»What’s the difference?

When talking with customers I’ve noticed they can confuse these two types of technology just by calling them both AIP. In conversations this can get confusing sometimes.

  1. Azure Identity Protection
  2. Azure Information Protection

But what’s the difference?

» Azure Identity Protection.

This is commonly known as Azure Active Directory Identity Protection as well. This technology is a key part of the identity driven security model offered by Microsoft. When a user signs into their 365 environment this technology will calculate the sign-in risk and evaluate the overall user risk for that user.

Risk levels can be either High, Medium or Low, sign-ins which would rise a users risk are events such as “signing in with unfamiliar properties” or “Atypical Travel”. Off the back of these sign-ins automated responses can be initiated such as requiring Multi Factor Authentication if the realtime risk deemed for this sign-in was High.

Reports and alerts of user risk and sign-in events can be found in the Azure portal.

https://portal.azure.com/#blade/Microsoft_AAD_IAM/IdentityProtectionMenuBlade/Overview

» Azure Information Protection.

Is a building block of Microsoft Information Protection. It is a cloud-based solutions that enables you to classify and protect documents, emails and data by applying different types of labels to them.

Labels can be applied in 3 different ways:

  1. Automatically by administrators using rules and conditions
  2. Manually by users
  3. By a combination where administrators define the recommendations shown to users

It is also possible to discover, classify and protect documents on On-Premises storage, like SharePoint Server sites. This can be done using the Azure Information Protection scanner. More information can be found here: https://docs.microsoft.com/en-us/azure/information-protection/deploy-aip-scanner

One thing to note is March 31, 2021 Azure information Protection labels in the Azure Portal are being deprecated. More information the MSDocs links below.

» Conclusion.

Hopefully this post has cleared up what the differences are between the two technologies. If you are interested in any of these technologies please speak with a partner about having a Security Workshop + Threat Check if you’re eligible. You will have a trial license applied to your environment which will have Azure Active Directory Identity Protection included and these technologies are explored a lot more and how they can work for best for you.

Find out more info here : https://www.microsoft.com/microsoft-365/partners/microsoft-365-accelerators#security-compliance-identity-workshops

https://techcommunity.microsoft.com/t5/azure-active-directory-identity/the-refreshed-azure-ad-identity-protection-is-now-generally/ba-p/1002916

https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/overview-identity-protection

https://docs.microsoft.com/en-us/azure/information-protection/what-is-information-protection

https://docs.microsoft.com/en-us/microsoft-365/compliance/sensitivity-labels?view=o365-worldwide#sensitivity-labels-and-azure-information-protection