As content security and classification becomes a growing concern for many organisations, and with both GDPR and ADA requiring a new approach to how the enterprise collects, records and secures both data and information; now more than ever, businesses are raising concerns about data protection and cybersecurity.
In answer to these demands, Microsoft have enabled Azure Information Protection (AIP) within Office 365 (either as standard or as a bolt-on) to help organisations classify and protect documents and emails in the cloud.
How does Azure Information Protection work?
Azure Information Protection (AIP) is a cloud-based solution which classifies and protects documents and emails in both SharePoint and Outlook by applying labels. These labels allow an organisation to set limits on both the documents and user’s actions and can then be applied in a number of ways, such as:
- automatically via system administrators by defining the rules and conditions
- manually by users themselves, or
- a combination of both the automation process and manual user application
For example, with AIP you could easily choose which internal and external users can view, print, copy and send documents. These choices can either be applied automatically through SharePoint by the administration team, or by the user themselves in both SharePoint and Outlook.
AIP also allows you to revoke access to a document after granting permissions. This can be performed either manually, or on a set schedule. For instance, you may wish to only allow an external stakeholder access to a document during the lifetime of a project or a sales proposal.
It also offers Office 365 Message Encryption (OME) as an additional layer of security. This provides your users with the ability to encrypt emails, meaning that documents are not only classified with permissions via SharePoint, but are also encrypted when sent via Outlook email.
As with most of Microsoft's security models, AIP works by employing Identity-Driven Security. Regardless of whether a user is internal or external to your organisation, authentication is performed through the Azure Active Directory. An important advantage of this security approach is that, while information is easily kept away from prying eyes, the content items are still accessible by internal indexing and business intelligence services, such as Power BI. This helps to ensure that content is still discoverable and adds value to the business. This is a major step forward in practical information security compared to peer-to-peer encryption techniques.
Why does your organisation need Azure Information Protection?
If you’re working within a Microsoft Office 365 environment, Azure Information Protection provides you with a deeper understanding - as well as granular control of - where your content is being distributed and how it is being used. This level of visibility helps to:
- Prevent illicit modification, storage and distribution of business-critical data
- Remove the challenge of unauthorized users viewing sensitive content
- Gain greater control of information by monitoring which users are interacting with content and how they are doing so
- Meet regulatory data protection and compliance standards
How does Azure Information Protection help with GDPR and ADA compliance?
Speaking of granular control, this methodology is also a huge benefit when it comes to GDPR and ADA compliance. AIP allows your data protection team to be specific about why you are handling and storing data, the processes around data handling within your organisation, and how and when you will delete data if it is requested. Should you be unfortunate enough to suffer a data breach, GPDR states that this does not need to be reported to the Information Commissioner’s Office if you have implemented appropriate protective measures, such as encryption. AIP’s encryption not only meets but exceeds the recommendations set out by GDPR in this respect, as data encrypted by the solution is entirely useless without the correct encryption key.
How does this make Information Management easier?
Azure Information Protection allows you to gain greater control over the security and compliance of your business information via its robust protection via classification and encryption model without the need to ask users to complete complex security tasks during their working day. By automating the permissions process as a native action within SharePoint, AIP ensures that information is secured in a structured, predictable manner, automatically.
This frees up your users to create, store, interact with and distribute content easily, allowing a friction-less experience, instead of the distraction of laborious security chores. It also negates the impact that human error can have on security measures by automating the processes that are needed to achieve compliance.
This also enables collaboration to flourish both internally and with external stakeholders without worrying that content will be seen by unauthorised users. Moreover, it gives you the ability to limit the access to documents on a timed basis, thereby allowing for content to be distributed and collaborated on by external agencies, customers and partners without fear that it will be used further down the road without your knowledge or permission.
As we approach a content-centric age, it is important to ensure that information critical to your organisation’s success has the utmost security. With Azure Information Protection, this goal is now well within reach.