Microsoft has announced the launch of its new Azure data protection service, leveraging its existing Azure Rights Management (RMS) solution and the recent acquisition of Israeli security firm Secure Islands.
Azure Information Protection, which is to be released next month for public preview, combines data classification technologies from Secure Islands and labelling systems from RMS.
‘Organizations must protect their data at the source in a world where information travels beyond the boundary of the corporate network and potentially across many devices outside of company control,’ Microsoft commented in today’s statement. ‘These realities make it more critical than ever to have solutions that prevent data loss and track information at the file level regardless of where data resides or with whom it is shared.’
The tech giant detailed that one of the new service’s key capabilities will be the ability to classify data based on its source, content and context. This tagging can either be fully automated, user-driven or based on a recommendation. Once the data has been classified, different protection levels can then be applied automatically.
The company explained that these classifications and respective protections travel with the data, ensuring that the data is protected at all times, no matter where it is stored, or who it is shared with.
The new tool also allows owners to pick and choose who can access the data and exactly what they can do with it. Microsoft suggested that some recipients could view and edit files, for example, but could be blocked from printing or forwarding them. Owners are also able to track these activities and can revoke permissions at any point.
Microsoft added that the solution would be integrated into Office and other familiar applications so that users can apply protection without complication. In-product alerts will also flag users to the protection options.
While many of these features are similar to what is already provided in RMS tools, the new Information Protection classification tool is not solely end-user driven or based on IT policy as in the case of RMS, and is able to look at the actual contents of a file.