Azure Information Protection

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Shared Mailbox and ticketingsystem support

    This is really a grooving problem right now with GDPR.
    I can see a big increase in incoming OME/DNF to all my customers tenants. Many use shared mailboxes or ticketing systems and cannot open these mails and attached documents.

    For example a customer with AIP implemented, they work with both partners and customers. Many of their services use Shared mailboxes. Multiple users handle these requests.
    Now multiple partners has started to use OME and DNF encryption. When they send sensitive information to these shared mailboxes, no one can read.

    Same situation with the opposite, If they send OME DNF to…

    30 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Protection  ·  Flag idea as inappropriate…  ·  Admin →
  2. Add support for Intune MAM to AIP iOS App

    Allow Intune to configure and apply MAM policies on the AIP viewer mobile app for iOS

    20 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Done  ·  0 comments  ·  Protection  ·  Flag idea as inappropriate…  ·  Admin →
  3. Only documents must have a label, don't apply a label to emails

    Only documents must have a label, don't apply a label to emails or separate the permissions for e-mail and documents. For example: all documents must have a label to enforce users to protect their files with a pre-defined label, but they should send an email without a label to external users.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Protection  ·  Flag idea as inappropriate…  ·  Admin →
  4. Share protected/labelled documents externally

    SME...
    Protected their internal client documents. Great.
    Now what if they want to send one of these documents externally, the external recipient (unless they're using Azure and have permissions to open this) wouldn't be able to access the attachment!
    A custom policy that does that would be useful.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Protection  ·  Flag idea as inappropriate…  ·  Admin →

    Office 365 Messaging Encryption is already able to do this.
    If the content is sent via email (using Exchange Online) you can set the policy to automatically classify the email with the same policy in the document, which will in turn grant the ability for the recipient to open it without installing any software and without creating an account.
    If the issue is that the existing policy in the document does not grant rights to the external user, you can create a transport rule in Exchange which replaces protection with Do Not Forward or Encrypt Only (though of course, you will want to implement additional controls to ensure the data only goes to people you want it to go to).
    There are third party additions to AIP that allow users to request shareable versions of the content, if you want to implement the process above with some form of workflows…

  5. Apply a default label with AIP Scanner

    Enable the AIP scanner to apply a default label to all scanned documents. Except those where any automatic classification rule applies.
    E.g. AIP Scanner is used to scan a file share with 10 files. Only one file contains a credit card number or so and will be classified as confidential. The other nine files should get the default classification, configured at the AIP portal or given as run parameter for aip scanner.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Done  ·  1 comment  ·  Protection  ·  Flag idea as inappropriate…  ·  Admin →
  6. Configure a label to require Ad-hoc custom permissions.

    Today, labels can apply RMS permissions that are configured by an administrator while configuring the label.

    Suggesting an additional approach: A label is set to require custom RMS protection, by prompting the user to set custom permissions through the AIP dialogue.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Protection  ·  Flag idea as inappropriate…  ·  Admin →
    Done  ·  Adam Hall responded

    This is already available in Preview.

  7. Prevent document owners from changing label define protection to custom permissions

    As user could today change from a predefined RMS protection to a user defined protection, the " label - AAD RMS " protection relationship is easily broken.

    The Suggestion :
    - Introduce a parameter to choose between enforced AAD RMS protection or required User protection or nothing (like today).

    And more, through the client, selecting a "required user protection" label could directly prompt the user to choose the adequate protection.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Protection  ·  Flag idea as inappropriate…  ·  Admin →
    Done  ·  Adam Hall responded

    This is now available, admins can remove the option to set custom permissions.

  8. Exchange Online supports BYOK

    Update EXO to leverage the same BYOK as AIP

    17 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Protection  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base