Consuming AIP (Azure Information Protection) protected documents by different recipients

Document protection is an important aspect in data protection and security, which emphasises and empowers the users to control sensitive content to be shared across the enterprises.

With the new enforcements of Global Data Protection Regulation (GDPR) and other regulations in different regions, it is mandatory to have the control and visibility of the sensitive information across the boundaries and to be data compliant. Information Rights Management service enables the enterprises with rich tool sets and functionalities to be compliant with different data protection regulations and laws. Azure Information Protection, which is a SaaS offering from Microsoft will give rich functionalities and tool sets to achieve the goals of data protection.

With Azure Information Protection, we can enable email and document protection with customized controls to restrict the functionalities and capabilities of the recipient. For details on AIP protected email consumption by different recipients, please refer my previous blog

When we consider any rights management service, as the protection carries along with the file, it is essential to educate and create adoption plan for different recipients. This will help them to consume the protected documents seamlessly across different platforms

Given below are the list of some scenarios considered for consuming rights management protected document with AIP

Scenario-1:Office 365 to O365

In this scenario, the sender and recipient, both are hosted in Office 365, let us see the the consumption workflow

Outlook: Seamless with MS Office documents. for other formats like pdf, which is not natively supported, Azure Information Protection client has to be installed.

AIP client can be installed from here

Outlook Web Access: As encrypted documents cannot be consumed with browser based apps, it will prompt to download the document.

Mobile: Seamless with MS office documents. For other formats, AIP mobile client is to be installed. AIP mobile client can be installed from android play store or Apple Appstore.

Scenario-2: External Domains: Yahoo/Gmail

When Gmail or Yahoo mail is accessed using a browser, it will prompt to download the encrypted document to local machine. This protected document can be consumed when AIP agent is installed.

When Yahoo/Gmail is configured in mobiles, the protected documents can be consumed seamlessly with MS Office apps. For other formats, AIP mobile client has to be installed, which can be downloaded from Play store (Android) /Appstore (iOS)

Scenario-3: On-premise Exchange: Seamless when AIP client is installed.

when the recipient is an on-premise Exchange user, he/she has to install AIP client to consume the encrypted document.

AIP client can be downloaded from here.

Outlook Web Access: As encrypted documents cannot be consumed with browser based apps, it will prompt to download the document.

Scenario-4: Sharepoint online– Seamless for MS Office files

When the protected document is uploaded to Sharepoint, authorized recipients can access the MS office documents seamlessly using Sharepoint online portal as it integrated with AIP service.

For other formats like pdf, the recipients have to download the file to local machine and consume it with AIP client.

Scenario-5: OneDrive for Business – Seamless with MS Office files

When the protected document is uploaded to OneDrive for Business, authorized recipients can access the MS Office files seamlessly as OneDrive for Business integrated with AIP service.

For other file formats like pdf, the recipient has to download the document to local machine and consume it with AIP client.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s