Microsoft today announced Azure Information Protection. The service does exactly what it says; it protects your information in the cloud.
The new service will build on top of Azure Rights Management (RMS) and the "industry-leading data classification and labeling technology" that Microsoft got its hands on when it acquired Secure Islands last year.
Classification can be done automatically or manually. After this is done, "a persistent label is embedded in the data and actions such as visual marking and encryption can be taken based on the classification and label."
After classification and labeling, the next step is protection. This is done by encrypting data and only allowing authorized users access to it, regardless of where it's stored, where the user is, and who it was shared with.
Finally, there is tracking and reporting. Users will be able to track who accesses files and revoke access, if need be.
Here is an overview of the capabilities of Azure Information Protection:
Classify, label and protect data at the time of creation or modification. Use policies to classify and label data in intuitive ways based on the source, context and content of the data. Classification can be fully automatic, user-driven or based on a recommendation. Once data is classified and labeled, protection can be applied automatically on that basis.
Persistent protection that travels with your data. Classification and protection information travels with the data. This ensures that data is protected at all times, regardless of where it is stored, with whom it is shared, or if the device is running iOS, Android or Windows.
Enable safe sharing with customers and partners. Share data safely with users within your organization as well as with external customers and partners. Document owners can define who can access data and what they can do with it; for example, recipients can view and edit files, but they cannot print or forward.
Simple, intuitive controls help users make the right decisions and stay productive. Data classification and protection controls are integrated into Office and common applications. These provide simple one-click options to secure data that users are working on. In-product notifications provide recommendations to help users make the right decisions.
Visibility and control over shared data. Document owners can track activities on shared data and revoke access when necessary. IT can use logging and reporting to monitor, analyze and reason over shared data.
Deployment and management flexibility. Protect data whether it is stored in the cloud or on-premises, and choose how your encryption keys are managed with Bring Your Own Key options.
You can sign up for a preview of the service right here. If you're not interested in a preview, current Azure RMS users will start seeing the increase in functionality when the service reaches general availability.
You can visit the Azure Information Protection website for more information, and download a fact sheet.