Azure Information Protection

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Enable application specific labeling policies

    Enable configuration of sets of policies to different applications, for example Outlook versus Word/Excel/PowerPoint

    27 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Done  ·  7 comments  ·  Administration and Admin Portals  ·  Flag idea as inappropriate…  ·  Admin →
  2. Bulk data at rest scanning and analysis

    Provide a bulk scanning and ongoing analysis engine to scan data repositories

    29 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Scanning and Migration  ·  Flag idea as inappropriate…  ·  Admin →
  3. Add a Help icon to the AIP bar and ribbon icon with a quick link to "Tell Me More" URL

    With a configurable help button next to the trash symbol in AIP bar in Word/Excel/PPT/Outlook, users can be supportedby forwarding to internal classification guidelines.
    Configurable would mean show (yes/no), and a freely definable URL

    12 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  User Experience  ·  Flag idea as inappropriate…  ·  Admin →

    This is available in the built in AIP integration with Office 365 apps as a “learn more” option under the “sensitivity” button.
    This button URL can be configured in the Unified Labeling Policy.
    Currently it’s available in Mac and will be available later on this year once this capability reach Windows Office and OWA.

  4. OCR support to classify images based on images

    AIP Autoclassification for Images : Is it possible to run a script for images and do autoclassification. AIP will do image processing and can able to discover some words even it’s an image or document and then classify the document.

    11 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  5. Only documents must have a label, don't apply a label to emails

    Only documents must have a label, don't apply a label to emails or separate the permissions for e-mail and documents. For example: all documents must have a label to enforce users to protect their files with a pre-defined label, but they should send an email without a label to external users.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Protection  ·  Flag idea as inappropriate…  ·  Admin →
  6. MCAS integration for conditional protection

    Allow MCAS to take actions based on AIP policies

    11 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Done  ·  0 comments  ·  Office 365 and EMS  ·  Flag idea as inappropriate…  ·  Admin →
  7. 4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Administration and Admin Portals  ·  Flag idea as inappropriate…  ·  Admin →
  8. Provide configurable retention policy for AIP logs

    Allow customers to define a retention policy for AIP Logs

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Logs & Analytics  ·  Flag idea as inappropriate…  ·  Admin →
  9. Expose labels as document properties for use in customs headers

    All organisations I've worked for use document templates (mostly Word) with headers full of tables. In those tables the document metadata is shown, such as title, page numbers, document tracking ID etc. One piece of metadata is the classification label. To avoid having to set that label manually, it would be excellent to be able to extract the AIP label from metadata, and the format it in the usual way.

    It is usually not an option to use the markings feature of AIP, since it then looks like a two-year-old prepared the document. The headers are in the wrong place…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    5 comments  ·  Labelling  ·  Flag idea as inappropriate…  ·  Admin →

    This is already possible!
    Just insert a field code in the document header, with the following value:{DOCPROPERTY Sensitivity}
    See https://www.howtogeek.com/217440/how-to-insert-built-in-and-custom-advanced-properties-into-a-word-document/ for a handy guide into how to use custom document properties in a field code.
    “Sensitivity” is the most useful field for a case like what is described in this request, but all other AIP field codes (prefixed with MSIP_Label) can be used as well.

  10. EnablePolicyDownload=0 is easily overridden if an end user chooses to login

    We are looking at deploying AIP and will have a hybrid solution, AIP as well with AD RMS. We need to for non AIP licensed users to not see the label bar and they will continue to leverage RMS for protection. We have noticed with this key being set to 0, if a user chooses help, there is an option to login to AIP. Which in turn changes the key to 1, which downloads the templates and displays the label bar. Now if a user decides to try and click on a label, they of course get an error message…

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  User Experience  ·  Flag idea as inappropriate…  ·  Admin →
  11. Share protected/labelled documents externally

    SME...
    Protected their internal client documents. Great.
    Now what if they want to send one of these documents externally, the external recipient (unless they're using Azure and have permissions to open this) wouldn't be able to access the attachment!
    A custom policy that does that would be useful.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Protection  ·  Flag idea as inappropriate…  ·  Admin →

    Office 365 Messaging Encryption is already able to do this.
    If the content is sent via email (using Exchange Online) you can set the policy to automatically classify the email with the same policy in the document, which will in turn grant the ability for the recipient to open it without installing any software and without creating an account.
    If the issue is that the existing policy in the document does not grant rights to the external user, you can create a transport rule in Exchange which replaces protection with Do Not Forward or Encrypt Only (though of course, you will want to implement additional controls to ensure the data only goes to people you want it to go to).
    There are third party additions to AIP that allow users to request shareable versions of the content, if you want to implement the process above with some form of workflows…

  12. Ability to search existing label on a document and apply to email label

    When a file is attached via email. The label is not updated based on what the document has. The user selects the label, which can be different from the document classification. The highest level of the label should apply either by email or document.

    7 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Labelling  ·  Flag idea as inappropriate…  ·  Admin →
  13. Make Word Track Changes functional with Co-Author permissions

    Word's "Track Changes" feature is disabled on RMS-protected files unless the signed in user has all permissions.
    It's a known shortcoming described "as designed".
    https://support.microsoft.com/en-us/help/2004302/word-track-changes-functionality-disabled-when-rights-management-servi

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Office Clients  ·  Flag idea as inappropriate…  ·  Admin →
  14. 1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Office 365 and EMS  ·  Flag idea as inappropriate…  ·  Admin →
  15. Perform a lookup and notify user when an email recipient is not included in the policy attached to the label being used.

    Email users do not know the backend configuration of AIP protected labels so when they send a protected email they will not know if a recipient will be able to have access to it as intended. It would be possible to perform a lookup in order to match email recipients with AIP protection policy users and notify emails sender if the intended recipient would not be able to access an email because they are not members of the protection policy. This will enable email sender to take the necessary steps required to mitigate this situation.

    7 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Labelling  ·  Flag idea as inappropriate…  ·  Admin →
  16. Apply a default label with AIP Scanner

    Enable the AIP scanner to apply a default label to all scanned documents. Except those where any automatic classification rule applies.
    E.g. AIP Scanner is used to scan a file share with 10 files. Only one file contains a credit card number or so and will be classified as confidential. The other nine files should get the default classification, configured at the AIP portal or given as run parameter for aip scanner.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Done  ·  1 comment  ·  Protection  ·  Flag idea as inappropriate…  ·  Admin →
  17. Configure a label to require Ad-hoc custom permissions.

    Today, labels can apply RMS permissions that are configured by an administrator while configuring the label.

    Suggesting an additional approach: A label is set to require custom RMS protection, by prompting the user to set custom permissions through the AIP dialogue.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Protection  ·  Flag idea as inappropriate…  ·  Admin →
    Done  ·  Adam Hall responded

    This is already available in Preview.

  18. Temporarily decrypt file and pass to default application

    I've just completed some testing with a few software packages -- Caseware and Lacerte -- for an accounting firm. Data for these apps lives on file shares, so they intended to use AIP to encrypt the files at rest. Unfortunately, AIP is not fully compatible with the file types (.dbf. .mdf, and some custom file types that are readable in Word). The customer brought up an interesting point that I had not considered -- the ability for the AIP viewer to temporarily decrypt the files and pass them along to the appropriate default program.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Applications and File Types  ·  Flag idea as inappropriate…  ·  Admin →
    Done  ·  Adam Hall responded

    This feature is in the AIP Viewer today.

  19. Prevent document owners from changing label define protection to custom permissions

    As user could today change from a predefined RMS protection to a user defined protection, the " label - AAD RMS " protection relationship is easily broken.

    The Suggestion :
    - Introduce a parameter to choose between enforced AAD RMS protection or required User protection or nothing (like today).

    And more, through the client, selecting a "required user protection" label could directly prompt the user to choose the adequate protection.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Protection  ·  Flag idea as inappropriate…  ·  Admin →
    Done  ·  Adam Hall responded

    This is now available, admins can remove the option to set custom permissions.

  20. Update the SDK/API for AIP to include classification and labeling

    Enhance the existing RMS SDK to include classification and labeling

    19 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Development  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base