Automatic Classifications Commercially Released for Exchange, OneDrive and SharePoint

Microsoft this week announced that the ability to automatically classify documents using Microsoft Information Protection's sensitivity labels feature is now commercially released (at "general availability") for its Exchange, OneDrive and SharePoint solutions.

The news may seem a bit familiar, as Microsoft had described sensitivity labels as being at the general availability stage earlier this month. However, that announcement was describing the use of sensitivity labels that get manually applied by end users on documents. Now, it's possible for IT pros to set up policies that will automatically label documents without users having to bother.

There's a licensing difference between the two capabilities. Using sensitivity labels with automatic classifications requires having Microsoft 365 E5 or equivalent licensing. Just having the ability to apply labeling manually by end users, though, can be done with E3 licensing.

These sensitivity label product rollouts are part of the Microsoft Information Protection service, which has the ability to classify Office documents (Excel, Outlook, PowerPoint and Word) across Android, iOS, Mac and Windows platforms. Microsoft also has a similar Azure Information Protection service, but it's getting deprecated on March 31, 2021, apparently because it's not a cross-platform solution.

Microsoft wants organizations using Azure Information Protection to migrate their labels to its so-called "unified labeling platform" and eventually move to using Microsoft Information Protection instead. The migration details are described in this document.

Organizations might use Microsoft Information Protection's sensitivity labels to apply classifications to documents, showing those labels in headers and footers. The labels can flag documents when they contain sensitive information such as Social Security numbers, credit card numbers and bank account numbers, for instance.

The Microsoft Information Protection service has a Policy Simulator feature lets IT pros try out a classification policy first and see its effects before going live with it. Here's how this Microsoft document described the Policy Simulator feature:

The simulated deployment runs like the WhatIf parameter for PowerShell. You see results reported as if the auto-labeling policy had applied your selected label, using the rules that you defined. You can then refine your rules for accuracy if needed, and rerun the simulation.

Sensitivity labels aren't automatically turned on. Organizations wanting to use them have to first turn them on using the Microsoft 365 Compliance Center.

About the Author

Kurt Mackie is senior news producer for 1105 Media's Converge360 group.


  • Spaceflight Training in the Middle of a Pandemic

    Surprisingly, the worldwide COVID-19 lockdown has hardly slowed down the space training process for Brien. In fact, it has accelerated it.

  • Surface and ARM: Why Microsoft Shouldn't Follow Apple's Lead and Dump Intel

    Microsoft's current Surface flagship, the Surface Pro X, already runs on ARM. But as the ill-fated Surface RT showed, going all-in on ARM never did Microsoft many favors.

  • IT Security Isn't Supposed To Be Easy

    Joey explains why it's worth it to endure a little inconvenience for the long-term benefits of a password manager and multifactor authentication.

  • Microsoft Makes It Easier To Self-Provision PCs via Windows Autopilot When VPNs Are Used

    Microsoft announced this week that the Windows Autopilot service used with Microsoft Intune now supports enrolling devices, even in cases where virtual private networks (VPNs) might get in the way.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.