Some news from Azure Information Protection

Posted by

Inyone n this article I want to give you some insights into four new functions within Azure Information Protection. Some are available at this moment and there is one function in private preview.

No more publishing – just save

One of the more pleasing functions of the administration portal (in my opinion) was the possibility to publish your changes. All changes to your policy or policies become available after this publication step.

This is no more. In the new portal when you save changes to labels that are added to policies (more on that below), these changes are automatically published. More on that here. There is no separate publish option.


But this won’t have to be a problem. The process for creating new labels is changed somewhat. You now create a label, add the label to your policy (see below) and activate the label. At that moment, the changes are published. So you can still created/modify your labels and publish later. Just remember that if the label is already active, then the change will be automatic.

All authenticated users

This feature is now in private preview. The “All authenticated users” option (a term btw. which should be recognized by SharePoint admins out-there) allows you to set protection for any authenticated user.

So instead of having to include a specific domain (*, you can now include users from all domains ( *@*). Again, this function is now in private preview and can change at any moment.

The option grants any supported authenticated user access to protected content. The access depends on the identity provider and type of content.  To use this new function, you will need a(n):

Mail and files (AzureIP)

  • Azure AD identity
  • Microsoft (Live) identity

Mail only (Office 365 message encryption)

  • Federated social identity (Gmail, Yahoo!)
  • One time passcode
All authenticated users

I’ll be looking into this new function in some more detail later.

Label management

A very nice new feature let’s you add or remove labels from your policy with a check box. This function does not create labels. After creation of your labels, you can now add them to one or more policies. At that moment, they become active. And this works the other way around as-well.

Label management

App specific visual markings

Visual markings have been an integral part of AzureIP from the beginning. But these markings were always the same for all Office applications. Now you can use application specific markings. In other words: the marking in PowerPoint can differ from the one in Word. Very nice.

To enable this, you will need to add the “If.App” variable  and identify the application type. For example, a Word marking:

${If.App.Word}This Word document is sensitive ${If.End}

All in all

Some nice things are now available and are coming our way. I’ll try to publishing these updates on a more regular basis. So stay tuned 🙂

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s