ENFORCE ENROLLMENT, ACCESS, AND APPLICATION CONTROLS USING OFFICE 365 MDM OR INTUNE
Microsoft provides an integrated approach to information protection with a layer of security at the file level. Encryption, rights management, and authorization policies can be applied to any file type and remain with the data, wherever it goes and even in motion. Only authorized users can access protected files, and only on the sender’s terms. Check out our Cloud App Security & Azure AD Enablement Offer!
With Microsoft Azure Information Protection, you can:
» Provide persistent protection - Data itself carries the protection. This ensures data is always protected – regardless of where its stored or with whom its shared
» Enable safe sharing - Access to shared data is identity driven. This enables safe sharing with internal employees as well as customers and partners.
» Empower users - Deep integration with Office 365 enables users to apply protection easily without interrupting your employees normal course of work. In product notifications empower users to make right decisions and tools such as document tracking help them gain visibility into use of shared data
» Maintain control - Different key management and deployment options are available to fit your requirements. IT can use powerful logging and reporting to monitor, analyze and reason over data.
» Classify your data based on sensitivity - Policies classify and label data at time of creation or modification based on source, context, and content. Classification can be fully automatic, driven by users, or based on recommendation.
» Protect your data at all times - Embed classification and protection information for persistent protection that follows your data—ensuring it remains protected regardless of where it’s stored or who it’s shared with.
» Add visibility and control - Users can track activities on shared files and revoke access if they encounter unexpected activities. Your IT team can use powerful logging and reporting to monitor, analyze, and reason over data.
There is basic information protection capability within Office 365, including
- Protection for content stored in Office (on-premises or O365)
- Access to RMS SDK
- Bring your own key
Such capabilities are included at no charge along with the E3 sku.
When purchasing EMS, organizations also receive advanced capabilities of Azure Information Protection to:
- Automated intelligent classification and labeling of data
- Tracking and notifications for shared documents
- Protection for on-premises Windows Server file shares
Enabling Technologies can assist in applying the many capabilities of Azure Information Protection in a way that best suits your organization. Balancing user productivity and security is possible, since you can provide users the ability to continue their workflow and be warned and alerted about a security violation, or alternatively, keep them from continuing.
For other Microsoft Security solutions see our main Security page.