Get Started with Microsoft Information Protection
HTML-код
- Опубликовано: 9 июл 2024
- This time I take a deep dive in getting started with Microsoft Information Protection. This critical feature is part of Microsoft’s EM&S Security offering for both Microsoft Azure and Microsoft 365. MIP allows you to create sensitivity labels and apply them to your organisations most sensitive assets either manually or automatically . Once applied data can be automatically encrypted to protect it from being shared internally or externally. If you’re interested in security, then this is a session you won’t want to miss. As always please like and share :-)
Visit my site www.Andymalone.org Наука
I normally dislike intros to videos but i have to say yours was really good and that graphic at the start is awesome :)
Why, thank you kindly. I’m delighted to hear that 😀
Thanks for this. I am a new intern with Microsoft, and someone on my team sent me this video to help me learn about MIP.
Hey great to hear from you. You’re very welcome and I hope it helps. Best of luck with your internship at Microsoft, it’s a great company. All the best, Andy.
THANK YOU SO MUCH!!! What a great explanation! I've been having an extremely difficult time going through the Microsoft learn and trying to visualize on the practical usage side. I don't have an Azure tenant and I'm taking one of the Microsoft exams in the next week or so. This filled in the gaps. Looking forward to watching more!
Aw thanks so much for your nice comment. Thanks m delighted you found the session useful. Welcome to the channel, great to have you on board👍😊
Thank you. Very clearly explained.
You’re very welcome Sarah and thanks for the visit.👍😊
Thank you so much!! This is a really good explanation and Great video.
Glad it was helpful!
What an awesome explanation! Thank you! Our licenses are EOP Plan2 and Azure Info Protection Premium P1 I'm having a hard time discerning if this covers everything you talked about doing in this video... particularly MIP. Our tenant also houses 365 Business standard, so its sometimes hard to tell if that is only allowed for those licenses or the bulk of ours... E2 and AIP P1. Any advice on that?
I’ll be honest I’m a techie not a licensing expert. A great website to check is M365maps.com It’s a website run by one of my MVP colleagues. And it’s great for answering licensing questions. Hope this helps and great to have you on board.
great learning video
After setting up this label Policy, Do i need to Add computer to Azure?
or what if the computer isn't joined to Azure?
Are they still be able to bypass these policies or policies will still work?
No and no they would not be able to bypass the policy 😊
Thank you.
You’re welcome 😊
Hi Andy. Great video. I have some questions on this, wondered if you could share some insight?
On the Azure side, you can setup an Analytics Workspace to ingest the label data to and report on, it is in preview but Microsoft also say the AIP is depreciated.... Is the entire Azure side going away or just the label and label policies part of it?
The desktop client, is this for both the Unified Labeling but also if you want to protect on premise data? Is the client a one stop shop or am I missing a reason on why you'd download it if the office apps include the native sensitivity labels.
Lastly, as its seriously unclear from Microsoft, is AIP just renamed to MIP or is MIP and AIP going to be two seperate offerings from Microsoft?
Many thanks
Azure information protection was rebranded as Microsoft information protection sometime ago. This technology is a crucial part of Microsoft’s strategy for data protection. It would be highly unlikely that they would remove this technology, so have no fear MIP is here to stay. Unified labelling is incorporated into Microsoft information protection by default. Also Microsoft office 2019, and 2022 also include the client by default. I hope this helps clear a few things up and thanks so much for reaching out and I hope you’re enjoying the content, Andy.
@@AndyMaloneMVP brilliant. Cheers Andy. All the best.
@@AndyMaloneMVP hi Andy. Sorry to reach out again but wondered if you had any insight as I am struggling to make sense of this particular scenario:
I've setup a log analytics workspace in the AIP area under 'configure analytics (preview)' when querying the logs nothing shows up when using the native built in office sensitivity label add in. It seems they only appear in that analytics workspace if I install the unified label client.
Anyway to view log activity when agent is not installed but you want to view it via a log analytics workspace? I'm aware it will show in cloud app portal and m365 audit logs but I have a scenario where I'd want to view it in a log analytics workspace with no client installed.
Really appreciate any insights here. Thanks again.
Dan
Hello! Is it possible to create a label to detect a phrase and not just keywords? Ie: If the document has a phrase saying “this document contains sensitive information” it will always recognize that phrase and label is as needed?
That’s a good question. I know that you can create custom rules that look for patterns. So in theory yes, there should be a solution. However, I’ve never heard of this type of query being used. That’s not to say of course, it won’t work. Good luck and let me know how you get on.
just copying your steps but I cant see the tab of auto labeling in main menu
Also cant see the two drop downs in "content contains" when enabling auto labeling for files and emails
I am working from UK and my Azure Purview says " Schematized data assets (preview)
Since I recorded, purview of is an additional feature and it’s currently in preview. If you don’t see the auto option it’s probably a licensing issue.
Thank you for another great video!
By the way, I'm not so sure about the difference between 'AIP', 'MIP' and 'Microsoft Purview Information Protection'.
Is the word 'AIP' already out of date?
Thank you very much, MIP or Microsoft information protection is a component of Microsoft purview. The old name was Azure information protection, they just renamed it..
Hello Andy I have a question. In what part can you setup the RMS templates on AIP?
learn.microsoft.com/en-us/previous-versions/azure/information-protection/configure-policy-templates
Thank you so much for the video, it makes me understand more about the AIP. 😉💯
But I have a question, Azure Information Protection uses Azure RMS to protect documents or emails, AIP itself has labels and label policies to protect the documents, what's the relationship between labels and label policies, label and RMS?
For a label to work you need to create a policy and publish the label to that policy.
@@AndyMaloneMVP Thank you so much for your answer.
I am new to this whole thing, I got a little confused about RMS and labeling. RMS protect documents and emails, we can use label to protect emails too.
For example, when we try to send an email, we choose a label for the email, and send it. In this process, which one is protecting the email? the label or the RMS?
@@holaconn1754 I think you need to do some reading. I would suggest visiting docs.microsoft.com and doing some reading on Microsoft information, protection, sensitivity and labelling. I think this will answer your question. Thanks again.
How does a user who is allowed access decrypts the doc? DO they have some private key on the device on does it make an online call to MS AIP service to get this decrypted
. I am curios to know if a user who is allowed and has no internet access can he open the doc?
Hi thanks for the question. Information protection uses public / private key encryption with the keys stored in your Azure key vault. Access is completely transparent to the user. Here is a doc which explain the different types techcommunity.microsoft.com/t5/security-compliance-and-identity/understanding-microsoft-information-protection-encryption-key/ba-p/2214589
Hello,
What are the licensing requirements, as previously we were using Windows Information Protection/Intune, and that works no more,we were using E3 license for that, do i need to buy E5 license?
EM&S
@@AndyMaloneMVP Whats the complete name of the license?
Enterprise Mobility and Security E3 or E5?
@@iteepk i’ll be honest with you, I’m not really a licensing or sales person but a great site to visit is m365maps.com this will show all the licensing options 😀
@@AndyMaloneMVP Thank you.
This is just the portal settings, don't we have to deploy the unified labeling client or the classic client to all workstations? otherwise, users won't see the labeling options on office apps.
If you are using office, 2016, 2019 or 2022 versions of Microsoft office, these include the client. However, you are correct. There is a client that you will need to install for windows and this will then enables windows information protection. Check out docs.microsoft.com for more details on this.
@@AndyMaloneMVP thanks Andy!
Give me more information about MIP sdk. Which situation use this sdk
Docs.Microsoft.com
hi this is fantastic. Could you post more on this topic would appreciate since its a part of SC 400 certification
Hi there, thanks for the interest and a pleasure to have you onboard. Good luck with your exam :-)
How to apply sensitively label 🏷 to pdf files
I think this might help 😊 techcommunity.microsoft.com/t5/security-compliance-and-identity/using-azure-information-protection-to-protect-pdf-s-and-adobe/ba-p/282010
Million dollar 💵 info for free
Million dollar 💵 info for free