BT

Microsoft Launches Azure Information Protection for Documents

| by Irwin Williams Follow 0 Followers on Jul 11, 2016. Estimated reading time: 2 minutes |

Microsoft launched Azure Information Protection (AIP) in early June 2016. The service aims to enable easy classification of documents both for security and taxonomy.

With deep tie-ins to email clients, browsers and even mail servers, AIP ensures that shared documents only get to their destination if the recipients are allowed to read those documents at the level of classification they have.  AIP tracks the documents as they travel even outside of the perimeter of the organization’s network boundaries.

Microsoft purchased Israeli startup Secure Islands in November 2015. Secure Islands built technology focused on automatic data protection, classification and loss prevention across a range of file formats. Azure Information Protection is the progeny that emerged from that coupling. 

From within authoring programs such as Microsoft Word, users can classify a document with secret, personal, and other forms of access restriction.

Document categorization with Azure Information Protection

An EMC study estimated the cost of data loss to firms to be in the trillions, thus data loss prevention is a key concern. When a document is sent through AIP, it determines if the document should remain internal or be allowed to leave the organization. When AIP allows a document to leave the organization, it can arrange for notifications to be sent when recipients outside the organization interact with it.

Protection is available not just because of labelling but because of content, too. In this demo video featuring Dan Plastina, director of program management-security, typing a credit card number can trigger behavior to ensure the document is labeled properly or its access is limited. The analytics available at the level of the document take a page from web analytics, because of the level of granularity. Users can view not only information on when interaction took place, but where in the world the document is being used, and can revoke access immediately.

AIP is another key step for security in Microsoft’s continued evolution into the world of cloud and mobility. In February, Bret Arsenault, chief information security officer at Microsoft, outlined other solutions including Cloud App Security, Customer Lockbox and Azure Identity Protection. However, Hitachi Data Systems technology strategist, Greg Knieriemen stated AIP isn’t ready for the big leagues. Knieriemen compared the Hitachi Content Platform to Microsoft’s new service. He cited the need for more document management features and for support of formats not in the Microsoft Office suite, admitting however that his comments were based on demo videos. Secure Islands in an earlier video claimed to support many formats and enable automatic labelling and protection.

Other players in this area include Vera, Ionic Security (formerly Social Fortress) and BlueBox Security, who was recently acquired by Lookout. Vera distinguishes itself by allowing encryption of content across a diverse set of storage providers, including DropBox and Google Drive. Ionic continues to attract high profile investors, such as Amazon and Hayman Capital.  Ionic takes a holistic view of protecting business data by providing services that seek to protect credentials, track documents and enable developers to build secure solutions around document management.  BlueBox’s technology focused on mobility and securing the BYOD experience.

At the moment, Azure RMS is available for Office 365 enterprise users. In the Microsoft announcement, Plastina stated, “Current Azure RMS customers will continue to use the same capabilities with no change to their service until the general availability of Azure Information Protection later this calendar year, when they will begin to receive expanded capabilities.” Plastina promised more information on how to buy AIP will be available closer to general availability.

Rate this Article

Adoption Stage
Style

Hello stranger!

You need to Register an InfoQ account or or login to post comments. But there's so much more behind being registered.

Get the most out of the InfoQ experience.

Tell us what you think

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Email me replies to any of my messages in this thread

so AIP = RMS by Raymond Ha

so AIP is just the extension or rebadged version of RMS in the cloud....

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Email me replies to any of my messages in this thread

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Email me replies to any of my messages in this thread

1 Discuss
BT