ThirdSpace ThirdSpace
Close 0 Reset Search Run Search What are you looking for? Type at least three characters to search. Filter Search Results
  • All Content
  • Blog
  • Case Studies
  • Event
  • Resources
  • News
  • Careers
  • Access Centre
  • Technologies
  • Workshops
  • Solutions
  • People
Load more
10 August 2018

Keep it secret, keep it safe: Azure Information Protection

David Guest

“Careless talk costs lives.”

To quote Grandad from ‘Only Fools and Horses’, you could say that “during the war” people were far more aware of how easily information could spread.

While we don’t have the immediate pressures of wartime Britain today, we still have information that we need to manage and take care in the age of GDPR and cyber security.

While the loss of data may not cost lives, it could well result in a hefty fine or even company closure (remember Cambridge Analytica).


Old School

The way that IT systems take care of data and the way humans process data can be very similar.

Let’s look at a file the human way. Here is an example file in a folder:

So, how does a real person know what to do with the file? Simple, they open it up and look inside. Of course, that may mean that they read information that they are not supposed to. With people it’s easy to stamp the folder with something that tells them what classification of information is inside the folder.

Now, that makes it much easier to understand. The folder may not be sealed to protect against unauthorised eyes, but it is much more obvious that the data inside needs to be handled carefully.

We can apply a similar process to IT systems, with a much greater degree of security thankfully.

When using something like file explorer we see a file appear like this:

We can see the file name and the type of file (in this case Word) and if we look at the properties, we can see specific details about the file.

What we really need to add to the file though is a label or ‘stamp’ that defines its classification or sensitivity. If we do this in a way that IT systems can read, then we can start to use that label to control what happens to the file.

Free e-Guide: The six biggest cyber security threats

Download 'The six biggest cyber security threats to your organisation' to gain:

  • Insight into the most serious cyber threats – and their potential impact
  • Security tips from the experts, so you can take preventative action today
Get my free e-Guide

For Azure eyes only

Azure Information Protection (AIP) provides an easy way of attaching a sensitivity label to the file. In Word, for example, we can utilise a toolbar that allows a user to select the relevant sensitivity of the document they are working on.

This document is now considered to be a ‘General’ document.

Once we have assigned the sensitivity it appears in the properties of the file.

Because the sensitivity is held as part of the document (Word, PowerPoint, Excel, email message), it can be used as part of a set of security controls.

As an example, if a user tries to send a sensitive email outside of the organisation, it can be blocked – or an advisory message can be sent to the user or admin.

When a classified document is saved to a SharePoint location, the system can tell if it has been misfiled and report appropriately.

By adding the correct label (stamping the file), we can gain more control over what happens to it. If we add encryption to protect the file, then we are sealing it against inadvertent opening.

If we think about what we want to control based on what classification the file has, things become easier. Using AIP to help label the file allows the other Microsoft tools to work together to help with data protection compliance – whether that be GDPR or some other regulation.

Tools like Data Loss Prevention (DLP) or Cloud Application Security operating in conjunction with the Security and Compliance tools, go a long way to ensuring that sensitive data is kept as secure as possible.

Labelling is an effective first step toward protecting your sensitive data but there’s still more you can do to ensure maximum security.

Next, watch our conditional access and MFA webinar on-demand and learn why these technologies are key to securing your organisation’s assets.

Or download ‘The business case for cyber security’ e-Guide for best practice on how to take a proactive and pre-emptive approach to tackling the issue.

You may also like...


How to identify and block legacy authentication – and begin the move to a passwordless future


Patch and protect against the Windows cryptographic vulnerability with Microsoft Defender ATP


Digital transformation: How Microsoft is helping CISOs maintain security – Sian John Summit Keynote 2019

Recent Blog Articles

View All
David Guest
Solution Architect and Technology Evangelist
Learn More

Need advice? Our experts are waiting...

Simply request a free Vision Call. We can help you with solution ideas, technology education, best practice advice and more.

Request Vision Call
Award-winning solutions Award-winning solutions

Eight-time winner of the Microsoft Partner of the Year Award for Identity Management, Enterprise Mobility, and Security and Compliance.

ThirdSpace Please upgrade your browser

You are seeing this because you are using a browser that is not supported. The ThirdSpace website is built using modern technology and standards. We recommend upgrading your browser with one of the following to properly view our website:

Windows Mac

Please note that this is not an exhaustive list of browsers. We also do not intend to recommend a particular manufacturer's browser over another's; only to suggest upgrading to a browser version that is compliant with current standards to give you the best and most secure browsing experience.