Azure Information Protection

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Add policy setting to stop removal or downgrade of labels

    Expand policy options to stop removal or downgrade of labels. The existing policy to require a Justification is inadequate, we require a way of stopping changing the label on emails when forwarding/replying and documents (except by document author)

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Done  ·  0 comments  ·  Labelling  ·  Flag idea as inappropriate…  ·  Admin →
  2. Pop-up warning when email is sent to somebody who isn't a member of the protected group

    After configuring labels that set protection for a department, emails have one of these labels applied is legitimately sent to somebody who isn't a member of that group. The person who is not part of the group is unable to read the message.

    Can you please add a warning message saying that the "The person who is not part of the group is unable to read the message" or something like that.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Office Clients  ·  Flag idea as inappropriate…  ·  Admin →
  3. Enable to set the same label to a different scoped policy

    Enable to set the same label to a different scoped policy.
    Currently, one label can be assigned to one policy. it is impossible to set following.

    "Scoped Policy 1"

    - Label A
    - Label B
    - All documents and emails must have a lavel: ON

    "Scoped Policy 2"
    - Label A
    - Label B
    - All documents and emails must have a lavel: OFF

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  User Experience  ·  Flag idea as inappropriate…  ·  Admin →
  4. Applying Unified Labels with user-defined permission should produce an error in unsupported platforms

    according to this article https://docs.microsoft.com/en-us/azure/information-protection/configure-policy-migrate-labels it is possible to apply Unified Label with user-defined permissions when a preview release of AIP v2 client is installed. however, for Office on Mac/iOS/Android, the behaviour is that "Users are not prompted for custom permissions and no protection is applied ". this give a false sense of security to the users. instead of failing silently, an error should be displayed to the users

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Labelling  ·  Flag idea as inappropriate…  ·  Admin →
  5. Enable the use of custom sensitive information types in AIP

    Documentation page https://docs.microsoft.com/en-us/azure/information-protection/configure-policy-classification states that any custom sensitive information types that have been defined in Office 365 cannot be used in configuring AIP Labels. Please enable the possibility to use custom sensitive information types as well as the Microsoft defined sensitive informantion types.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Office 365 and EMS  ·  Flag idea as inappropriate…  ·  Admin →
  6. Allow customers to disable Client Logs (\MSIPC\Logs)

    In FCI scenario, Client logs folder requires very large capacity.
    Therefore, We want to disable outputting the logs.

    e.g. many logs file are created in following folder.
    %Localappdata%\Microsoft\MSIPC\Logs
    %Programdata%\Microsoft\MSIPC\Logs

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  User Experience  ·  Flag idea as inappropriate…  ·  Admin →
  7. Only emails must have a label

    We need the granularity to force users to apply labels to emails without them also having to apply labels to documents too.

    This would allow us to move away from third party products that are being used to label emails.

    This is really quite critical for us.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    7 comments  ·  Labelling  ·  Flag idea as inappropriate…  ·  Admin →
  8. Expose labels as document properties for use in customs headers

    All organisations I've worked for use document templates (mostly Word) with headers full of tables. In those tables the document metadata is shown, such as title, page numbers, document tracking ID etc. One piece of metadata is the classification label. To avoid having to set that label manually, it would be excellent to be able to extract the AIP label from metadata, and the format it in the usual way.

    It is usually not an option to use the markings feature of AIP, since it then looks like a two-year-old prepared the document. The headers are in the wrong place…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    5 comments  ·  Labelling  ·  Flag idea as inappropriate…  ·  Admin →

    This is already possible!
    Just insert a field code in the document header, with the following value:{DOCPROPERTY Sensitivity}
    See https://www.howtogeek.com/217440/how-to-insert-built-in-and-custom-advanced-properties-into-a-word-document/ for a handy guide into how to use custom document properties in a field code.
    “Sensitivity” is the most useful field for a case like what is described in this request, but all other AIP field codes (prefixed with MSIP_Label) can be used as well.

  9. EnablePolicyDownload=0 is easily overridden if an end user chooses to login

    We are looking at deploying AIP and will have a hybrid solution, AIP as well with AD RMS. We need to for non AIP licensed users to not see the label bar and they will continue to leverage RMS for protection. We have noticed with this key being set to 0, if a user chooses help, there is an option to login to AIP. Which in turn changes the key to 1, which downloads the templates and displays the label bar. Now if a user decides to try and click on a label, they of course get an error message…

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  User Experience  ·  Flag idea as inappropriate…  ·  Admin →
  10. Revoke - Less than 30 days (user-defined permissions)

    Allow revocation of under 30 days for 'user-defined' protection.

    AIP is great for classifcation and labelling but the ability to offer IRM can be questioned across some controls.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Doc Tracking  ·  Flag idea as inappropriate…  ·  Admin →
  11. Share protected/labelled documents externally

    SME...
    Protected their internal client documents. Great.
    Now what if they want to send one of these documents externally, the external recipient (unless they're using Azure and have permissions to open this) wouldn't be able to access the attachment!
    A custom policy that does that would be useful.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Protection  ·  Flag idea as inappropriate…  ·  Admin →

    Office 365 Messaging Encryption is already able to do this.
    If the content is sent via email (using Exchange Online) you can set the policy to automatically classify the email with the same policy in the document, which will in turn grant the ability for the recipient to open it without installing any software and without creating an account.
    If the issue is that the existing policy in the document does not grant rights to the external user, you can create a transport rule in Exchange which replaces protection with Do Not Forward or Encrypt Only (though of course, you will want to implement additional controls to ensure the data only goes to people you want it to go to).
    There are third party additions to AIP that allow users to request shareable versions of the content, if you want to implement the process above with some form of workflows…

  12. Shared Mailbox and ticketingsystem support

    This is really a grooving problem right now with GDPR.
    I can see a big increase in incoming OME/DNF to all my customers tenants. Many use shared mailboxes or ticketing systems and cannot open these mails and attached documents.

    For example a customer with AIP implemented, they work with both partners and customers. Many of their services use Shared mailboxes. Multiple users handle these requests.
    Now multiple partners has started to use OME and DNF encryption. When they send sensitive information to these shared mailboxes, no one can read.

    Same situation with the opposite, If they send OME DNF to…

    30 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Protection  ·  Flag idea as inappropriate…  ·  Admin →
  13. 1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Office 365 and EMS  ·  Flag idea as inappropriate…  ·  Admin →
  14. Allow custom email x-headers defined per label

    Allow custom email x-headers to be defined per label to allow compliance with various country email labelling standards for government.

    13 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Labelling  ·  Flag idea as inappropriate…  ·  Admin →
  15. Make Word Track Changes functional with Co-Author permissions

    Word's "Track Changes" feature is disabled on RMS-protected files unless the signed in user has all permissions.
    It's a known shortcoming described "as designed".
    https://support.microsoft.com/en-us/help/2004302/word-track-changes-functionality-disabled-when-rights-management-servi

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Office Clients  ·  Flag idea as inappropriate…  ·  Admin →
  16. Ability to search existing label on a document and apply to email label

    When a file is attached via email. The label is not updated based on what the document has. The user selects the label, which can be different from the document classification. The highest level of the label should apply either by email or document.

    7 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Labelling  ·  Flag idea as inappropriate…  ·  Admin →
  17. Add support for Intune MAM to AIP iOS App

    Allow Intune to configure and apply MAM policies on the AIP viewer mobile app for iOS

    20 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Done  ·  0 comments  ·  Protection  ·  Flag idea as inappropriate…  ·  Admin →
  18. Perform a lookup and notify user when an email recipient is not included in the policy attached to the label being used.

    Email users do not know the backend configuration of AIP protected labels so when they send a protected email they will not know if a recipient will be able to have access to it as intended. It would be possible to perform a lookup in order to match email recipients with AIP protection policy users and notify emails sender if the intended recipient would not be able to access an email because they are not members of the protection policy. This will enable email sender to take the necessary steps required to mitigate this situation.

    7 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Labelling  ·  Flag idea as inappropriate…  ·  Admin →
  19. Apply a default label with AIP Scanner

    Enable the AIP scanner to apply a default label to all scanned documents. Except those where any automatic classification rule applies.
    E.g. AIP Scanner is used to scan a file share with 10 files. Only one file contains a credit card number or so and will be classified as confidential. The other nine files should get the default classification, configured at the AIP portal or given as run parameter for aip scanner.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Done  ·  1 comment  ·  Protection  ·  Flag idea as inappropriate…  ·  Admin →
  20. Encrypt Only Email Option

    Similar to the new Do Not Forward option, have an option that simply encrypts the email to the recipient. With the AIP templates not able to utilize 'all external recipients' and the DNF being too restrictive we still need to use a third party for email encryption. The downloading of a .html file is not feasible to implement with thousands of clients and the hand holding that is required.

    130 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    24 comments  ·  Office 365 and EMS  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3
  • Don't see your idea?

Feedback and Knowledge Base