Organisations must protect their data at the source in a world where information travels beyond the boundary of the corporate network and potentially across many devices outside of company control.

These realities make it more critical than ever to have solutions that prevent data loss and track information at the file level regardless of where data resides or with whom it is shared. 

During June 2016, Microsoft Corporation had introduced Azure Information Protection, a new service that builds on both Microsoft Azure Rights Management (Azure RMS) and Secure Islands.

In this new approach, protecting employee identity is the foundation of how Microsoft on-premises products and cloud services help the customers secure and manage devices, apps and data. EMS is a great example of this, and Azure Information Protection is yet another example of this identity-driven approach to security.

During the press event held in Singapore this month, Eric Lam, director of Enterprise Cybersecurity Group, Microsoft Asia shared about the new features of Azure Information Protection as follows:

- Classify, label and protect data at the time of creation or modification. Use policies to classify and label data in intuitive ways based on the source, context and content of the data. Classification can be fully automatic, user-driven or based on a recommendation. Once data is classified and labeled, protection can be applied automatically on that basis.

- Persistent protection that travels with your data. Classification and protection information travels with the data. This ensures that data is protected at all times, regardless of where it is stored, with whom it is shared, or if the device is running iOS, Android or Windows.

- Enable safe sharing with customers and partners. Share data safely with users within your organization as well as with external customers and partners. Document owners can define who can access data and what they can do with it; for example, recipients can view and edit files, but they cannot print or forward.

- Simple, intuitive controls help users make the right decisions and stay productive. Data classification and protection controls are integrated into Office and common applications. These provide simple one-click options to secure data that users are working on. In-product notifications provide recommendations to help users make the right decisions.

- Visibility and control over shared data. Document owners can track activities on shared data and revoke access when necessary. IT can use logging and reporting to monitor, analyse and reason over shared data.

- Deployment and management flexibility. Protect data whether it is stored in the cloud or on-premises, and choose how your encryption keys are managed with Bring Your Own Key options.

Visit the company website and watch this video to learn more and to sign up to preview the service. Keep in touch with the engineering team leading these advances.

Current Azure RMS customers will continue to use the same capabilities with no change to their service until the general availability of Azure Information Protection later this calendar year, when they will begin to receive expanded capabilities.

More information on how to buy Azure Information Protection will be available closer to the general availability.