With Azure Information Protection (AIP), you can secure your emails and documents that you exchange within or outside your organization.

Microsoft Azure is a public cloud computing platform developed to provide a set of cloud services to address your business challenges. It gives you the ability to build, manage, and deploy applications across a massive global network using your favorite tools and frameworks. Azure Information Protection (AIP) is one of the services offered by Microsoft Azure.

AIP protects the sensitive information of your company. It allows your organization to encrypt, classify, and protect your emails and documents at the time of creation or modification. With AIP, you can:
  • Manually or automatically add labels and classify emails and documents based on business rules.
  • Enforce encryption on your emails and documents.
  • Protect your information by applying header and footer text to the email.

AIP provides an excellent end-user experience by allowing users to secure their information by simply applying the label. Organizations can also boost their security and Data Loss Prevention policies with a comprehensive and unified approach for the data protection.

For more information on AIP, see What is Azure Information Protection?.

Supported Features of AIP

  • The AIP feature supports only Modern authentication.
  • With AIP, you can encrypt the content of your email with a label. By default, the Azure Cloud key is used for encryption, but you can also set additional encryption at the server level by configuring the Protection template ID of the label.
  • AIP supports the Watermark feature. You can add a watermark by applying header and footer text to your email.
  • The default label is a label that automatically applies to the new email that you compose.
  • AIP feature permits you to apply only one label per email.
  • You can apply restrictions on your emails and documents based on the following categories:
    • User actions - You can restrict users to perform the following actions on the received emails.
      • View
      • Reply
      • Reply All
      • Do not forward
    • User groups - You can allow only selected users and groups to access your email.
    • Time - You can set few days or a specific date for the users to access your email. When the time expires, users cannot access the email.
  • You can configure AIP to request for justification when users try to downgrade or remove a label.
  • Each email in a thread can have a different label.
  • If you configure the sensitivity labels in Workspace ONE UEM console, users cannot view the IRM templates in Workspace ONE Boxer.