Microsoft Azure Information Protection, or AIP, is a new service that serves Microsoft’s goal to continue to innovate and further expand their already comprehensive information protection capabilities. The new approach delivers data protection, as well as inovative and intelligent new detection capabilities for security teams,while retaining great productivity experiences for people at work.
Unlike a traditional password-protected document, where knowing the password is sufficient to give permanent access to the file, the online authentication used by RMS means that access can be controlled on a more continuous basis. Accounts showing suspicious behavior such as impossible travel (where logins are made from different places around the world faster than one could travel between those places) can be locked out, blocking access to protected data.
According to Microsoft, AIP will deliver these key capabilities:
- Classified, labeled and protected data at the time of creation or modification
- Persistent protection will travel with data
- Safe sharing with customers and partners
- Simple, intuitive controls that will help users make the right decisions and stay productive
- Deployment and management flexibility
The classification and protection will also travel with the data as it moves to mobile devices.
While Microsoft is not alone in offering cloud-based rights management, it is arguable that it’s particularly well-positioned in this area. Companies using Office 365 already have Azure AD identities, so a large part of the setup that might otherwise be required is taken care of.