AIP or AIP? Which do you mean? Microsoft Information Protection.
»What’s the difference?⌗
When talking with customers I’ve noticed they can confuse these two types of technology just by calling them both AIP. In conversations this can get confusing sometimes.
- Azure Identity Protection
- Azure Information Protection
But what’s the difference?
» Azure Identity Protection.⌗
This is commonly known as Azure Active Directory Identity Protection as well. This technology is a key part of the identity driven security model offered by Microsoft. When a user signs into their 365 environment this technology will calculate the sign-in risk and evaluate the overall user risk for that user.
Risk levels can be either High, Medium or Low, sign-ins which would rise a users risk are events such as “signing in with unfamiliar properties” or “Atypical Travel”. Off the back of these sign-ins automated responses can be initiated such as requiring Multi Factor Authentication if the realtime risk deemed for this sign-in was High.
Reports and alerts of user risk and sign-in events can be found in the Azure portal.
https://portal.azure.com/#blade/Microsoft_AAD_IAM/IdentityProtectionMenuBlade/Overview
» Azure Information Protection.⌗
Is a building block of Microsoft Information Protection. It is a cloud-based solutions that enables you to classify and protect documents, emails and data by applying different types of labels to them.
Labels can be applied in 3 different ways:
- Automatically by administrators using rules and conditions
- Manually by users
- By a combination where administrators define the recommendations shown to users
It is also possible to discover, classify and protect documents on On-Premises storage, like SharePoint Server sites. This can be done using the Azure Information Protection scanner. More information can be found here: https://docs.microsoft.com/en-us/azure/information-protection/deploy-aip-scanner
One thing to note is March 31, 2021 Azure information Protection labels in the Azure Portal are being deprecated. More information the MSDocs links below.
» Conclusion.⌗
Hopefully this post has cleared up what the differences are between the two technologies. If you are interested in any of these technologies please speak with a partner about having a Security Workshop + Threat Check if you’re eligible. You will have a trial license applied to your environment which will have Azure Active Directory Identity Protection included and these technologies are explored a lot more and how they can work for best for you.
Find out more info here : https://www.microsoft.com/microsoft-365/partners/microsoft-365-accelerators#security-compliance-identity-workshops
» MSDocs Links.⌗
https://docs.microsoft.com/en-us/azure/information-protection/what-is-information-protection
» Comments.⌗
{{ template “_internal/disqus.html” . }}