Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cloud Security

Microsoft Announces Azure Information Protection Service

Microsoft to Solve Document Cloud Compliance and Visibility Issues With Azure Information Protection  

Microsoft to Solve Document Cloud Compliance and Visibility Issues With Azure Information Protection  

Microsoft is planning to preview a new addition to its Azure security portfolio in July. Named Microsoft Azure Information Protection it combines the Azure Rights Management System (RMS) with the data classification and labeling technology acquired with the purchase of Secure Islands in November 2015. The purpose is to provide greater clarity and control over the movement of documents in and through the cloud in the face of increasing geographically based privacy and data protection laws.

An increasingly mobile and global economy with different compliance requirements in different jurisdictions requires both greater control and increased user flexibility over that control. Microsoft is supplying this by integrating rights management (for control) with easier document labeling (Secure Islands). 

This will start at document creation. Policies can be established to help generate automatic suggestions to the author, or the author can set the level purely manually. Once the document has been labeled, that label and associated protection stays and travels with the document, whether it is internally or with and between external partners.

The level of protection can be set by the author/owner of the document. “Document owners can define who can access data and what they can do with it; for example, recipients can view and edit files, but they cannot print or forward,” states an associated blog post. It goes on to explain that “Data classification and protection controls are integrated into Office and common applications. These provide simple one-click options to secure data that users are working on.”

Through Information Protection, Microsoft will solve three major cloud problems in one go. Firstly it will go a long way to solving compliance issues. Secondly it will provide the missing visibility into the cloud that security teams need but often do not get. And thirdly it will protect against unseen and unknown data leakage of intellectual property. “Document owners can track activities on shared data and revoke access when necessary. IT can use logging and reporting to monitor, analyze and reason over shared data,” says the announcement.

How effective this will be remains to be seen. Data labeling is traditionally a huge problem for security teams. Left to their own devices, users often over-compensate and classify everything as ‘top secret’. Automatic suggestions from the system based on rules developed by IT and security could solve this — or they could add an additional level of complexity if the rules keep getting things wrong.

What isn’t yet clear is whether the arrival of Information Protection will replace the existing Azure RMS. Microsoft merely says that RMS will continue ‘as is’ until the general availability of Information Protection, “when they will begin to receive expanded capabilities.” It doesn’t say whether those expanded capabilities (presumably the automated document labeling features directly in Word) will come with additional cost.

Advertisement. Scroll to continue reading.
Written By

Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.

Artificial Intelligence

The CRYSTALS-Kyber public-key encryption and key encapsulation mechanism recommended by NIST for post-quantum cryptography has been broken using AI combined with side channel attacks.

CISO Conversations

SecurityWeek talks to Billy Spears, CISO at Teradata (a multi-cloud analytics provider), and Lea Kissner, CISO at cloud security firm Lacework.

Cloud Security

Cloud security researcher warns that stolen Microsoft signing key was more powerful and not limited to Outlook.com and Exchange Online.

CISO Strategy

Okta is blaming the recent hack of its support system on an employee who logged into a personal Google account on a company-managed laptop.

Compliance

The three primary drivers for cyber regulations are voter privacy, the economy, and national security – with the complication that the first is often...

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...