Oct 08 2018
- last edited on
May 24 2021
I am testing Azure information protection and it seems like an easy to use product.
My only question is it safe enough?
i tried to send an email to my gmail account with full rights, but with the authenticatedusers permission.
i than took the link i got in my mail and adjusted the link with another email and it was no trouble so sign in wit the other mail. is that supposed to be like that?
that make me question the rest of the security of the product.
Oct 14 2018 10:33 AMSolution
When you say "authenticatedusers permission", are you referring to the option "Add any authenticated user" option in the Azure portal? If yes, did you read up about this option, more information here and includes:
This setting doesn't restrict who can access the content that the label protects, while still encrypting the content and providing you with options to restrict how the content can be used (permissions), and accessed (expiry and offline access).
Some typical scenarios for the any authenticated users setting:
So if you want to restrict the email to specific Gmail users, you must use a different configuration. For example, specify the Gmail accounts in the label configuration (the admin controls the user access) or use the User-defined option of Do Not Forward (the user controls the user access). For different configurations that are possible, you might find it useful to look over the examples at the end of the documentation I quoted.
Oct 15 2018 04:40 AM
And thank you! Yes you have understood me correct.
This explains what i didnt get.
But is there a way to ensure only the external emailaccount you send to can open the dokument?
will do not forward button solv that?
Oct 15 2018 08:28 AM
Yes, you can use the Do Not Forward option - which means that end users rather than admins control who can open the email. You can implement the Do Not Forward option in many ways, which does include the Do Not Forward button as an Azure Information Protection policy setting. But you can also implement it with a label that is displayed only in Outlook, with the user-defined permissions configuration (see the first example in the link I provided). When you use this configuration rather than the Do Not Forward button, it has the benefit that the email is classified as well as protected.
Nov 01 2018 04:08 AM
Helo, again :)
i am trying to send a mail with an attacment and only want the email to be cryptated, not the attachement.
how can i proceed to do that?
when i use the do not forward button, the receiver can not download and edit the document.
that happens even if i have set a label with no restrictions on the dokument.
appreciate anny help.
Nov 01 2018 06:07 AM
Nov 01 2018 06:42 AM
i tryed to label it wit a label that doesnt have any protection, but that didnt work. must the label have a protection?
Nov 01 2018 06:47 AM