Azure Information Protection – Protection & Automatic Labelling
This marks the first post on Azure Information Protection. In this post I am going to go through creating a label which will be automatically applied to a new document when a specific keyword appears. This label will also contain protection.
The first step is to create a new label, in Azure Information Protection I can navigate to Labels > Add a new Label.
- Enter a Name
- Enter a Description
- Set the permissions containing this label to “Protect”
- Set Documents with this label have a footer to on (Optional)
- Enter the Text for the Footer (Optional)
- Choose Azure Cloud Key under Protect
In this example i am going to set permissions for all members of the T67 Tenant to have co-owner rights to an internal only labelled doc.
- Choose Add Permissions
- Click Add “Company Name” – All Members
- Choose Ok and then Ok again
- Next I want to add conditions for automatic labelling. I can do this by going to “add a new condition”
- Select Custom
- Enter a name for the condition
- Under Match Exact Phrase or Pattern i am going to Choose “T67 Services”
- Click Save
- Select Automatic so that the protection is automatically applied when the condition matches. You can change the default policy tip wording if you wish.
- I can now save the Label
- Next I am going to add the label to my global policy for all users.
- Select Policies
- Click on the global policy
- Choose Add or Remove Label
- Tick “Internal Only” or whatever you named your label
- Click Ok
- Click Save
End User Experience
I am now going to open Word on a device which has the Azure Information Protection client installed. I created a blank document and typed “T67 Services” (which was my condition) and then saved the document. As you can see the document was automatically labelled with “Internal Only”.
It is not only documents which can apply a label. You can also do this for emails. I am going to create an email and label this as internal only and send to my personal gmail account
As expected I am unable to view the message as I am not part of the T67 Services tenant
Thanks for reading my first AIP Post, I will be covering a range of AIP Scenarios in a series of posts.