Posted by Inyone n this article I want to give you some insights into four new functions within Azure Information Protection. Some are available at this moment and there is one function in private preview.
No more publishing – just save
One of the more pleasing functions of the administration portal (in my opinion) was the possibility to publish your changes. All changes to your policy or policies become available after this publication step.
This is no more. In the new portal when you save changes to labels that are added to policies (more on that below), these changes are automatically published. More on that here. There is no separate publish option.
But this won’t have to be a problem. The process for creating new labels is changed somewhat. You now create a label, add the label to your policy (see below) and activate the label. At that moment, the changes are published. So you can still created/modify your labels and publish later. Just remember that if the label is already active, then the change will be automatic.
All authenticated users
This feature is now in private preview. The “All authenticated users” option (a term btw. which should be recognized by SharePoint admins out-there) allows you to set protection for any authenticated user.
So instead of having to include a specific domain (*@domain.com), you can now include users from all domains ( *@*). Again, this function is now in private preview and can change at any moment.
The option grants any supported authenticated user access to protected content. The access depends on the identity provider and type of content. To use this new function, you will need a(n):
Mail and files (AzureIP)
- Azure AD identity
- Microsoft (Live) identity
Mail only (Office 365 message encryption)
- Federated social identity (Gmail, Yahoo!)
- One time passcode
I’ll be looking into this new function in some more detail later.
Label management
A very nice new feature let’s you add or remove labels from your policy with a check box. This function does not create labels. After creation of your labels, you can now add them to one or more policies. At that moment, they become active. And this works the other way around as-well.
App specific visual markings
Visual markings have been an integral part of AzureIP from the beginning. But these markings were always the same for all Office applications. Now you can use application specific markings. In other words: the marking in PowerPoint can differ from the one in Word. Very nice.
To enable this, you will need to add the “If.App” variable and identify the application type. For example, a Word marking:
${If.App.Word}This Word document is sensitive ${If.End}
All in all
Some nice things are now available and are coming our way. I’ll try to publishing these updates on a more regular basis. So stay tuned 🙂
Governance, Risk, Security and Compliance 
