Forum Discussion
Azure Information Protection retroactive protection - AIP
Hello all, I need a clarification for a use scenario of AIP. hypothesis, using a label called"highly confidential" that at the end of the implementation will protect documents with the pro...
From my understanding you would need AIP plan 2. This includes the scanner which is installed on a local server or run in Azure. Please see the quote below from the Microsoft docs page. I’ll include the full link as well.
“In addition, all files are inspected when the scanner downloads an Azure Information Protection policy that has new or changed conditions. The scanner refreshes the policy every hour, and when the service starts and the policy is older than one hour.”
https://docs.microsoft.com/en-us/azure/information-protection/infoprotect-quick-start-tutorial
“In addition, all files are inspected when the scanner downloads an Azure Information Protection policy that has new or changed conditions. The scanner refreshes the policy every hour, and when the service starts and the policy is older than one hour.”
https://docs.microsoft.com/en-us/azure/information-protection/infoprotect-quick-start-tutorial
Hi Bryan Haslip thanks for answering but my question si more complexed than that.
Imagine that few files that have a label were sent to external recipients or cloud spaces.
I want that the files start to be protected because of business reasons, i change the label that i know is the same of the document in the case.
I can be sure that all the document with that label will be protected. obviously also out from my systems where i can use tha aip scanner eventually (is not in the case btw) ?
The purpose is to protect documenta also (and especially i think) out from the home environment
I think I understand now. From my experience once the document has left your environment and control the only option you have is to revoke access to the document. I have not been able to apply the updated policy on a document that say I sent via email. I certainly can revoke access and send the updated document with the updated policy. Hopefully that gives you the information you are looking for.
