7. • Protect | non-protect
• Encryption & rights management
• Restrict actions (printing, forwarding, etc.)
• Internal/external
• Users/groups
• Data loss prevention
• Windows, macOS, iOS, Android
• Office and Office Online
Documents and e-mails
8. • Azure key (tenant key!)
• Bring your own key (BYOK)
• Hold your own key (HYOK) – deprecated (AIP only)
• Double Key Encryption, please note that this limits:
• Transport rules including anti-malware and spam that require visibility into the
attachment
• Microsoft Delve
• eDiscovery
• Content search and indexing
• Office Web Apps including coauthoring functionality
Encryption
https://docs.microsoft.com/en-us/azure/information-protection/plan-implement-tenant-key
9. • Version 1.x | Version 2.x | Office integrated
• Version 2.x vs. Office integrated:
• Label inheritance
• Scanner for on-premises
• Information bar in Office
• File Explorer & viewer
• HYOK and Double Key support
• Track & trace document
• And more…..
• Many items on the Microsoft roadmap
Clients
https://docs.microsoft.com/en-us/azure/information-protection/rms-client/use-client
10.
11. • Exchange Online, SharePoint Online
and OneDrive for Business
• Simulation mode, active mode
Auto-classification @ rest
https://docs.microsoft.com/en-us/microsoft-365/compliance/apply-sensitivity-label-automatically
12. • Compliance Center and Azure
Information Protection portal
• Compliance Center will become default
Dashboarding
15. • Microsoft 365 Groups | Microsoft
Teams | SharePoint Online
• External access, sharing
• Azure AD Conditional Access
• No “default label” for documents
• Specific label policy option
Labels on a higher level
27. 65880 - Exact Data Match will support data configuration
68876 - Exact Data Match to support improved auditability
68881 - Exact Data Match to support Auto-labeling
68882 - Exact Data Match to support notifications for data upload status through alert policies
68908 - Office 365 Advanced Message Encryption - Email revocation by end user
68913 - Co-authoring in MIP labeled protected files (Preview)
68916 - Microsoft Information Protection: Copy and edit built-in info types and other improvements
70542 - Auditing and Analytics in Office apps
70594 - Granular conditional access policies via “Sensitivity Labels” for SharePoint Online sites
70600 - AIP client and scanner data available in Audit and Activity explorer
Roadmap items Q1 2021
Government cloud items excluded
https://www.microsoft.com/en-us/microsoft-
365/roadmap?filters=Microsoft%20Information%20Protection%2CIn%20development