Azure Information Protection Documentation Update for June 2019

The Documentation for Azure Information Protection been updated on the web and the latest content has a June 2019 (or later) date at the top of the article.


 


This month saw a new preview version of the Azure Information unified labeling client, with support for new features and functionality that brings it closer to the original Azure Information Protection client, that the sharp-eyed among you might have noticed we’re now referring to as the classic client. This new functionality for testing includes many of the advanced client settings, labels that support user-defined permissions, and support for a sublabel as your default label. 


 


We listen to your feedback and try to incorporate it whenever possible. Let me know if you have feedback about the technical documentation for Azure Information Protection. I also encourage you to head over to our Yammer site to see what others are discussing.


 


What’s new in the documentation for Azure Information Protection, June 2019


 


FAQ: Do you need to be a global admin to configure Azure Information Protection, or can I delegate to other administrators?


– Updated now that Azure Information Protection supports the new Compliance data administrator  role. Other articles that reference supported admin roles include this additional role.


 


Migrating from AD RMS: Migration phase 5 – post migration tasks


– Updated Step 12. Rekey your Azure Information Protection tenant key. This section used to recommend rekeying if your AD RMS deployment was using RMS Cryptographic Mode 1 and this recommendation has now been changed to a requirement, with the clear statement that a 1024-bit key and SHA-1 is considered an inadequate level of protection.


 


How to migrate Azure Information Protection labels to Office 365 sensitivity labels


– Updated to reflect changes for the new preview version of the unified labeling client and introduce a new section for copying policies that is gradually rolling out to tenants. The Copy policies option becomes available after your label migration is complete and supports a copy (not synchronization) of your policies and policy settings to the labeling management portal you use (Office 365 Security & Compliance Center, Microsoft 365 security center, or Microsoft 365 compliance center). If you don’t yet see this option, you can still read more about this new functionality: Copy your policies and policy settings


 


The client side of Azure Information Protection


– Updates throughout to include changes for this month’s new preview version of the unified labeling client, as documented in the version history. In addition, no support for content matches is added as a new current  limitation for the unified labeling client and analytics. There are no changes to the section  Features not planned to be in the Azure Information Protection unified labeling client.


 


Azure Information Protection unified labeling client – Version release history and support policy
– New section for this month’s preview release: Versions later than 2.0.779.0


 


Admin Guide: Custom configurations for the Azure Information Protection unified labeling client


– Updated throughout for information about configuring advanced settings by the using Office 365 Security & Compliance Center PowerShell, with new sections for each scenario that the settings support. Even if you’re not familiar with using PowerShell, the examples for each advanced setting should get you up and running with this new configuration method.


 


Admin Guide: Using PowerShell with the Azure Information Protection unified client


– New section added now that the preview client supports non-interactive sessions and a new parameter, OnBeHalfOf: How to label files non-interactively for Azure Information Protection


 


Azure Information Protection client: Version release history and support policy


– The Servicing information and timelines section is updated for a list of general availability versions that are no longer supported with their respective release dates. This information was added to help you identify old versions of the client that might still be in use that do not support TLS 1.2 and will therefore no longer download the Azure Information Protection policy.


 


Admin Guide: Custom configurations for the Azure Information Protection client


– New section to help you fine-tune the operation of the scanner for large files: Change the timeout settings for the scanner


 


PowerShell module: AzureInformationProtection


– Updates for the new preview version of the unified labeling client:



  • New-AIPCustomPermissions: New cmdlet to replace New-RMSProtectionLicense to create an ad-hoc policy for custom permissions

  • Set-AIPFileLabel: New parameters, CustomPermissions (replaces Protect-RMFile) and RemoveProtection (to replace Unprotect-RMSFile, except that container files aren’t currently supported)

  • Set-AIPFileClassification: New parameter, OnBeHalfOf, to be used instead of the Token parameter.

  • Set-AIPFileClassification: New parameters, WhatIf and DiscoveryInfoTypes so that this cmdlet can be run in discovery mode without applying labels.

Leave a Reply

Your email address will not be published. Required fields are marked *

*

This site uses Akismet to reduce spam. Learn how your comment data is processed.