10 votes3 comments · Azure Information Protection » Applications and File Types · Flag idea as inappropriate… · Admin →
Please be aware that there is often a reason why a file is not able to be classified without protection. Basic file types us txt (and therefore CSV and other renamed txt files) do not support custom metadata. The only way to do this is to do unnatural things like use alternate file streams and require a client endpoint, neither of which is a great option.
But we would love to understand what file types you would like supported beyond what is today, our goal is to work with the application vendor and provide native integrations.
An error occurred while saving the commentBartłomiej Abramowicz commented
Let’s thing for a moment about a few ideas (about labeling only):
I think that the goal should be to label as many file types as possible. The next step is to protect them using RMS.
First - to classify as much information as possible and the second to prevent it from data leaks and in case of the leak to know what types of information was able to get out of the company's network. When something gets out we want to know what was it and was it any company's secrets.
I agree that some file types don't support metadata and it's not an easy to label such files, but as You mentioned the client endpoint such as Azure Information Protection Client already exists. So the tool is already on the workstation. The only goal is to use it for all files.
Let's think for example - not everyone is using MS Office. Some companies are using other tools like Open Office, Libre Office etc. and .xml based file formats.
Another example – Outlook is not always the default mail client. We can even use web-based client to send unclassified data such as video files, audio files and also text files such as .rtf files (for example recordings from meetings that contains classified (secret) information). In many cases they can be more dangerous than documents.
Another one – AIP doesn’t support inserted objects from another applications (Excel object inserted to Word document etc.). The inner object can have no AIP label.
And at the finish another case – we can have all files classified, but we can have no use of it, if we don’t know anything about all these files and we don’t have a reporting portal – a tool that aggregates all knowledge about classified files. Only that way we know everything about all users and documents and what is happening to them. This way we would also know what label was applied by one user to a document and what label was applied by a second one – we can even prompt a second user that a selected file was labeled already with a label by a first user and lowering label is not recommended or even not allowed.
Those are only my ideas of course and my point of viewBartłomiej Abramowicz shared this idea ·
46 votesProposed · 0 comments · Azure Information Protection » Security · Flag idea as inappropriate… · Admin →
39 votesProposed · 3 comments · Azure Information Protection » Security · Flag idea as inappropriate… · Admin →
148 votes14 comments · Azure Information Protection » Logs & Analytics · Flag idea as inappropriate… · Admin →Available in PREVIEW · AdminEnrique Saggese (Principal Program Manager, Information Protection CxE, Microsoft - Azure - Msip) responded
Central logging of AIP actions is now available in preview.
See https://docs.microsoft.com/en-us/azure/information-protection/reports-aip for additional information.
52 votesProposed · 3 comments · Azure Information Protection » Protection · Flag idea as inappropriate… · Admin →