Azure Information Protection

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Configuration of UL "Label Advanced Settings" and "Label Policy Settings"

    Currently the configuration of Unified Labelling "Label advanced settings" & "label policy settings" is only available through PowerShell. For some organisations this is not ideal as not everyone has PowerShell skills, also, in my particular organisation getting a remote PowerShell session to the cloud is incredibly difficult and overly complex.
    Please consider adding this to the admin portals.

    10 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Administration and Admin Portals  ·  Flag idea as inappropriate…  ·  Admin →
  2. 1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Administration and Admin Portals  ·  Flag idea as inappropriate…  ·  Admin →
  3. Disallow labels on specific / devices / plafforms

    It would be nice, to have control which type of labels are available on a user device.

    Usecase is for example, to prevent labels for highly confidential content on mobile devices or virtual desktop environments.

    A user should see the label on a trusted device, but on another device which isn't secure enough the label should be prevented.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Administration and Admin Portals  ·  Flag idea as inappropriate…  ·  Admin →
  4. Provide the ability to designate administrators scoped to subset of the organization

    Many organizations have multiple divisions that don't share a single IT department or a common root or trust. While the current guidance is to use separate tenants for such divisions, some organizations may want to share a tenant with subparts that are managed by different people.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Administration and Admin Portals  ·  Flag idea as inappropriate…  ·  Admin →
  5. Provide Role Based Access Controls (RBAC) in the AIP Admin console

    Provide a granular delegation model for administration of AIP configuration

    59 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Review  ·  3 comments  ·  Administration and Admin Portals  ·  Flag idea as inappropriate…  ·  Admin →
  6. Dynamically re-classify a file after initial classification

    Once we auto-classify a file and set a label/protection, we don't refresh/re-run the code to see if the existing label/protection still should apply to the file. As a result, I may have files that have markings that don't accurately apply to the current content of a file.

    Please expose an option in the configurations to enable dynamic reclassification of a file during every save of the file, throughout it's lifecycle.

    For example, if I have an auto-classification rule that looks for 3 entries of 'customer claim' and my file meets that rule, I get auto-classified upon saving the file. However,…

    18 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Proposed  ·  1 comment  ·  Administration and Admin Portals  ·  Flag idea as inappropriate…  ·  Admin →
  7. Add workflow actions to Labels

    Add new options for expiring labels (removal and/or replacement) based on time, approvals to make changes and notifications on change.

    31 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Proposed  ·  6 comments  ·  Administration and Admin Portals  ·  Flag idea as inappropriate…  ·  Admin →
  8. Provide preconfigured policies for regulatory compliance such as GDPR

    Create a template that helps assist organizations to identify personal details within content and files. Suggestions would be to look at telephone number/post code/IP address/e-mail address/gender/NHS number etc.
    If there could be auditing that shows where this data resides when identified and give central IT a means to track it, that would provide high value in remaining compliant and avoiding fines.

    28 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Review  ·  0 comments  ·  Administration and Admin Portals  ·  Flag idea as inappropriate…  ·  Admin →
  9. Add PowerShell and/or Graph API support for AIP configuration

    Add PowerShell (and/or Graph API) support for configuring AIP Policies and Labels. Configuring even 5-10 policies in the GUI is laborious and doesn't scale well to multiple tiers/environments.

    24 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Administration and Admin Portals  ·  Flag idea as inappropriate…  ·  Admin →
  10. Onboarding Control Exclusion list

    Ability to exclude some members of the tenant being able to use Azure RMS to protect documents. We currently have an onboardingControlPolicy option to include certain users, but this is not helpful when you have a specific AD group of users that should not use encryption for compliance reasons.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Review  ·  2 comments  ·  Administration and Admin Portals  ·  Flag idea as inappropriate…  ·  Admin →
  11. Enable override settings in scoped policy for labels defined in Global policy

    Provide an option for scoped policies to override settings in the Global Policy

    15 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Proposed  ·  0 comments  ·  Administration and Admin Portals  ·  Flag idea as inappropriate…  ·  Admin →
  12. Allow labels to display both business descriptions and protection descriptions

    Rights templates created in the new portal now share the same name and description as the associated label. However, I believe there is a case to use the name and description of the label to give information to help the user to understand the classification of the document in the context of an organisation's Information Classification Policy. Before this most recent change, I found it helpful to use the description of the rights template to summarise the rights that have been assigned. Having the same description for each loses an opportunity for clarity. The user already knows that the document…

    6 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Proposed  ·  0 comments  ·  Administration and Admin Portals  ·  Flag idea as inappropriate…  ·  Admin →
  13. Bring back the "publish" button at the AIP portal

    The two step workflow was much better than the actual direct publishing if we save a policy. I would like to modifiy my settings and discuss it with my colleagues before I make the rollout.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Administration and Admin Portals  ·  Flag idea as inappropriate…  ·  Admin →
  14. Option to generate reports for Azure RMS protectors, currently none available

    Currently we are not able to generate report for Azure RMS protectors and the current usage reports. We don't have proper logging available and could not get the report using Powershell as well. Need to know how many outlook users are protecting and consuming the ARMS services. This is for License assignment and currently using onboarding control policy and need to shift to license model.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Administration and Admin Portals  ·  Flag idea as inappropriate…  ·  Admin →
  15. Policy versioning and rollback

    Please allow to rollback to previous version of policies. Or to import policies from a export file.

    10 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Proposed  ·  4 comments  ·  Administration and Admin Portals  ·  Flag idea as inappropriate…  ·  Admin →
  16. Support for Multi-tenant on AIP Scanner

    I have several customer's that have a AD forest with multiple domains. In their migration to Office 365 they are forced to have multi-tenant setup to segregate data. However they share on-prem file servers and SharePoint. To separate the Auto-Labeling and the encryption key they need support for multi-tenant in AIP Scanner

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Administration and Admin Portals  ·  Flag idea as inappropriate…  ·  Admin →
  17. Enable the ability to specify a default label from across scopes

    When using only scoped policies, with mandatory classification enforced, be able from the admin GUI to select a default label from a scoped policy which is not the last one.

    For example, we currently have:
    o Scoped policy 1 include C1,C2, C3 (for any of a sub-company users)
    o Scoped policy 2 include C4 (for a limited sub-population)
    With a default label set to C2 for the scoped policy 1 and "none" for the scoped policy 2.
    As the default label is taken from the last scoped policy, if we want C2 to be the default for all our sub-company…

    8 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Proposed  ·  0 comments  ·  Administration and Admin Portals  ·  Flag idea as inappropriate…  ·  Admin →
  18. Enable AIP client to authenticate with Windows Server AD.

    We are working on a strategy to move from on-premises AD RMS to Azure IP; however, we have encountered a blocker in our migration strategy: Azure IP cannot authenticate a user not located in an Azure AD tenant. In this scenario, we have implemented AD RMS in a resource forest and account forest scenario. The resource forest contains AD RMS, the protected content, AD FS, and contact objects of the users in the account forest. The account forest contains the user objects and uses Ping to federate with the resource forest. These user accounts can use any email address suffix…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Proposed  ·  0 comments  ·  Administration and Admin Portals  ·  Flag idea as inappropriate…  ·  Admin →
  19. Protection templates section on left pane in AIP Admin Portal

    Policy templates should be made as a submenu on the left pane along with others such as "Policies", "Manage", etc.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Proposed  ·  2 comments  ·  Administration and Admin Portals  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base