivity%20labels%20in%20Teams%2FSharePoint%20si%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1503348%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F716667%22%20target%3D%22_blank%22%3E%40Amit_Dobhal%3C%2FA%3E%26nbsp%3Band%20%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F359617%22%20target%3D%22_blank%22%3E%40Chris_Clark_Netrix%3C%2FA%3E%26nbsp%3B-%20Thank%20you%20for%20your%20compliment.%20For%20unmanaged%20device%20access%20policy%2C%20yes%2C%20this%20needs%20to%20be%20enabled%20at%20the%20SPO%20Access%20Control%20level%20to%20be%20permissive%20i.e.%20Full%20Access%2C%20which%20will%20automatically%20create%20a%20conditional%20access%20policy%20in%20AAD.%20Then%2C%20you%20can%20control%20at%20the%20individual%20site%20level%20by%20using%20this%20Sensitivity%20Label.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3ERefer%20to%20this%20documentation%20for%20the%20further%20instructions%20on%20enabling%20unmanaged%20device%20policy%20in%20SharePoint%3A%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fsharepoint%2Fcontrol-access-from-unmanaged-devices%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fsharepoint%2Fcontrol-access-from-unmanaged-devices.%3C%2FA%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1503358%22%20slang%3D%22en-US%22%3ERe%3A%20General%20Availability%3A%20Microsoft%20Information%20Protection%20sensitivity%20labels%20in%20Teams%2FSharePoint%20si%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1503358%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F410218%22%20target%3D%22_blank%22%3E%40Nip17%3C%2FA%3E%26nbsp%3B-%20thank%20you%20for%20your%20questions.%20On%20content%20marking%2C%20yes%20it%20is%20the%20current%20behavior%20that%20auto%20classified%20documents%20won't%20have%20content%20marking.%20We%20will%20take%20this%20feedback%20into%20consideration%20for%20future%20versions%20of%20the%20auto%20classification%20feature.%20For%20file%20types%20supported%20in%20auto%20labeling%20and%20additional%20details%20about%20this%20auto%20classification%20with%20sensitivity%20labels%20feature%2C%20please%20refer%20to%20this%20article%3A%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fmicrosoft-365%2Fcompliance%2Fapply-sensitivity-label-automatically%3Fview%3Do365-worldwide%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fmicrosoft-365%2Fcompliance%2Fapply-sensitivity-label-automatically%3Fview%3Do365-worldwide.%3C%2FA%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1503551%22%20slang%3D%22en-US%22%3ERe%3A%20General%20Availability%3A%20Microsoft%20Information%20Protection%20sensitivity%20labels%20in%20Teams%2FSharePoint%20si%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1503551%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F85036%22%20target%3D%22_blank%22%3E%40Sesha%20Mani%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3CP%3ECan%20you%20please%20tell%20me%20the%20license%20requirement%20for%20Auto-%20labeling.%26nbsp%3B%20On%20the%20last%20Microsoft%20session%2C%20I%20have%20attend%20mentioned%20only%20a%20couple%20of%20M%2FO%20E5%20license%20and%20all%20other%20users%20required%20only%20M%2FO%20E3.%26nbsp%3B%3C%2FP%3E%3CP%3EWhat%20Microsoft%20has%20mentioned%20is%20this%20auto-classification%20is%20an%20engine%20within%20admin%20control%2C%20would%20not%20necessarily%26nbsp%3Bend-user%20license%3C%2FP%3E%3CP%3E%3CBR%20%2F%3ECan%20please%20help%20me%20urgently.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThanks.%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1515604%22%20slang%3D%22en-US%22%3ERe%3A%20General%20Availability%3A%20Microsoft%20Information%20Protection%20sensitivity%20labels%20in%20Teams%2FSharePoint%20si%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1515604%22%20slang%3D%22en-US%22%3E%3CP%3EWe%20have%20a%20customer%20(lawyer%20office)%20concerned%20about%20employee%20downloading%20files%20from%20TEAMS%20and%20OneDrive%20and%20uploading%20it%20to%20their%20personal%20email%20address%20(%40Yahoo%2C%20%40gmail%20and%20etc).%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EIs%20there%20a%20way%20to%20restrict%20that%20labeled%20files%20to%20be%20used%20only%20on%20corporate%20computers%3F%3F%3F%20Like%20and%20encryption%20where%20even%20the%20user%20copying%20to%20home%20he%20cannot%20be%20handle%20it.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EAny%20help%20is%20appreciated.%3C%2FP%3E%3C%2FLINGO-BODY%3E
Microsoft

Ensure secure collaboration in scalable way with Microsoft Information Protection

 

Microsoft Information Protection is a built-in, intelligent, unified, and extensible solution to protect sensitive data across your enterprise – in Microsoft 365 cloud services, on-premises, third-party SaaS applications, and more. Microsoft Information Protection provides a unified set of capabilities to know your data, protect your data, and prevent data loss across Microsoft 365 apps (e.g. Word, PowerPoint, Excel, Outlook) and services (e.g. Teams, SharePoint, and Exchange).

  

Microsoft Information Protection’s sensitivity labels are central to how your business-critical data is protected, in a persistent way, throughout its lifecycle. Labels can be applied to protect documents (e.g. to encrypt an Excel file) and to containers (e.g. to restrict access to a confidential team or site from unmanaged devices).

 

We recently announced the general availability of both manual labeling in Office apps across all platforms and of automatic labeling for documents stored in SharePoint and Teams.

 

Today, we are excited to announce the general availability of sensitivity labels for Teams, SharePoint sites, and Microsoft 365 Groups. You can now associate a sensitivity label with policies related to privacy, external user membership, and unmanaged device access.

 

With users constantly creating and sharing sensitive data in Teams and on SharePoint sites, this capability allows for holistically securing sensitive content whether it is in a file or in a chat by managing access to these containers. This powerful capability, along with manual and auto-labeling of documents on SharePoint and Teams, helps you scale your data protection program to meet the proliferation of data and the challenge of secure collaboration while working remotely.

 

The first step to securing sensitive content in teams, sites and groups is to create sensitivity labels with policies. For example, you can create a sensitivity label called “Confidential” and specify that any team, site, or group created with this label will be private, that even a team or site owner cannot add users external to the organization and that unmanaged devices will be allowed web access only.

 

Figure 1: Admin specifying access policies during label creationFigure 1: Admin specifying access policies during label creation

 

Now a user creating a team, or a site can choose from your published labels, and all the underlying policies will apply automatically to that team or site. For example, if a user selects the “Confidential” label during a team creation, this new team will automatically restrict access to approved members in the organization and prevent addition of people external to the organization.

 

Figure 2: When team owner applies “Confidential” label, team and associated site are automatically set as privateFigure 2: When team owner applies “Confidential” label, team and associated site are automatically set as private

 

After a user creates the team, this “Confidential” label will appear in the upper-right corner of all channels within this team. Now, if users visit the SharePoint site associated with this team, they will also see the “Confidential” label, and all applied policies.

 

This capability enables you to protect sensitive content in a team or SharePoint site by managing people and device access to these containers. If you want to apply label-based encryption to protect individual documents stored in a team or SharePoint site, you can use auto-labeling or manual labeling. Together these powerful Microsoft Information Protection capabilities enable organizations to scale their data protection programs across a vast amount of data.

 

We are continuously expanding the capabilities of Microsoft Information Protection. You can see in this recent blog a summary of some of the investments we’ve made in the last two months. To learn more about the capability covered in this blog:

  • Read our online documentation with instructions to opt-in, configuration details, and links to a webinar with demos.
    • If you are using AAD classification, read this documentation for next steps
    • To see which apps and services support this capability, read this documentation page. To apply these labels on OneDrive, start here
  • This capability is included with Microsoft 365 E3 and Office 365 E3 plus AAD Premium P1 and above. Learn more about required licensing. If you are new to Microsoft 365, learn how to try or buy a subscription.
  • Please note that auto-labeling individual documents stored in team or SharePoint site requires either Microsoft 365 E5 or Compliance E5 or Information Protection & Governance E5 add-on SKU.

As you navigate this challenging time, we have additional resources to help. For more information about securing your organization in this time of crisis, visit our Remote Work site.

 

We’re here to help in any way we can.

 

Thank you!

 

Sesha Mani, Principal Group Program Manager, Microsoft 365 services

 

Tony Themelis, Principal PM Manager, Microsoft Information Protection

 

10 Comments
Occasional Contributor

Thank you. 

 

"To see which apps and services support this capability, read this documentation page". - The link is broken and receiving "forbidden"

Microsoft
Microsoft

@Mohan Seenippandian  - the link is updated now, it is here, thank you for pointing that out.

Occasional Contributor

@Sesha Mani  I m in the middle of implementation au-labeling for SharePoint and Onedrive in our organization.  The following are the requirements. 

  1. Documents must be classified automatically when a user uploads a document to the SharePoint site- Can do with Auto-labeling , already test 
  2. Content marking - any document classified must stamp with watermarks, as my understanding, we cannot do with auto-labeling. Any way to achieve this?  or even why when a user downloads the auto-classified document to the computer the user cannot see watermarks that we have defined under labels? is this because auto labeling not opening the document when its stamp with the label? 
  3. To overcome the 2nd issue I have tried with word templates, but then auto-labeling doesn't work with .doctx, will you be able to share a reference for all document types that support by the auto-labeling. Seems to be pdf also not supporting.

Thanks. 

Occasional Visitor

Thanks for the great description, this will be very useful for sites / teams handling confidential data. 

For restricting access to unmanaged devices using sensitivity label, does this require this feature to be enabled at the SPO access control level? Or it can be controlled at individual site, group or team level now?

Senior Member

Do you need a corresponding Session Control Conditional Access policy (Application enforced restrictions) for the unmanaged device settings to work?  

Microsoft

@Amit_Dobhal and @Chris_Clark_Netrix - Thank you for your compliment. For unmanaged device access policy, yes, this needs to be enabled at the SPO Access Control level to be permissive i.e. Full Access, which will automatically create a conditional access policy in AAD. Then, you can control at the individual site level by using this Sensitivity Label.

 

Refer to this documentation for the further instructions on enabling unmanaged device policy in SharePoint: https://docs.microsoft.com/en-us/sharepoint/control-access-from-unmanaged-devices.

Microsoft

@Nip17 - thank you for your questions. On content marking, yes it is the current behavior that auto classified documents won't have content marking. We will take this feedback into consideration for future versions of the auto classification feature. For file types supported in auto labeling and additional details about this auto classification with sensitivity labels feature, please refer to this article: 

https://docs.microsoft.com/en-us/microsoft-365/compliance/apply-sensitivity-label-automatically?view...

Occasional Contributor

@Sesha Mani 

Can you please tell me the license requirement for Auto- labeling.  On the last Microsoft session, I have attend mentioned only a couple of M/O E5 license and all other users required only M/O E3. 

What Microsoft has mentioned is this auto-classification is an engine within admin control, would not necessarily end-user license


Can please help me urgently.

 

Thanks. 

Contributor

We have a customer (lawyer office) concerned about employee downloading files from TEAMS and OneDrive and uploading it to their personal email address (@Yahoo, @gmail and etc).

 

Is there a way to restrict that labeled files to be used only on corporate computers??? Like and encryption where even the user copying to home he cannot be handle it.

 

Any help is appreciated.