Encryption Settings for Documents Leaving the Organisation

%3CLINGO-SUB%20id%3D%22lingo-sub-2752072%22%20slang%3D%22en-US%22%3EEncryption%20Settings%20for%20Documents%20Leaving%20the%20Organisation%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2752072%22%20slang%3D%22en-US%22%3E%3CP%3EHello%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20am%20exploring%20MIP%20in%20greater%20detail%20and%20have%20a%20query%20about%20what%20might%20happen%20with%20a%20couple%20of%20specific%20scenarios.%20I%20was%20hoping%20an%20expert%20out%20there%20might%20be%20able%20to%20please%20clarify.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EOrganisation%20A%20sets%20up%20Unified%20Labelling%20with%20a%20%22confidential%22%20classification%20label%20and%20applies%20it%20to%20a%20document.%20The%20protection%20settings%20within%20organisation%20A%20for%20documents%20of%20this%20type%20insert%20the%20word%20%22Confidential%22%20in%20the%20header%20and%20footer%20of%20the%20document%20and%20apply%20encryption%20that%20only%20members%20of%20organisation%20A%20can%20read%20the%20contents.%20If%20this%20document%20is%20then%20accidentally%20sent%20as%20an%20attachment%20to%20an%20email%20to%20Organisation%20B%2C%20what%20would%20the%20expectation%20be%20for%20what%20the%20unintended%20recipient%20could%20do%20with%20it%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EMy%20expectation%20would%20be%20that%20the%20item%20should%20not%20be%20opened%20at%20all%20but%20if%20it%20was%2C%20then%20I%20would%20expect%20the%20header%20and%20footer%20could%20not%20be%20changed.%20Would%20this%20be%20correct%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThe%202nd%20scenario%20I%20have%2C%20is%20if%20organisation%20A%20has%20a%20label%20of%20%22public%22%20for%20example%20for%20a%20particular%20item.%20If%20this%20is%20sent%20out%20to%20organisation%20B%20who%20receive%20it%20but%20then%20store%20it%20in%20SharePoint%20with%20their%20own%20protection%20settings%20against%20the%20item%20from%20a%20label%20of%20their%20own%2C%20are%20the%20values%20combined%20somehow%3F%20If%20the%20item%20is%20sent%20back%20to%20Org%20A%2C%26nbsp%3B%20will%20it%20now%20have%20organisation%20B's%20protection%20settings%20only%20or%20a%20combination%20of%20both%3F%20One%20option%20we%20have%20for%20example%20is%20to%20remove%20encryption%20from%20an%20item%20if%20we%20choose%20to%20so%20would%20that%20mean%20we%20could%20effectively%20decrypt%20and%20remove%20such%20controls%20if%20the%20right%20label%20was%20applied%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-2752072%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EData%20Loss%20Prevention%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
Occasional Contributor

Hello,

 

I am exploring MIP in greater detail and have a query about what might happen with a couple of specific scenarios. I was hoping an expert out there might be able to please clarify.

 

Organisation A sets up Unified Labelling with a "confidential" classification label and applies it to a document. The protection settings within organisation A for documents of this type insert the word "Confidential" in the header and footer of the document and apply encryption that only members of organisation A can read the contents. If this document is then accidentally sent as an attachment to an email to Organisation B, what would the expectation be for what the unintended recipient could do with it?

 

My expectation would be that the item should not be opened at all but if it was, then I would expect the header and footer could not be changed. Would this be correct?

 

The 2nd scenario I have, is if organisation A has a label of "public" for example for a particular item. If this is sent out to organisation B who receive it but then store it in SharePoint with their own protection settings against the item from a label of their own, are the values combined somehow? If the item is sent back to Org A,  will it now have organisation B's protection settings only or a combination of both? One option we have for example is to remove encryption from an item if we choose to so would that mean we could effectively decrypt and remove such controls if the right label was applied?

1 Reply
As an ex-Ultima employee I feel compelled to offer some help - connect with me via LinkedIn and we can take this offline.

Say G'Day to Garry and Matt for me