In today’s post I will write about Microsoft Purview and especially about one particular part – Information protection and sensitivity labels. I will clarify a specific configuration when deploying your sensitivity labels.
As you know Microsoft Purview combines solutions and services together into a unified platform , as visualized below . My focus is on Protect Your Data:
What Are Sensitivity Labels?
Sensitivity labels are used to classify and protect your organization’s data. They help ensure that sensitive information is handled appropriately, whether it’s stored in documents, emails, or other types of content. Sensitivity labels can apply various protection settings, such as encryption, content markings (e.g., watermarks, headers, footers), and access restrictions.
Let’s get to the point 🙂
Recently I have participated in a tech event here in Belgium and had an interesting discussion about configuring sensitivity labels.
There are some new settings that are important and must be understood correctly by the M365 administrators configuring them.
In the screenshot above you can see the Access Control option – Assign permissions.
The two sometimes confusing options are:
- Add all users and groups in your organization – all authenticated users to your Tenant(all tenant members) , let’s say all users authenticated with [email protected]. This option excludes Guest users!
- Add any authenticated user, which is different and gives access to your data to anyone that:
- Has an email account that’s authenticated by Microsoft Entra ID or a federated social provider.
- Is authenticated by a Microsoft account.
- Uses a one-time passcode for email only
For more information , check out this article:
Apply encryption using sensitivity labels | Microsoft Learn
If you have any questions or just want discuss the topic further, please reach out to me!
Have a great day 🙂