The document discusses security issues organizations face with data leaks and breaches. It notes a rise in intellectual property theft and data breaches often due to lack of internal controls and use of non-approved apps. New challenges in protecting data include managing hybrid data environments where data moves between on-premises and cloud locations. The document then introduces Azure Information Protection as a solution for classifying and labeling documents to set policies and control access.

3. Employees
Business partners
Customers
Apps
Devices
Data
Users
Data leaks
Lost device
Compromised identity
Stolen credentials

4. Intellectual Property theft has
increased
56% rise data theft
Accidental or malicious breaches due
to lack of internal controls
88% of organizations are Losing control of
data
80% of employees admit to
use non-approved SaaS app 91% of breaches could have
been avoided
Organizations no longer confident in
their ability to detect and prevent threats
Saving files to non-approved cloud
storage apps is common

5. Unregulated,
unknown
Managed mobile
environment
On-premises
Perimeter
protection
Identity, device
management protection
Hybrid data = new normal
It is harder to protect

6. DOCUMENT
TRACKING
DOCUMENT
REVOCATION
Monitor &
respond
LABELINGCLASSIFICATION
Classification
& labeling
ENCRYPTION
Protect
ACCESS
CONTROL
POLICY
ENFORCEMENT

7. Azure Information
Protection
Full Data
LifecycleDOCUMENT
TRACKING
DOCUMENT
REVOCATION LABELING
CLASSIFICATION
ENCRYPTION
ACCESS
CONTROL
POLICY
ENFORCEMENT

8. SECRET
CONFIDENTIAL
GENERAL
PUBLIC
IT admin sets policies,
templates, and rules
PERSONAL
Classify data based on sensitivity
Start with the data that is most
sensitive
IT can set automatic rules; users can
complement it
Associate actions such as visual
markings and protection

9. Reclassification
You can override a
classification and
optionally be required
to provide a justification
Automatic
Policies can be set by IT
Admins for automatically
applying classification and
protection to data
Recommended
Based on the content you’re
working on, you can be
prompted with suggested
classification
User set
Users can choose to apply a
sensitivity label to the email
or file they are working on
with a single click

10. %##&$^#*!~@&
FINANCE
CONFIDENTIAL
%$^#*@&
Persistent labels that travel with the document
Labels are metadata written to
documents
Labels are in clear text so that other
systems such as a DLP engine can read it
and a hash of policies, rules, and user
information

11. VIEW EDIT COPY PASTE
Email
attachment
FILE
Protect data needing protection by:
Encrypting data
Including authentication requirement and a
definition of use rights (permissions) to the data
Providing protection that is persistent and travels
with the data
Personal apps
Corporate apps

13. •
•
•
•

14. •
•
•
•
•
•

17. •
•
•
•

18. •
•
•
•
•
•

20. •
•
•

21. 


