Azure Information Protection (AIP) helps you classify, protect, encrypt and govern sensitive information wherever it lives or travels.
AIP has been setup across the network. This is linked to all Microsoft Office products, Word, Excel, Outlook, PowerPoint, etc.
AIP allows all users to encrypt documents and emails at a click of a button, we assign “Labels” to encryptions to make life easier for all.
Currently below labels are available to use:
General Use No encryption, anyone can access
Internal Use Only Only people within Stonbury, with a Stonbury email address, within Office 365 can access
Individual Encryption Only people assigned by the user can read
Working with Office
To use AIP, users need to click on “Sensitivity” and then choose a “Label”
Microsoft Word / Excel / PowerPoint etc.
Internal Encryption Only selected
Once saved, a watermark is placed on the document so that users know what level of encryption a document has. In this example, only users within Stonbury will be able to access the document. If a user is not part of Stonbury, they will be denied access when trying to open.
Working with Office Individual Encryption
To use AIP, users need to click on “Sensitivity” and then choose a “Label”
With Individual Encryption selected, users have a choice of what permissions to assign to the recipient
Working with Email
To use AIP, users need to open a new email, click on “Sensitivity” and then choose a “Label”
Individual Encryption Selected
Once sent, a watermark is placed on the document so that users know what level of encryption a document has. In this example, only Kamran, Stephen & Ashley will be able to access the document. They can all respond to the email, but they cannot forward, copy or print the information.
When a user receives an encrypted email, there will be a padlock next to it…once opened the “label” will be displayed
Working with Mobile Email
Once a document is encrypted, only users using the “Outlook” App on their mobiles and tablets will be able to decrypt the email. This cannot be done on default mail clients on mobile devices even if they are part of “Individual or Internal”