Industries
Industries Overview
Healthcare & Life Science
Manufacturing
Media & Entertainment
Public
Retail & Consumer Goods
Utilities
Consulting & Innovation
Consulting
Business Transformation
Technology Consulting
Process Consulting
Innovation
Generative AI
Sovereign AI
Metaverse
Consulting
Business Transformation
Business Transformation Consulting
Solutions & Products
Solutions
Sovereign IT
Business Process Management
Counterfeit Protection
Customer Experience
Data & Automation
Digital Workplace
Digital Commerce
Finance
SCM & Logistics
Products
Arvato Systems Alive
Order Management with aroma®
Digital Workplace with NAVOO®
Digitize logistics processes with platbricks®
Vulnerability Management with Varedy
Sustainability Management with green.screen
Further Products
Technologies
Amazon Web Services
Google Cloud
Microsoft
SAP
Further Partners
Solutions
Business Process Management
Process Modeling and Process Documentation
Process Mining
Process Automation
Governance, Risk & Compliance
Solutions
Counterfeit Protection
Serialization in the Consumer Goods Industry
Serialization in the Pharma Industry
Solutions
Customer Experience
API Management
App Development
Arvato Systems Alive
Customer Experience Consulting
Hyperpersonalization
Customer Loyalty
Content Management
Customer Relationship Management
Product Information Management
UX and UI Design
Solutions
Data & Automation
Data Fabric
Data Governance
Generative AI
Hyperautomation
DocuStream
Artificial Intelligence
Robotic Process Automation
Self-Service Business Intelligence
Solutions
Digital Workplace
Digital Meeting Management
Digital Workplace with NAVOO®
Guest User Manager
Microsoft 365
Microsoft 365 Backup Service
Microsoft 365 Data Protection
Microsoft Power Platform
Workplace Security
Solutions
SCM & Logistics
Warehouse Management
Transport Management
Production Planning
Digitize logistics processes with platbricks®
Artificial Intelligence in Logistics
Logistics 4.0
SCM & Logistics
Digitize logistics processes with platbricks®
Production Supply
Container Management
Warehouse Management System
Mobile Solutions
Analytics
Chatbots
Gamification
Healthcare Suite
Technologies
Amazon Web Services
Amazon Connect Contact Center
AWS Container Acceleration
AWS Cloud Migration
SAP on AWS
Technologies
Google Cloud
API Management with Apigee
Modern Data Warehouse Management with BigQuery
SAP on Google Cloud
Google Cloud Landing Zone
Technologies
Microsoft
Microsoft Azure
SAP on Azure
Microsoft 365
Microsoft Power Platform
Technologies
SAP
SAP Application Management Service
SAP Business Technology Platform
SAP Customer Experience
SAP IS-U
SAP License Management
SAP on Cloud
SAP RISE
SAP S/4HANA
End-2-End Process Monitoring
SAP BW/4HANA
SAP Datasphere
Infrastructure & Operations
Cloud & Data Center Services
Cloud Transformation
IT Outsourcing & Infrastructure Services
Multi & Hybrid Cloud
SAP on Cloud
Virtual Desktop Infrastructure
Workload Automation
Security Services
Cyber Care & CDC
Disaster Recovery
Vulnerability Management with Varedy
SAP Security
Managed Services
Cloud Foundation
Managed Workloads
Application Management
Cloud & Data Center Services
Cloud Transformation
Application Modernization on Cloud
Datacenter on Cloud
Data Management on Cloud
Enterprise Application Integration
Managed cloud IT with Avvia
Cloud & Data Center Services
IT Outsourcing & Infrastructure Services
SAP Hosting
Cloud & Data Center Services
Multi & Hybrid Cloud
Amazon Web Services
Google Cloud
Microsoft Azure
Virtual Private Cloud
About us & News
About Arvato Systems
Awards
Corporate Responsibility
Management
Memberships & Certifications
Partnerships
References
Locations
Press
Events
Contact
ArvatoSystems_Blog_MIP_AdobeStock_206546526

Microsoft Information Protection: Digital Security in All Its Facets

Secure your data and enhance your security with Microsoft Information Protection!

...
ArvatoSystems_Schneider_Karsten
Written by
Security and Governance: Microsoft Information Protection
01.02.2022
Cloud
Security
Digital Workplace
Microsoft 365

The topic of IT security was particularly prominent in 2021, as a large number of well-known companies and institutions were exposed to a series of hacker attacks. In addition to major international corporations such as Telekom AG or BioNTech, the German Bundestag was also the target of cyberattacks. In the process, the perpetrators used two opportunities at once to gain access to confidential information from members of parliament. Such situations are not isolated incidents: The last major attack in 2015 resulted in a significant data loss. As a result, Bundestag's IT had to be rebuilt with the aim of better protecting sensitive data and documents in the future.


Away from the prominent headlines, small and medium-sized companies can also fall victim to unauthorized access. Therefore, well-established security tools and governance measures are essential in times of home office and crowd working to ensure the maintenance of the modern working day. To ensure that you can continue to use digital benefits such as cloud computing, video chats, and intranets securely, Microsoft Information Protection offers you an established and constantly growing all-around solution for the protected collaboration of your teams. In this article, you will learn about the comprehensive applications, functionalities and benefits of Microsoft Information Protection.

What is Microsoft Information Protection?
Azure Information Protection
Unified Sensitivity Labeling
Microsoft Defender
Encryption
Rights Management

What Is Microsoft Information Protection?

Microsoft Information Protection (MIP)

is a portfolio consisting of different applications that serve to protect and classify your documents. The security factor of MIP focuses on monitoring your information to prevent unwanted publications or unauthorized access. Microsoft Information Protection also focuses on high transparency: you'll always know which users are editing and reusing your files. In this way, you can keep an eye on your files at all times and decide on the usage rights of employees and other partners as required.

To ensure that not all users have unrestricted access to sensitive data, Microsoft Information Protection provides comprehensive protection measures. Document classification lets you control who can see, share, or edit your content. In detail, all these functions are due to the following applications of the Microsoft Information Portfolio:

Microsoft Information Protection Funktionen | Arvato Systems


  1. Azure Information Protection
  2. Unified Sensitivity Labeling
  3. Microsoft Cloud App Security
  4. Office 365 Message Encryption, Double Key Encryption, and Service Encryption
  5. Information Rights Management and Rights Management Connector

Azure Information Protection for Greater Customization

Azure Information Protection (AIP) is a cloud-based application whose task is to recognize, classify and protect your company's internal documents. To do that, AIP adds functionality to Microsoft 365's existing labeling and classification capabilities. The Azure Information Protection offering includes the following tools:

AIP-Client

The AIP client sets the confidentiality of a document directly in your file explorer. The protection applies to various file types from your document repository - from text and image files to PDF documents, and this is how you secure your sensitive data.

AIP-Scanner

The local AIP scanner is primarily aimed at your company's administrators. Admins check SharePoint file repositories for sensitive content that needs protection and classification. In doing so, the tool lists the content in the associated Azure portal and provides a structured overview. With the AIP Scanner, you can find your sensitive data in no time and manage documents individually or in clusters.

Microsoft Information Protection SDK

Microsoft Information Protection SDK (Software Development Kit) is a collection of programming tools and program libraries. MIP SDK gives you the ability to specifically tailor third-party applications to Azure Information Protection confidentiality designations during their development. This allows you to classify and protect third-party solutions or in-house developed programs to the same extent as your Office applications.

With Unified Sensitivity Labeling to a Unified Environment

Over time, large amounts of data management often lead to divergent and confusing structures. To ensure long-term uniformity, Microsoft Information Protection provides Unified Labeling. You establish a uniform classification and encryption for documents from your Office applications Word, Excel, PowerPoint, and Outlook with the tool. These settings are also retained on other user interfaces and devices. This creates company-wide standards that noticeably simplify the daily handling of security and governance.

 
Unified Sensitivity Labeling is the successor to the now discontinued Azure Information Protection Labels tool. The main advantage of the update is that documents can now also be protected on Android and iOS devices. On top of that, Unified Sensitivity Labeling can also be used in the browser-based Office variant. The respective classification of a confidential file appears directly in the document. Authorized users' access and editing rights are also tied to this setting.

Microsoft Defender for Cloud Apps for New Challenges

Cloud services allow you a high degree of flexibility for your everyday work, as you can access relevant resources regardless of time, device, and location. To ensure that you can access your file repositories reliably and securely, comprehensive protection of the stored content is also necessary at this point. Microsoft Defender for Cloud Apps offers a flexible balance between support and access control.

 
Various functions are used here for your optimal cloud security. These include relatively gentle measures such as an automated log collection that documents access to a file store. But also an extensive reverse proxy is possible, which acts as an interface between your cloud and the freely accessible Internet

Encryption

In some application areas, particularly high security requirements apply, as internal company data is either subject to a high level of confidentiality or is shared with users outside your company via external communication channels. For these cases, Microsoft Information Protection offers the following tools:

Office 365 Message Encryption

The application is used to encrypt emails that contain confidential data. Besides Outlook, the service is also compatible with other mail providers, such as Yahoo or Gmail. If the tool detects a document that was previously classified as sensitive, a warning appears, which is why the mail can only be encrypted or, in some cases, not sent at all.

Double Key Encryption

The tool is reserved for the most sensitive data, so that access is possible only for you or through you. It generates two keys, the first of which resides with Microsoft Azure and the second with you. Since a document can only be decrypted by merging both keys, your approval is required under all circumstances.

Service Encryption

Furthermore, it is also possible to encrypt data without a connection to Microsoft services. To do this, they manage the respective root key within Azure Key Vault and can thus perform encryption via an additional hardware security module.

Rights Management

If, on the other hand, data is made accessible in external file repositories, then once again specialized protection measures are needed to prevent unauthorized access. Microsoft Information Protection provides the following tools for this purpose:

Information Rights Management

This service from the Microsoft Information Protection portfolio is used to protect documents that originate from SharePoint lists or libraries. Using the associated settings, you can define which access rights are available after a download. In this way, you can also classify documents ready for download accordingly.

Rights Management Connector

The Rights Management Connector enables the protection of file repositories within an on-premise solution that uses Microsoft Exchange Server, SharePoint Server or another file server based on Windows Server as its foundation. Using this tool, the security settings established in Information Rights Management can be applied to the on-premise system without having to set up an additional digital infrastructure first.

Service Encryption

Furthermore, it is also possible to encrypt data without a connection to Microsoft services. To do this, they manage the respective root key within Azure Key Vault and can thus perform encryption via an additional hardware security module.

Enterprise-Wide Data Protection With Microsoft Information Protection

For secure collaboration across your Modern Workplace, Microsoft Information Protection offers a comprehensive portfolio. With Microsoft Defender for Cloud Apps, you first support protection against unauthorized access, data leaks and data loss at various levels. With the associated Azure Information Protection tool, you also manage, classify and encrypt your content via numerous features - completely customized according to the respective confidentiality.
 
However, integrating this framework not only means more protection for your confidential content, but also more efficiency in your everyday work. The included functions automate many more of your processes. The product offering provides you with clear logs to simplify the review of file accesses retrospectively. At the same time, the unification of third-party applications allows fast and, above all, security-compliant access to other tools that are relevant to you. Moreover, with Microsoft Information Protection, you also comply with the legal guidelines of the EU's General Data Protection Regulation (DSGVO), which stipulates how stored personal data must be handled.

Digital Workplace

Our solutions with Microsoft Office 365 for the ideal workplace of the future.

Learn more
Managed Microsoft Security

Deploy Microsoft 365 Defender and Azure Defender effectively and manage them professionally.

Learn more

Written by

ArvatoSystems_Schneider_Karsten
Karsten Schneider
Expert for Microsoft 365
Subscribe to our newsletter
ImprintPrivacy PolicyGeneral Purchase ConditionsYour Career at Arvato SystemsContactChange Cookie-Settings
© 2024 Arvato Systems