Automatic Classifications Commercially Released for Exchange, OneDrive and SharePoint
Microsoft this week announced that the ability to automatically classify documents using Microsoft Information Protection's sensitivity labels feature is now commercially released (at "general availability") for its Exchange, OneDrive and SharePoint solutions.
The news may seem a bit familiar, as Microsoft had described sensitivity labels as being at the general availability stage earlier this month. However, that announcement was describing the use of sensitivity labels that get manually applied by end users on documents. Now, it's possible for IT pros to set up policies that will automatically label documents without users having to bother.
There's a licensing difference between the two capabilities. Using sensitivity labels with automatic classifications requires having Microsoft 365 E5 or equivalent licensing. Just having the ability to apply labeling manually by end users, though, can be done with E3 licensing.
These sensitivity label product rollouts are part of the Microsoft Information Protection service, which has the ability to classify Office documents (Excel, Outlook, PowerPoint and Word) across Android, iOS, Mac and Windows platforms. Microsoft also has a similar Azure Information Protection service, but it's getting deprecated on March 31, 2021, apparently because it's not a cross-platform solution.
Microsoft wants organizations using Azure Information Protection to migrate their labels to its so-called "unified labeling platform" and eventually move to using Microsoft Information Protection instead. The migration details are described in this document.
Organizations might use Microsoft Information Protection's sensitivity labels to apply classifications to documents, showing those labels in headers and footers. The labels can flag documents when they contain sensitive information such as Social Security numbers, credit card numbers and bank account numbers, for instance.
The Microsoft Information Protection service has a Policy Simulator feature lets IT pros try out a classification policy first and see its effects before going live with it. Here's how this Microsoft document described the Policy Simulator feature:
The simulated deployment runs like the WhatIf parameter for PowerShell. You see results reported as if the auto-labeling policy had applied your selected label, using the rules that you defined. You can then refine your rules for accuracy if needed, and rerun the simulation.
Sensitivity labels aren't automatically turned on. Organizations wanting to use them have to first turn them on using the Microsoft 365 Compliance Center.
About the Author
Kurt Mackie is senior news producer for 1105 Media's Converge360 group.