Security in the cloud, and how functionality in AAD and AIP can help us. (link to Norwegian blog post)

-

I usually do all of my content in English and won't make a habit of this, but I have added this for those of you who understands Norwegian. Here is a link to my new blog post about security in the cloud: Sikkerhet i skyen og hvordan funksjonalitet i AAD og AIP kan hjelpe oss. 

In the article we look at functionality found in Azure Active Directory (AAD) and Azure Information Protection (AIP), how we can implement powerful security solutions that minimize the attack surface, highlight security risks, give us an overview of - and allow us to secure the information in your organization and more.

We also go through how Sensitive data can be tracked, sharing can be stopped and if anyone has received or obtained the information by mistake or other means, then there is functionality in AIP that allows you to call back this access and ensure that the information can never be read again.


      The basic functionality of AAD and AIP is also useful, but in this article we will concentrate on what is in the license packages above. The licensing models for Microsoft can make anyone dizzy at times, but what many of us describes as Azure Active Directory P2 and Azure Information Protection P2 can be purchased as standalone products, but are also included in other packages, such as Microsoft 365 E3 / E5. For those with an interest in licenses, we can mention that AIP P2 functionality can be obtained through packages such as: 

  • Azure Information Protection P2
  • Microsoft Enterprise Mobility + Security E5
  • The Information and Compliance License, recently announced by Microsoft

    And, more recently, the Office 365 E5 license has also received "AIP functionality" that can be used to secure information in Office 365.

Comments

Post a Comment

Popular posts from this blog

Do not Forward and the protection of attachments

-
Image
Maybe I am the only one who has misunderstood this, but if not, this may be useful for you. I've been wrong about this for a while, and since it is not a feature we have used, I didn't really look into it until today. I always thought that using Do not Forward in a label would make sure attachments where given the same DNF rights.  Unfortunately I was shown the error of my ways by one of my customers today, when I answered (with some confidence) that, yes: Attachments get the same protection. He then replied that he was able to do all kinds of things with the attachment, and I started to look into it more closely. Microsoft has many great articles about protecting information, and this article is no exception. I guess you just have to read it carefully. They say:  “When the Do Not Forward option is applied to an email, the email is encrypted and recipients must be authenticated. Then, the recipients cannot forward it, print it, or copy from it . For example, in the Outlook cli
Read more

Using Do not Forward or Encrypt Only as the results of a Sensitivity Label

-
Image
Do not Forward and Encrypt Only can be found in Outlook by default for all who uses Office 365 E3 or equivalent/higher. And as many know, they can also be used in a Sensitivity label. But what are the consequenses of using these, instead of creating our own encryption settings within the label? This is what we will be looking at today.  As many know, we can use these two in Outlook, as long as we have the proper license. They are well hidden away under Options, and can look a little like this:    EO and DNF in Outlook.  I've covered these in earlier blogposts , but lets just quickly go through them again here: " Encrypt/Encrypt-Only " option makes sure the email is encrypted and recipients must be authenticated, but then they have all usage rights except Save As, Export and Full Control (Basically means no restriction except that they cannot remove the protection). When the Do Not Forward option is applied to an email, the email is encrypted and recipients must be au
Read more