Azure Information Protection

All ideas that relate to Azure Information Protection (AIP)

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Limit actions done by Macros

    There are many request from customers to limit the actions that can be done with Macros.
    Right now, if [Allow Macros] is granted as a usage right, any kind of Macro can be executed (like Macros to copy data from an AIP protected file and paste it into a text file which is not protected).

    Therefore, customer's request is to be able to limit the actions that can be done with Macros on AIP protected files.
    For example, allow only "Read-Only" Macros.

    Please consider the idea of implementing a feature that would allow customers to limit the actions that can…

    25 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  2. Authorize AIP Super User Role with Priviled Identity Management (PIM)

    The authorization for the activation of the high-risk role AIP super user should be managed by Azure Privileged Identiy Management. Of course you should also be able to assign users to the role.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  3. Detect tampering of labels

    Enforce an anti-tampering mechanism (such as the client having a hash of the label and knowing if it was changed) and log centrally for reporting.

    37 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Proposed  ·  3 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  4. Maintain classification history of documents

    Provide a client and admin view of document classification, labeling and protection history

    40 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Proposed  ·  0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  5. Allow AIP authentication with identity realms other than Azure AD

    The AIP Viewer can only authenticate via Azure AD, which is limiting to the way of sharing protected files, which is not sent by email where the federation is in place with Google, Yahoo, etc .. and the OTP code option

    22 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    5 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  6. Obfuscate the DLP AIP automation rules stored on the clients so users can't see them / leak then / work around them

    Currently the policy.msip file is a plain text JSON file that can be viewed and edited locally. Customers have asked for this to be encrypted so it is not readable by users and other applications.

    19 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  7. 5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Review  ·  2 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  8. Enable Governance actions for Anomaly policies in Cloud app Security

    Currently you can only take governance actions (such as suspend user automatically) for Activity policies in Cloud app security. This should also be done for Anomaly policies. For instance, the Anomaly policy impossible travel. If an alert for this gets generated I would like the user to be suspended automatically in order to better ensure that their account did not get compromised.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  9. Read only access to AIP portal for auditing

    Read only role for the AIP console to allow auditing the policy without being able to make changes

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  10. Serverless execution of Protect-RMSFile/Unprotect-RMSFile

    If exposed as a service in Azure, this could allow for more modern application/deployment frameworks. Authentication to the service should be possible using a certificate. Should allow for both RMS-template based protection as well as AdHoc

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  11. Allow usage of Multiple Keys in AIP

    Currently AIP only support one Key (Either BYOK or Microsoft Managed) for Azure RMS (protection) of emails and document.
    I'd like to see an option which will allow the usage of multiple Keys and allow organization to use different keys based on the security needs, business requirements or different division within the company.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  12. SPIF support for AIP labels

    http://www.xmlspif.org/ defines a very powerful model to describe security policy and labels.

    Being able to make more complex labels in AIP could be really useful.

    SPIF support mean the ability to create complexe security policies (with classification and tags) and being able to choose which policy to use when creating a label.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Review  ·  0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  13. Implement additional checks to prevent rogue applications being able to open protected content

    Implement a more robust SDK and application verification process to prevent a rogue developer building an app to gain access to protected content and allow actions outside the provided permissions

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Review  ·  0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base