Jun 05 2019
06:48 AM
- last edited on
May 24 2021
02:06 PM
by
TechCommunityAP
Jun 05 2019
06:48 AM
- last edited on
May 24 2021
02:06 PM
by
TechCommunityAP
Hi together
When configuring AIP Labels in Azure Information Protection, it has been possible to don't select any users and select OK on this blade, followed by Save on the Label blade.
The label is configured to apply protection such that only the person who applies the label can open the document or email with no restrictions, which is a use case at a customer.
When configuring a sensitivity (universal) label in the Security & Compliane Admin Center, this seems to be not possible. As soon as you choose "Encryption", you kind of have to assign at least one permission to be able to save the label.
Is therefore the above "Use Case" not possible anymore with Sensitivity Labels? Or do I miss something?
Jun 12 2019 09:54 PM
@Patrick Steiner In the short term, once User Defined Protection is available in Unified Labeling a user should be able to select a label with that option and then choose the "Only me" option in the permissions dialog. This is being worked on.
This is slightly different form a label with admin defined permissions that only grants permissions to the owner, since it requires two more clicks for the user, but it achieves the same result.
@Patrick Steiner wrote:
Hi together
When configuring AIP Labels in Azure Information Protection, it has been possible to don't select any users and select OK on this blade, followed by Save on the Label blade.
The label is configured to apply protection such that only the person who applies the label can open the document or email with no restrictions, which is a use case at a customer.
When configuring a sensitivity (universal) label in the Security & Compliane Admin Center, this seems to be not possible. As soon as you choose "Encryption", you kind of have to assign at least one permission to be able to save the label.
Is therefore the above "Use Case" not possible anymore with Sensitivity Labels? Or do I miss something?
Jun 26 2019 04:51 AM
Jul 22 2019 10:44 AM
I understand any inconsistency is a nuisance, but these are two different UIs built by different product teams (the UL management interface is part of Office 365, not AIP itself), and the UL UI has additional scenarios to consider, so it is understandable that there are and there will always be differences. That said, there's no specific reason why the UL UI would not have this same ability, so feel free to file a bug or a DCR against the Office 365 SCC portal to request that they add the ability to create a policy with protection but no rights assigned (other than to the owner).