Azure Information Protection

  • Author: Ronald Fung

  • Creation Date: 25 May 2023

  • Next Modified Date: 25 May 2024

A. Introduction

Azure Information Protection (AIP) is a cloud-based solution that enables organizations to discover, classify, and protect documents and emails by applying labels to content.

Azure Information Protection (AIP) is part of Microsoft Purview Information Protection (formerly Microsoft Information Protection or MIP). Microsoft Purview Information Protection helps you discover, classify, protect, and govern sensitive information wherever it lives or travels.

AIP extends the labeling and classification functionality provided by Microsoft Purview with the following capabilities:

AIP also provides the encryption service, Azure Rights Management, that’s used by Microsoft Purview Information Protection.

For a comprehensive list of capabilities from Microsoft Purview Information Protection, see Protect your sensitive data with Microsoft Purview.

B. How is it used at Seagen

As a biopharma research company, Seagen can use Azure Information Protection (AIP) to protect sensitive data such as intellectual property, clinical trial data, and patient information. AIP provides a set of tools and services that enable organizations to classify, label, and protect their data.

Here are some ways Seagen could use Azure Information Protection:

  1. Classifying and labeling data: Seagen can use AIP to classify and label data based on its sensitivity level. This enables Seagen to identify and protect sensitive data such as patient information and intellectual property.

  2. Encrypting data: AIP enables Seagen to encrypt sensitive data at rest and in transit. This ensures that only authorized users can access the data.

  3. Controlling access to data: AIP provides granular access controls that enable Seagen to control who can access sensitive data. This ensures that only authorized users can view, edit, or share sensitive data.

  4. Monitoring data usage: AIP provides logging and monitoring capabilities that enable Seagen to track who is accessing sensitive data and how it is being used. This enables Seagen to detect and respond to any unauthorized access or data breaches.

  5. Compliance: AIP helps Seagen comply with regulatory requirements such as HIPAA and GDPR by providing tools and services that enable Seagen to protect sensitive data and maintain data privacy.

Overall, Seagen can use Azure Information Protection to protect sensitive data and maintain data privacy. This enables Seagen to meet regulatory requirements, reduce the risk of data breaches, and protect its intellectual property.

C. Features

Azure Information Protection (AIP) is a cloud-based solution that provides a set of tools and services to help organizations classify, label, and protect their sensitive data. Some of the key features of AIP are:

  1. Classification and labeling: AIP enables organizations to classify and label their data based on its sensitivity level. This helps organizations identify and protect sensitive data such as personal information, financial data, and intellectual property.

  2. Encryption: AIP provides encryption capabilities that enable organizations to protect their data at rest and in transit. This ensures that only authorized users can access the data.

  3. Granular access controls: AIP provides granular access controls that enable organizations to control who can access their sensitive data. This ensures that only authorized users can view, edit, or share sensitive data.

  4. Monitoring and logging: AIP provides logging and monitoring capabilities that enable organizations to track who is accessing their sensitive data and how it is being used. This enables organizations to detect and respond to any unauthorized access or data breaches.

  5. Integration with Microsoft Office: AIP integrates with Microsoft Office applications such as Word, Excel, PowerPoint, and Outlook. This enables users to classify and label their data directly from within these applications.

  6. Compliance: AIP helps organizations comply with regulatory requirements such as HIPAA and GDPR by providing tools and services that enable them to protect their sensitive data and maintain data privacy.

Overall, Azure Information Protection provides a comprehensive set of tools and services that enable organizations to classify, label, and protect their sensitive data. This helps organizations meet regulatory requirements, reduce the risk of data breaches, and protect their intellectual property.

D. Where Implemented

LeanIX

E. How it is tested

Testing Azure Information Protection involves several steps that include:

  1. Setting up the testing environment: The first step is to create a testing environment that is separate from the production environment. This ensures that any issues or bugs discovered during testing do not affect the live system.

  2. Creating test cases: The next step is to create test cases that cover all the functionalities of Azure Information Protection. Test cases should include positive and negative scenarios, edge cases, and stress tests.

  3. Running tests: Once the test cases are created, the next step is to run the tests. This involves executing the test cases and recording the results.

  4. Debugging and fixing issues: If any issues or bugs are discovered during testing, they must be debugged and fixed before proceeding with further testing.

  5. Repeat testing: After fixing the issues, the tests must be run again to ensure that the fixes have been successful and there are no further issues.

  6. Integration testing: Once Azure Information Protection has been tested, it must be integrated with other systems and applications to ensure that it works seamlessly with other components.

  7. User acceptance testing: Finally, Azure Information Protection must undergo user acceptance testing to ensure that it meets the requirements of the end-users.

Overall, testing Azure Information Protection involves a comprehensive testing approach that covers all the functionalities of the solution and ensures that it meets the requirements of the end-users.

F. 2023 Roadmap

????

G. 2024 Roadmap

????

H. Known Issues

Like all software products, Azure Information Protection (AIP) may have some known issues. Here are some of the known issues for Azure Information Protection:

  1. Compatibility issues: AIP may have compatibility issues with some third-party applications and systems. This can impact the performance of AIP and the overall user experience.

  2. Configuration issues: Configuring AIP correctly can be complex, and there may be issues related to configuration that impact the functionality of the solution.

  3. User adoption: User adoption can be a challenge for AIP, especially if users are not aware of how to use the solution or are resistant to change.

  4. Performance issues: AIP relies on cloud-based infrastructure, which may cause latency issues when retrieving data from various sources. This can impact the performance of AIP and the overall user experience.

  5. Documentation: Some users have reported that the documentation for AIP can be confusing or incomplete. This requires users to spend additional time understanding the solution and its functionality.

Overall, while Azure Information Protection is a powerful solution for protecting sensitive data, users must be aware of these known issues and take steps to mitigate their impact. This may include addressing configuration issues, providing adequate training to users, and ensuring that AIP is compatible with other systems and applications.

[x] Reviewed by Enterprise Architecture

[x] Reviewed by Application Development

[x] Reviewed by Data Architecture