Azure Information Protection
Azure Information Protection (AIP) protects documents on your endpoint, at rest, in the data center and when sent outside your network. AIP can apply policies and labelling to your documents based on keywords or number combinations. AIP will work on metadata in the documents stored locally on endpoints, file servers, Dropbox or in SharePoint, to name but a few. This is an essential tool if you are trying to address the EU’s ‘GDPR directive’, as a user could ‘revoke’ access to the file from that point on.
AIP offers your organization 3 main data protection features;
Firstly, we can set policies that will control and define how user classify sensitive information like credit cards, social security numbers and health records for example.
Secondly, we can create a catch all net that will automatically detect sensitive information even if the user has not labeled it correctly.
Lastly, we can setup protection policies that prevent data sharing of documents by restricting the ability to print, forward or even view the document in a screen sharing application like Skype for Business or GoToMeeting for example. If you are using O365, all the underlying infrastructure is being secured for you by Microsoft. All the data however that you produce, the World Docs, emails, Excel spreadsheets, it is your responsibility to provide the protection, and Azure Information Protection is your tool to help you do exactly that.