Azure Information Protection

All ideas that relate to Azure Information Protection (AIP)

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Share protected/labelled documents externally

    SME...
    Protected their internal client documents. Great.
    Now what if they want to send one of these documents externally, the external recipient (unless they're using Azure and have permissions to open this) wouldn't be able to access the attachment!
    A custom policy that does that would be useful.

    1 vote
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)

      We’ll send you updates on this idea

      1 comment  ·  Protection  ·  Flag idea as inappropriate…  ·  Admin →

      Office 365 Messaging Encryption is already able to do this.
      If the content is sent via email (using Exchange Online) you can set the policy to automatically classify the email with the same policy in the document, which will in turn grant the ability for the recipient to open it without installing any software and without creating an account.
      If the issue is that the existing policy in the document does not grant rights to the external user, you can create a transport rule in Exchange which replaces protection with Do Not Forward or Encrypt Only (though of course, you will want to implement additional controls to ensure the data only goes to people you want it to go to).
      There are third party additions to AIP that allow users to request shareable versions of the content, if you want to implement the process above with some form of workflows…

    • Only documents must have a label, don't apply a label to emails

      Only documents must have a label, don't apply a label to emails or separate the permissions for e-mail and documents. For example: all documents must have a label to enforce users to protect their files with a pre-defined label, but they should send an email without a label to external users.

      1 vote
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • facebook
      • google
        Password icon
        Signed in as (Sign out)

        We’ll send you updates on this idea

        1 comment  ·  Protection  ·  Flag idea as inappropriate…  ·  Admin →
      • Configure a label to require Ad-hoc custom permissions.

        Today, labels can apply RMS permissions that are configured by an administrator while configuring the label.

        Suggesting an additional approach: A label is set to require custom RMS protection, by prompting the user to set custom permissions through the AIP dialogue.

        1 vote
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • facebook
        • google
          Password icon
          Signed in as (Sign out)

          We’ll send you updates on this idea

          0 comments  ·  Protection  ·  Flag idea as inappropriate…  ·  Admin →
          Done  ·  Adam Hall responded

          This is already available in Preview.

        • 5 votes
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • facebook
          • google
            Password icon
            Signed in as (Sign out)

            We’ll send you updates on this idea

            3 comments  ·  Administration and Admin Portals  ·  Flag idea as inappropriate…  ·  Admin →
          • Temporarily decrypt file and pass to default application

            I've just completed some testing with a few software packages -- Caseware and Lacerte -- for an accounting firm. Data for these apps lives on file shares, so they intended to use AIP to encrypt the files at rest. Unfortunately, AIP is not fully compatible with the file types (.dbf. .mdf, and some custom file types that are readable in Word). The customer brought up an interesting point that I had not considered -- the ability for the AIP viewer to temporarily decrypt the files and pass them along to the appropriate default program.

            1 vote
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • facebook
            • google
              Password icon
              Signed in as (Sign out)

              We’ll send you updates on this idea

              2 comments  ·  Applications and File Types  ·  Flag idea as inappropriate…  ·  Admin →
              Done  ·  Adam Hall responded

              This feature is in the AIP Viewer today.

            • Dedicated admin role for Azure Information Protection

              Create an Azure Portal admin role that allows full access only to AIP

              82 votes
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • facebook
              • google
                Password icon
                Signed in as (Sign out)

                We’ll send you updates on this idea

                Done  ·  7 comments  ·  Administration and Admin Portals  ·  Flag idea as inappropriate…  ·  Admin →
              • Prevent document owners from changing label define protection to custom permissions

                As user could today change from a predefined RMS protection to a user defined protection, the " label - AAD RMS " protection relationship is easily broken.

                The Suggestion :
                - Introduce a parameter to choose between enforced AAD RMS protection or required User protection or nothing (like today).

                And more, through the client, selecting a "required user protection" label could directly prompt the user to choose the adequate protection.

                4 votes
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • facebook
                • google
                  Password icon
                  Signed in as (Sign out)

                  We’ll send you updates on this idea

                  1 comment  ·  Protection  ·  Flag idea as inappropriate…  ·  Admin →
                  Done  ·  Adam Hall responded

                  This is now available, admins can remove the option to set custom permissions.

                • Enable application specific labeling policies

                  Enable configuration of sets of policies to different applications, for example Outlook versus Word/Excel/PowerPoint

                  29 votes
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • facebook
                  • google
                    Password icon
                    Signed in as (Sign out)

                    We’ll send you updates on this idea

                    Done  ·  5 comments  ·  Administration and Admin Portals  ·  Flag idea as inappropriate…  ·  Admin →
                  • Exchange Online supports BYOK

                    Update EXO to leverage the same BYOK as AIP

                    17 votes
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • facebook
                    • google
                      Password icon
                      Signed in as (Sign out)

                      We’ll send you updates on this idea

                      0 comments  ·  Protection  ·  Flag idea as inappropriate…  ·  Admin →
                    • Enable automatic classification based on content in non-office file types

                      Leverage OSS and iFilter options to scan any document type and make recommendations or apply automatic policies

                      15 votes
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • facebook
                      • google
                        Password icon
                        Signed in as (Sign out)

                        We’ll send you updates on this idea

                        0 comments  ·  Applications and File Types  ·  Flag idea as inappropriate…  ·  Admin →
                      • MCAS integration for conditional protection

                        Allow MCAS to take actions based on AIP policies

                        12 votes
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • facebook
                        • google
                          Password icon
                          Signed in as (Sign out)

                          We’ll send you updates on this idea

                          Done  ·  0 comments  ·  Office 365 and EMS  ·  Flag idea as inappropriate…  ·  Admin →
                        • AIP supports certificate based authentication

                          Allow the enforcement of certificates as part of authentication (instead of passwords)

                          4 votes
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • facebook
                          • google
                            Password icon
                            Signed in as (Sign out)

                            We’ll send you updates on this idea

                            0 comments  ·  Mobile Apps  ·  Flag idea as inappropriate…  ·  Admin →
                          • Add support for Intune MAM to AIP Android App

                            Allow Intune to configure and apply MAM policies on the AIP mobiler apps

                            3 votes
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • facebook
                            • google
                              Password icon
                              Signed in as (Sign out)

                              We’ll send you updates on this idea

                              Done  ·  1 comment  ·  Mobile Apps  ·  Flag idea as inappropriate…  ·  Admin →
                            • Add TIFF support to the Android AIP app

                              Add TIFF support to the Android AIP app

                              1 vote
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • facebook
                              • google
                                Password icon
                                Signed in as (Sign out)

                                We’ll send you updates on this idea

                                0 comments  ·  Mobile Apps  ·  Flag idea as inappropriate…  ·  Admin →
                              • Don't see your idea?

                              Feedback and Knowledge Base