In this article I will be covering some of the key benefits of Microsoft Information Protection. Microsoft Information Protection encompasses many different solutions but the benefits I will be reflecting on today focus in on labeling and document classification.
Discover Sensitive Data
It today’s current landscape, its extremely hard as an organization to say that it knows where all it’s data resides and that it is protected. The rise of remote work has only expanded the need to put more solutions in place to help govern data. Microsoft Information Protection provides a unified data governance solution that an organization of any size could adopt. One of the first key benefits I want to point out is the discovery of data. The discovery of data expands across not only Microsoft’s cloud but also on-premise and into 3rd party clouds as well. With the AIP scanner, you can scan existing file shares and data centers before even moving them into 365. The integration with Microsoft Cloud App Security allows you to extend your discovery into 3rd party document repositories like DropBox or Box and view all of this information in addition to Microsoft’s cloud in a unified portal.
Prevent Accidental Leakage
I touched on in an earlier blog the fact that in many cases, data exfiltration can come from human error and accidental leakage. Microsoft Information protection helps prevent against this type of threat by applying additional protections to resources classified with certain labels. Policies you create around these labels can get extremely granular and can be scoped to various users or groups within your organization. We saw in a previous example a document sent outside the organization that was protected by both encryption and access control rights which prevented the user from outside the org from seeing a highly confidential document
Lock Down Access Controls
Having proper access controls is important not only from users from outside your organization but also from internal groups. This only becomes more important as an organization is expanding. Instituting a more restrictive access control policy reduces your changes of data exfiltration to untrusted locations. Microsoft information protections allows you dictate which types of documents can be access by certain users within the organization and it also allows for flexibility on that level of access such as read only rights.
Finally, whether or not you have to follow strict compliance regulations like HIPAA or FINRA, I believe its important to have defined information systems in place with a baseline of controls that you follow as part of your overall data governance plan for your organization. Having a defined label taxonomy in which you use to classify documents is a great first step in becoming more organized. For firms that do follow HIPAA guidelines, having a type of solution like MIP in place is critical to protect PII and other sensitive information. Ultimately with MIP, you can have a documented process for how you discover, classify, and protect all data within your organization.