Sensitivity label owner

Julian12 · ‎Feb 24 2021

Hi,

I'm currently testing with sensitivity labels for some customers and during tests I found some serious issues with this technology.

As far as I checked and the MS documentation wants to tell me, the first person applying a label is the label/document owner for all eternity^^

So how can I change this programmatically and what happens when this person has left the company?
Who is then the owner or can this label never be changed?
Thanks and Regards!

mmancina · ‎Mar 01 2021

Hi Julian, we had a similar discussion with a client. If the file is not protected then this should be not a problem, because every user should be able to change the label. If the file is protected(encryped) than you can use the AIP Super User to decrypt the file and than you can apply the label again with the new owner. Anyhow this should be somehow included in the Joiner/Mover/Leaver process and depending on the size of the company this can get pretty complex.

Julian12 · ‎Mar 03 2021

@mmancinaHi mmancina, thanks for your reply.

Can you tell me what you mean with the AIP Super User? Which user account is meant or do you mena the normal change label process to unprotect and reprotect again?

Regards

Julian

Julian12 · ‎Mar 03 2021

Check this out: https://docs.microsoft.com/en-us/azure/information-protection/configure-super-users

You can build your own business process around it and even create PowerShell scripts to do it automatically.

ChudiEzeks · ‎Nov 14 2022

@mmancinayou could also create a group on Azure AD and have this group designated for AIP super users. That should help with managing that right.

Sensitivity label owner

Sensitivity label owner

Re: Sensitivity label owner

Re: Sensitivity label owner

Re: Sensitivity label owner

Re: Sensitivity label owner

Products (65)

Special Topics (44)

Video Hub (444)

Most Active Hubs

Most Active Hubs

Video Hub

Sensitivity label owner