Today, Microsoft announced Azure Information Protection (AIP), a cloud based service which builds on the existing Azure RMS system and on the technology of recently acquired Secure Islands.
“Organizations must protect their data at the source in a world where information travels beyond the boundary of the corporate network and potentially across many devices outside of company control. These realities make it more critical than ever to have solutions that prevent data loss and track information at the file level regardless of where data resides or with whom it is shared,” Microsoft wrote in a blog post.
The new service will allow customers to manually or automatically classify data based on source and content. Once data is classified and labeled, protection can be applied automatically on that basis. Azure’s protection will work across cloud and on-premise storage and travels with the data to ensure that the data is never unprotected.
AIP has native support for Office documents, along with PDFs and reports generated by SAP. This support allows watermarks to be automatically added to protected Word documents to indicate their protection. Other data can also be protected by putting it inside an encrypted wrapper. The combination of encrypted data and cloud authentication means that the protection is applied wherever a file is accessed from.
With the increase of mobile devices and cloud services being used in the workplace, Microsoft looks to use an “identity-driven” approach to data security. With this approach, AIP and RMS users must authenticate their identity no matter where the’re protecting data from.
The AIP announcement comes shortly after introducing its Cloud App Security Service based on technology from its Adallom acquisition. Next month, Microsoft plans to present a public preview of the service, and expects it to become available by the end of the year.