Last Wednesday (25th of January) I presented for the Sogeti Microsoft Heroes Academy. My subject was Azure Information Protection. The presentation I used (in Dutch) can be viewed here:
I was asked some questions on the subject and did some more research.
“Will using Azure Information Protection result in some form of vendor lock-in?”
Well, you will be using Microsoft Azure…..Which is provided by Microsoft :-).
But kidding aside, there are some scenario’s available if you need to modify or end your use of Azure Information Protection. In short:
- You want to move (back) to an on premise RMS environment – redirect your users to the internal environment;
- Stop completely – grant an administrator the required rights and access to the RMS Protection Tool – this tool will enable the bulk decrypting of documents;
- Disable new documents from being encrypted – deploy a registry key preventing users from protecting new documents;
- Decrypt specific documents – using the RMS Protection Tool.
“Can I use Azure Information Protection to protect on premise documents?”
Yes, you can. But you will need the RMS Connector to enable Exchange (for example) to encrypt messages and attachments.
“What if an user makes a screenshot?”
Taking screenshots is just one of the possibilities users still have to disclose information. Taking a picture is another example. However, Azure Information Protection does provide the possibility to disable taking screenshots on Windows and Android platforms.
“Are my temporary files also encrypted?”
No, they are not. But when you open a protected document, the temporary files only contain the alterations you make. The protected content is not stored as a temporary file.