Azure Information Protection

All ideas that relate to Azure Information Protection (AIP)

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Only emails must have a label

    We need the granularity to force users to apply labels to emails without them also having to apply labels to documents too.

    This would allow us to move away from third party products that are being used to label emails.

    This is really quite critical for us.

    2 votes
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    6 comments  ·  Labelling  ·  Flag idea as inappropriate…  ·  Admin →
  2. Enable the use of custom sensitive information types in AIP

    Documentation page https://docs.microsoft.com/en-us/azure/information-protection/configure-policy-classification states that any custom sensitive information types that have been defined in Office 365 cannot be used in configuring AIP Labels. Please enable the possibility to use custom sensitive information types as well as the Microsoft defined sensitive informantion types.

    1 vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Office 365 and EMS  ·  Flag idea as inappropriate…  ·  Admin →
  3. Allow customers to disable Client Logs (\MSIPC\Logs)

    In FCI scenario, Client logs folder requires very large capacity.
    Therefore, We want to disable outputting the logs.

    e.g. many logs file are created in following folder.
    %Localappdata%\Microsoft\MSIPC\Logs
    %Programdata%\Microsoft\MSIPC\Logs

    1 vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  User Experience  ·  Flag idea as inappropriate…  ·  Admin →
  4. Enable AIP in Office Mobile Clients

    Integrate AIP functions into Office on iOS and Android

    191 votes
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    18 comments  ·  Mobile Apps  ·  Flag idea as inappropriate…  ·  Admin →
  5. Integrate AIP natively into Office for Mac

    Integrate AIP into the Office for Mac client

    149 votes
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Done  ·  22 comments  ·  Office Clients  ·  Flag idea as inappropriate…  ·  Admin →
  6. Adobe Reader and Acrobat Pro support AIP

    Update Adobe Reader and Acrobat Pro to support AIP

    120 votes
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    21 comments  ·  3rd Party Applications  ·  Flag idea as inappropriate…  ·  Admin →
  7. AIP supportability for Office 365 Business Premium Subscriptions

    Azure Information Protection is only supported for E3 and E5 plans at the moment. Business Premium supportability is critical as lots of our clients are obligated by this barrier.

    39 votes
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    9 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →

    In the coming AIP September GA we will update the Office client requirement with the following:

    “Office 365 with Office 2016 apps (minimum version 1805, build 9330.2078) when the user is assigned a license for Azure Rights Management (also known as Azure Information Protection for Office 365)”

    This will allow the support of the AIP client to use protection labels in other Office subscriptions which are not ProPlus. This will require the use of Office clients which are newer then the version mentioned above and the end user should be assigned with the proper licence.

  8. Expose labels as document properties for use in customs headers

    All organisations I've worked for use document templates (mostly Word) with headers full of tables. In those tables the document metadata is shown, such as title, page numbers, document tracking ID etc. One piece of metadata is the classification label. To avoid having to set that label manually, it would be excellent to be able to extract the AIP label from metadata, and the format it in the usual way.

    It is usually not an option to use the markings feature of AIP, since it then looks like a two-year-old prepared the document. The headers are in the wrong place…

    1 vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    5 comments  ·  Labelling  ·  Flag idea as inappropriate…  ·  Admin →

    This is already possible!
    Just insert a field code in the document header, with the following value:{DOCPROPERTY Sensitivity}
    See https://www.howtogeek.com/217440/how-to-insert-built-in-and-custom-advanced-properties-into-a-word-document/ for a handy guide into how to use custom document properties in a field code.
    “Sensitivity” is the most useful field for a case like what is described in this request, but all other AIP field codes (prefixed with MSIP_Label) can be used as well.

  9. Revoke - Less than 30 days (user-defined permissions)

    Allow revocation of under 30 days for 'user-defined' protection.

    AIP is great for classifcation and labelling but the ability to offer IRM can be questioned across some controls.

    2 votes
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Doc Tracking  ·  Flag idea as inappropriate…  ·  Admin →
  10. Share protected/labelled documents externally

    SME...
    Protected their internal client documents. Great.
    Now what if they want to send one of these documents externally, the external recipient (unless they're using Azure and have permissions to open this) wouldn't be able to access the attachment!
    A custom policy that does that would be useful.

    1 vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Protection  ·  Flag idea as inappropriate…  ·  Admin →

    Office 365 Messaging Encryption is already able to do this.
    If the content is sent via email (using Exchange Online) you can set the policy to automatically classify the email with the same policy in the document, which will in turn grant the ability for the recipient to open it without installing any software and without creating an account.
    If the issue is that the existing policy in the document does not grant rights to the external user, you can create a transport rule in Exchange which replaces protection with Do Not Forward or Encrypt Only (though of course, you will want to implement additional controls to ensure the data only goes to people you want it to go to).
    There are third party additions to AIP that allow users to request shareable versions of the content, if you want to implement the process above with some form of workflows…

  11. Make Word Track Changes functional with Co-Author permissions

    Word's "Track Changes" feature is disabled on RMS-protected files unless the signed in user has all permissions.
    It's a known shortcoming described "as designed".
    https://support.microsoft.com/en-us/help/2004302/word-track-changes-functionality-disabled-when-rights-management-servi

    5 votes
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Office Clients  ·  Flag idea as inappropriate…  ·  Admin →
  12. Encrypt Only Email Option

    Similar to the new Do Not Forward option, have an option that simply encrypts the email to the recipient. With the AIP templates not able to utilize 'all external recipients' and the DNF being too restrictive we still need to use a third party for email encryption. The downloading of a .html file is not feasible to implement with thousands of clients and the hand holding that is required.

    129 votes
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    23 comments  ·  Office 365 and EMS  ·  Flag idea as inappropriate…  ·  Admin →
  13. Only documents must have a label, don't apply a label to emails

    Only documents must have a label, don't apply a label to emails or separate the permissions for e-mail and documents. For example: all documents must have a label to enforce users to protect their files with a pre-defined label, but they should send an email without a label to external users.

    1 vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Protection  ·  Flag idea as inappropriate…  ·  Admin →
  14. Configure a label to require Ad-hoc custom permissions.

    Today, labels can apply RMS permissions that are configured by an administrator while configuring the label.

    Suggesting an additional approach: A label is set to require custom RMS protection, by prompting the user to set custom permissions through the AIP dialogue.

    1 vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Protection  ·  Flag idea as inappropriate…  ·  Admin →
    Done  ·  Adam Hall responded

    This is already available in Preview.

  15. 5 votes
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Administration and Admin Portals  ·  Flag idea as inappropriate…  ·  Admin →
  16. Temporarily decrypt file and pass to default application

    I've just completed some testing with a few software packages -- Caseware and Lacerte -- for an accounting firm. Data for these apps lives on file shares, so they intended to use AIP to encrypt the files at rest. Unfortunately, AIP is not fully compatible with the file types (.dbf. .mdf, and some custom file types that are readable in Word). The customer brought up an interesting point that I had not considered -- the ability for the AIP viewer to temporarily decrypt the files and pass them along to the appropriate default program.

    1 vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Applications and File Types  ·  Flag idea as inappropriate…  ·  Admin →
    Done  ·  Adam Hall responded

    This feature is in the AIP Viewer today.

  17. Dedicated admin role for Azure Information Protection

    Create an Azure Portal admin role that allows full access only to AIP

    81 votes
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Done  ·  7 comments  ·  Administration and Admin Portals  ·  Flag idea as inappropriate…  ·  Admin →
  18. Prevent document owners from changing label define protection to custom permissions

    As user could today change from a predefined RMS protection to a user defined protection, the " label - AAD RMS " protection relationship is easily broken.

    The Suggestion :
    - Introduce a parameter to choose between enforced AAD RMS protection or required User protection or nothing (like today).

    And more, through the client, selecting a "required user protection" label could directly prompt the user to choose the adequate protection.

    4 votes
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Protection  ·  Flag idea as inappropriate…  ·  Admin →
    Done  ·  Adam Hall responded

    This is now available, admins can remove the option to set custom permissions.

  19. Enable application specific labeling policies

    Enable configuration of sets of policies to different applications, for example Outlook versus Word/Excel/PowerPoint

    28 votes
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Done  ·  7 comments  ·  Administration and Admin Portals  ·  Flag idea as inappropriate…  ·  Admin →
  20. Bulk data at rest scanning and analysis

    Provide a bulk scanning and ongoing analysis engine to scan data repositories

    30 votes
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Scanning and Migration  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1
  • Don't see your idea?

Feedback and Knowledge Base