News

Microsoft Azure Information Protection Hits Public Preview

• By Gladys Rama
• July 12, 2016

• Get more news from WPC 2016 here.

The new Azure Information Protection solution, which extends the security capabilities of Microsoft's Azure Rights Management Service (RMS), is now available as a public preview release.

Microsoft first described Azure Information Protection last month. The public preview, available for download here, was announced on Tuesday by Microsoft executives during the Day 2 keynote presentation of the Worldwide Partner Conference (WPC), taking place this week in Toronto.

Using technology Microsoft acquired from its late-2015 purchase of security firm Secure Islands, Azure Information Protection adds data classification and labeling capabilities to the existing encryption capabilities of Azure RMS. The solution lets organizations apply labels to individual files based on the sensitivity of the information they contain. Each label determines the level of security protections applied to each file. The labels are "persistent," meaning the same security protections are applied wherever a file is shared, and regardless of who is editing it.

Azure Information Protection can also automatically classify the level of security a file requires based on its content.

Julia White, general manager of the Microsoft Cloud Platform, gave a demo of Azure Information Protection during the WPC keynote on Tuesday. White showed how an employee working on a Word document can manually classify the file as Personal, Public, Internal, Confidential or Secret (there are also sub-classifications, like Finance or HR). Azure Information Protection labels all documents Internal by default. However, a user can manually select the Secret classification, per White's example, which results in the word "Secret" appearing as a watermark across the document. The watermark will remain on the document regardless of whether the file is shared out or to whom.

White also demonstrated the automatic-classification capability using an expense report template in Excel. As usual, the expense report starts out with the Internal label, but as soon as the user types a credit card number into the file, Azure Information Protection automatically changes the classification to Confidential. The user can override that classification and change it to Personal, for example, but a dialog box will pop up to prompt them for an explanation -- a useful feature for auditing, White said.

The public preview of Azure Information Protection has two components, according to this Microsoft blog post:

• An Azure management portal for the configuration and management of information protection policies, rules and labels.
• An Azure Information Protection client for the consumption and enforcement of classification, labeling and protection policies across Word, Excel, PowerPoint, and Outlook (2010/13/16).

Any subscription that includes Azure RMS will allow access to the Azure Information Protection public preview, according to this FAQ. Azure RMS is available under the Office 365 E3 and E5 subscription plans, and as part of Microsoft's Enterprise Mobility + Security offering (previously called Enterprise Mobility Suite).