The Documentation for Azure Information Protection has been updated on the web and the latest content has an October 2018 (or later) date at the top of the article.
This month continues to see supporting documentation for releases that you might have heard about at the Microsoft Ignite conference in Orlando. For example, the preview release of the Azure Information Protection unified labeling client that downloads labels and policy from the Office 365 Security & Compliance Center. And as usual, we have regular updates from your feedback and questions.
Final reminder: Catch up with the rollup summary for Ignite 2018: Announcing availability of information protection capabilities to help protect your sensitive data
We listen to your feedback and try to incorporate it whenever possible. Let me know if you have feedback about the technical documentation and I also encourage you to head over to our Yammer site to see what others are discussing.
What's new in the documentation for Azure Information Protection, October 2018
Azure Information Protection Premium Government Service Description
- New documentation that was published at the beginning of the month, but so important that we also added a quick update for it in last month's post after it was published. The Enterprise Mobility + Security for US Government Service Description is also updated to include information about Azure Information Protection in the Parity with EMS Commercial Offerings section.
Frequently asked questions for Azure Information Protection
- New entry to help address any confusion around "Microsoft Information Protection": What's the difference between Azure Information Protection and Microsoft Information Protection?
Also updated the entry for using Azure AD conditional access (still in preview for Azure Information Protection), with a new bullet to clarify that if you use MFA in your conditional access policies for collaborating with other organizations ("B2B"), you must use Azure AD B2B collaboration and manually create guest accounts.
Applications that support Azure Rights Management data protection
- Updated the table in the RMS-enlightened application section, to remove the PDF column. This information is now moved to the new page, Supported PDF readers for Microsoft Information Protection.
Azure Information Protection deployment roadmap
- Updated the deployment roadmap for classification, labeling, and protection. The steps now include how you might deploy the scanner using different configurations for different stages of your deployment:
Planning and implementing your Azure Information Protection tenant key
- Updated the Instructions for BYOK to include the Azure portal configuration steps for authorizing the Azure Rights Management service to use the key in Key Vault.
Configuring usage rights for Azure Rights Management
- Updated the Encrypt-Only option for emails section, to include this option as a newly available Office 365 DLP action.
Configuring super users for Azure Rights Management and discovery services or data recovery
- New section, Guidance for using Unprotect-RMSFile for eDiscovery.
How to configure the policy settings for Azure Information Protection
- Updated the description of the All documents and emails must have a label setting (also known as mandatory labeling) to clarify that this option does not apply to PowerShell.
How to configure a label for Rights Management protection
- Updated to remove the preview statements for the Add any authenticated users option, now that the release status for this feature has changed to generally available (GA).
How to configure a label for visual markings for Azure Information Protection
- Updated the additional information list with information about maximum string lengths supported, and a warning that Excel's lower string length supported can result in truncated text.
Refreshing templates for users and services
- Updated for the Azure Information Protection unified labeling client and Office apps that natively support unified labels by using the Sensitivity feature.
How to migrate Azure Information Protection labels to the Office 365 Security & Compliance Center
- New section for organizations who use the Azure AD roles of Security Administrator or Information Protection Administrator, Important information about administrative roles. If you have users who are granted either of these roles to manage Azure Information Protection, grant them the Compliance Administrator role for the Office 365 Security & Compliance Center if you want them to continue to have access to the labels and policies in the Azure portal. Also added the prerequisite that you must be signed in as a global admin to migrate your labels.
Also updated the Clients that support unified labeling section to include the Azure Information Protection unified labeling client for Windows.
Deploying the Azure Information Protection scanner to automatically classify and protect files
- Updated for the following:
Central reporting for Azure Information Protection
- Updated the How to modify the reports section, with the information that the logged data is stored in the InformationProtectionLogs_CL table.
Supported PDF readers for Microsoft Information Protection
- New page for end users who need to open classified and protected PDFs. This page provides high-level information about the collaboration between Microsoft and Adobe that resulted in the recently released new Adobe reader (in preview), links to download readers that support the ISO standard for PDF encryption, and information about older formats and supported readers for these.
Azure Information Protection client: Version release history and support policy
- Now that version 1.10.56.0 is out of support, the section for this release is now removed. In addition, the preview release section is updated for known issues with the scanner, and a link to the information about the new preview release of the unified labeling client.
Admin Guide: File types supported by the Azure Information Protection client
- Added a new section for the scanner, To scan .zip files.
Azure Information Protection unified labeling client: Version release information
- New article, which covers what's included and excluded in this first preview version of the unified labeling client that downloads policy and sensitivity labels from the Office 365 Security & Compliance Center.
Download and install the Azure Information Protection unified labeling client
- New article, with instructions for an interactive user install.
User Guide: View and use files that have been protected by Rights Management
- Updated with the clarification that the Save As button in the viewer is available only for protected files.
PowerShell: Get-AIPScannerStatus
- Updated the possible values for the current version of the scanner:
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.