Capability | What problems does it solve? | Get started |
---|---|---|
Sensitive information types | Identifies sensitive data by using built-in or custom regular expressions or a function. Corroborative evidence includes keywords, confidence levels, and proximity. | Customize a built-in sensitive information type |
Trainable classifiers | Identifies sensitive data by using examples of the data you're interested in rather than identifying elements in the item (pattern matching). You can use built-in classifiers or train a classifier with your own content. | Get started with trainable classifiers |
Data classification | A graphical identification of items in your organization that have a sensitivity label, a retention label, or have been classified. You can also use this information to gain insights into the actions that your users are taking on these items. | Get started with content explorer Get started with activity explorer |
Capability | What problems does it solve? | Get started |
---|---|---|
Sensitivity labels | A single solution across apps, services, and devices to label and protect your data as it travels inside and outside your organization. Example scenarios: Manage sensitivity labels for Office apps Encrypt documents and emails Apply and view labels in Power BI For a comprehensive list of scenarios for sensitivity labels, see the Get started documentation. | Get started with sensitivity labels |
Azure Information Protection unified labeling client | For Windows computers, extends sensitivity labels for additional features and functionality that includes labeling and protecting all file types from File Explorer and PowerShell Example additional features: Custom configurations for the Azure Information Protection unified labeling client | Azure Information Protection unified labeling client administrator guide |
Double Key Encryption | Under all circumstances, only your organization can ever decrypt protected content or for regulatory requirements, you must hold encryption keys within a geographical boundary. | Deploy Double Key Encryption |
Office 365 Message Encryption (OME) | Encrypts email messages and attached documents that are sent to any user on any device, so only authorized recipients can read emailed information. Example scenario: Revoke email encrypted by Advanced Message Encryption | Set up new Message Encryption capabilities |
Service encryption with Customer Key | Protects against viewing of data by unauthorized systems or personnel, and complements BitLocker disk encryption in Microsoft datacenters. | Set up Customer Key for Office 365 |
SharePoint Information Rights Management (IRM) | Protects SharePoint lists and libraries so that when a user checks out a document, the downloaded file is protected so that only authorized people can view and use the file according to policies that you specify. | Set up Information Rights Management (IRM) in SharePoint admin center |
Rights Management connector | Protection-only for existing on-premises deployments that use Exchange or SharePoint Server, or file servers that run Windows Server and File Classification Infrastructure (FCI). | Steps to deploy the RMS connector |
Azure Information Protection unified labeling scanner | Discovers, labels, and protects sensitive information that resides in data stores that are on premises. | Configuring and installing the Azure Information Protection unified labeling scanner |
Microsoft Cloud App Security | Discovers, labels, and protects sensitive information that resides in data stores that are in the cloud. | Discover, classify, label, and protect regulated and sensitive data stored in the cloud |
Microsoft Information Protection SDK | Extends sensitivity labels to third-party apps and services. Example scenario: Set and get a sensitivity label (C++) | Microsoft Information Protection (MIP) SDK setup and configuration |
Capability | What problems does it solve? | Get started |
---|---|---|
Data loss prevention (DLP) | Helps prevent unintentional sharing of sensitive items. | Get started with the default DLP policy |
Learn about Endpoint data loss prevention | Extends DLP capabilities to items that are used and shared on Windows 10 computers. | Get started with Endpoint data loss prevention |
Learn about the Microsoft Compliance Extension (preview) | Extends DLP capabilities to the Chrome browser | Get started with the Microsoft Compliance Extension (preview) |
Learn about Microsoft 365 data loss prevention on-premises scanner (preview) | Extends DLP monitoring of file activities and protective actions for those files to on-premises file shares and SharePoint folders and document libraries. | Get started with Microsoft 365 data loss prevention on-premises scanner (preview) |
Protect sensitive information in Microsoft Teams chat and channel messages | Extends some DLP functionality to Teams chat and channel messages | Learn about the default data loss prevention policy in Microsoft Teams (preview) |