ActiveIdM analyzed the client’s environment to determine what labels were currently in use and determined that four new labels should be implemented public, restricted, confidential, and highly confidential.
Public is applied to data that the client has designated to be available to the public at large. Restricted is for data with reduced sensitivity and intended for internal and external business-related consumption. Confidential is applied to data which is proprietary, business-sensitive, or subject to regulatory protections, and is intended for authorized recipients only. Highly Confidential is the most sensitive data to be accessible only by authorized internal client personnel.
With labels defined, ActiveIdM created an Azure policy for the initial pilot deployment. The policy defined the default label, public, to be used for new content. Care was also taken to ensure that the general user community would not have access to Unified Labeling until an official program launch.
ActiveIdM also installed and configured Azure Information Protection Scanner to assist the client with discovery of sensitive data that is already present on the network. The AIP Scanner inspects any file that Windows can index and determines if labeling should be applied to the file and applies to local folders, network folders, SharePoint, etc.
This Microsoft Information Protection success story provided the client with ability to explore features of Microsoft Information Protection in a real world environment. The client also has the tools necessary to expand the users which are participating in the pilot evaluation.