Incident Response: Best Practices for Crafting a Plan
27th November 2023
Azure information protection is a cloud-based classification system which allows organisations to protect their data, documents, and e-mails by application of labels; you can track and control how each piece of content is used, analyse how they are being used, detect risky behaviour and deploy corrective measures, track access and prevent data leakage or misuse.
Information Protection is a cloud-based solution that classifies and protects business data, documents and e-mails either automatically, manually, or through a combination of both
Azure Information Protection benefits your organisation in the following key ways:
Azure Information Protection uses the Rights Management Service to protect organisational data and is integrated with other Microsoft cloud services and applications, including Microsoft 365 and Active Directory. It can also be integrated with third party business applications or your own internal application programs.
AIP uses encryption, identity, and authorisation policies to ensure you stay in control of your content no matter who it is shared with. Restrict access to, for example, only certain departments within your organisation, or within your organisation full stop, to prevent them being forwarded to third parties.
The information protection bar appears in office applications allowing end users to control and integrate AIP with all documents and emails. Predetermined labels such as confidential, general, highly sensitive, public can be set and the client will enable users to classify and protect additional file types easily, or revoke access when needed.
Retrospective and current
Protection can easily be applied to both data and documents as they are being created, but also scan for existing content to classify and protect them. This can be done either with on-premises storage using the AIP scanner, running as a service on Windows Server, applying the same policy rules across the board based on document content; or the scanner can apply a default label to all documents in a data repository without inspecting file contents. Reporting mode will allow you to discover sensitive information that may not have been previously detected. Alternatively, you can use Microsoft Cloud App Security to apply labels to any documents in cloud storage.