Blog Post

Security, Compliance, and Identity Blog
5 MIN READ

Microsoft Information Protection SDK @RSA Conference 2019

Kartik Kanakasabesan's avatar
Mar 05, 2019

Last year we publicly announced the Microsoft Information Protection solutions (MIP) SDK at the 2018 RSA Conference. Over the past 11 months, both Microsoft and our partners have been busy building integrations and expanding the reach of Microsoft Information Protection both within our own solutions and across our ecosystem of partners.

 

Microsoft Intelligent Security Association (MISA) and Microsoft Information Protection


We have simplified the engagement model for partners who want to integrate their solutions with Microsoft Information Protection. Now partners can join the Microsoft Intelligent Security Alliance (MISA), which enables them to integrate with the MIP SDK as well as integrate with other Microsoft security solutions. Learn more details on how to get started.

Microsoft Information Protection SDK Releases


The MIP SDK became generally available at the Microsoft Ignite conference in late 2018. Since then, we have released another update in January 2019 - and the next update will be in the next few months. Please review the following resources to find out more details on what is available in the MIP SDK releases.
Details on the MIP SDK 1.0 capabilities
Details on the MIP SDK 1.1 capabilities
With the 1.1 SDK, we now have complete coverage of Microsoft Information Protection for labeling and protection on all major operating systems - Windows, macOS, Linux (Debian, Redhat, CentOS, Ubuntu), iOS, and Android. If you have not yet developed an integration, we recommend that you start with the MIP SDK 1.1. If you already have an integration using the MIP SDK 1.0, please plan your update to version 1.1 since there a few capabilities within it that might be of interest such as support for on-premises rights management. For more details on the capabilities are captured at this link

 

Partner Integrations with the MIP SDK


While the MIP SDK was released just over 5 months ago, there are already several partners that have released their integration as generally available or are in the process of releasing their integration.
Partners who have integrated with Microsoft Information Protection solutions


Adobe (Generally Available)


PDFs now support native integration with information protection. The relationship between Microsoft and Adobe has made the PDF experience within the MIP ecosystem a more high-fidelity experience for users. Our first set of use cases help in the consumption scenarios of protected PDFs with MIP. Adobe Acrobat Reader on Windows can now consume labeled and protected PDF documents. Unlike past integrations where the PDF documents extension changed upon protecting, with the new integration when a PDF document is labeled and protected the extension remains as a .pdf. The Adobe Acrobat Reader solution recognizes the PDF is protected and proceed to prompt the user to open the PDF documents provided the user has the right set of rights to open the document.

 

Adobe Integration with Microsoft Information Protection Solutions

 

Forcepoint (Generally Available)


For many years, customers have trusted Forcepoint’s DLP to satisfy compliance regulations and protect their intellectual property. With the enforcement of the GDPR regulation, the focus on classifying and protecting data, wherever it resides, has become of utmost importance. Forcepoint and Microsoft are partnering to extend protection offered by Microsoft Information Protection solutions to customers’ on-premises digital estate.
Forcepoint’s ecosystem of data classification partnerships allows for joint customers to experience the best that both solutions have to offer. When data resides in Microsoft’s cloud services, customers can take advantage of the classification system that Microsoft provides. Forcepoint ensures that Microsoft Information Protection classification, labeling and data protection can be automatically applied to sensitive data on managed endpoints, within the customer’s datacenter infrastructure or within sanctioned cloud applications.
Forcepoint products also work to provide the appropriate visibility, access and data protection in public or hybrid cloud environments. Customers looking to protect data in Office 365 and other SaaS apps can do so thanks to this interoperability. Organizations can proactively apply policies governing the use of cloud-hosted files to help ensure compliance and deliver uniform visibility and control over cloud-hosted information assets, based on classification applied by Microsoft Information Protection solutions. For more details please visit http://www.forcepoint.com

 

 

Forcepoint DLP Administration console with MIP Labels

 

 

Palo Alto Networks (Generally Available)


Palo Alto Networks Next Generation Firewalls can now detect documents that are using Microsoft Information Protection labels, allowing you to enforce policies at the network level that can prevent sensitive information from being sent outside of your organization. Administrators can craft policies to alert on sensitive documents traversing the firewall, prevent highly confidential documents from leaving the network, and track the flow of these documents to sanctioned SaaS applications, such as a corporate file repository or data room. This will work for both protected and unprotected file types. To find out more, please refer to their documentation.

 

Palo Alto Firewall software integration with MIP labels

Trustwave (Generally Available)


Trustwave’s Secure Email Gateway Product can now reason over protected emails and determine if the protected content being sent complies with company policy. In addition, email remains the largest attack surface with malicious web links data leakage from attachments due to breakdowns in protection control. Trustwave’s solution provides protection against an evolving threat landscape. For more details please go to the following location

 

An MIP email reasoned upon by Trustwave's Secure Email Gateway

 

Informatica Secure@Source (under development)


Microsoft and Informatica are offering a unified approach to data protection, privacy and regulatory risk mitigation across devices, the modern workplace, Azure Data Services and on-premises and other data repositories. By synchronizing policy and sensitive data definitions between Microsoft Information Protection solutions and Informatica’s Secure@Source intelligent data privacy and protection platform, the office of the CISO can have a “single pane-of-glass” view into the proliferation of sensitive data throughout the enterprise and aggregate risk profiles for key regulations such as GDPR compliance.
In addition, Microsoft Information Protection solutions and Secure@Source provide data protection components that can encrypt and mask sensitive data inside and outside of the enterprise - not only detecting sensitive data but also protecting it. “Today, sensitive data can be found in the cloud, on-premises, on the desktop, within SaaS applications and 3rd-party data services - a bigger range of data repositories than ever before.“ said Jitesh Ghai, SVP and GM Data Quality, Security and Data Governance at Informatica. “When you compound this data proliferation with today’s regulatory compliance requirements, being able to offer a unified, comprehensive solution with Microsoft to reduce risk and protect data for today’s enterprises is truly ground breaking.” Please visit http://informatica.com

 

Informatica Secure@Source integration with MIP labels

Digital Guardian (under development)


Using the Microsoft Information Protection (MIP) SDK, Microsoft and Digital Guardian customers can extend their data protection policy to automatically label and protect files. By combining Microsoft Information Protection solutions with Digital Guardian's rich visibility into file classification and controls, companies are better able to safeguard sensitive files from egress, whether it be through outbound email messages, cloud uploads and downloads, or files being copied to external storage. The integration will also assist organizations when it comes to securely collaborating with external parties. For more details on this integration visit http://www.digitalguardian.com

 

 

Digital Guardian Endpoint DLP integration with Microsoft Information Protection SDK

 

 

 

As you can we are excited about the potential we have unlocked for our partners with the new MIP SDK. Please try out our new SDK by downloading it from http://aka.ms/mipsdkbinaries . We are looking forward to your feedback

Updated May 11, 2021
Version 6.0
No CommentsBe the first to comment