mirror of
https://github.com/MicrosoftDocs/windows-itpro-docs.git
synced 2025-06-21 21:33:38 +00:00
add auto labeling content
This commit is contained in:
Joey Caparas
@ -14,7 +14,6 @@ manager: dansimp
|
||||
audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: article
|
||||
ms.date: 12/05/2018
|
||||
---
|
||||
|
||||
# Configure information protection in Windows
|
||||
@ -32,7 +31,7 @@ Learn how you can use Windows Defender ATP to expand the coverage of Windows Inf
|
||||
- Your tenant needs to be onboarded to Azure Information Protection analytics, for more information see, [Configure a Log Analytics workspace for the reports](https://docs.microsoft.comazure/information-protection/reports-aip#configure-a-log-analytics-workspace-for-the-reports)
|
||||
|
||||
|
||||
## Configuration steps
|
||||
## Configure endpoint data loss prevention
|
||||
1. Define a WIP policy and assign it to the relevant devices. For more information, see [Protect your enterprise data using Windows Information Protection (WIP)](https://docs.microsoft.com/windows/security/information-protection/windows-information-protection/protect-enterprise-data-using-wip). If WIP is already configured on the relevant devices, skip this step.
|
||||
2. Define which labels need to get WIP protection in Office 365 Security and Compliance.
|
||||
|
||||
@ -50,5 +49,22 @@ After completing these steps Windows Defender ATP will automatically identify la
|
||||
>- The Windows Defender ATP configuration is pulled every 15 minutes. Allow up to 30 minutes for the new policy to take effect and ensure that the endpoint is online. Otherwise, it will not receive the policy.
|
||||
>- Data forwarded to Azure Information Protection is stored in the same location as your other Azure Information Protection data.
|
||||
|
||||
|
||||
## Configure auto labeling
|
||||
1. In Office 365 Security & Compliance, go to **Classifications > Labels**.
|
||||
|
||||
2. Create a new label or edit an existing one.
|
||||
|
||||
|
||||
3. Set a policy for Data classification:
|
||||
|
||||
1. Go through the label creation wizard.
|
||||
2. When you reach the Auto labeling page, turn on auto labeling toggle on.
|
||||
3. Add a new auto-labeling rule with the conditions that you require.
|
||||
4. Validate that <20>When content matches these conditions<6E> setting is set to <20>Automatically apply the label<65>.
|
||||
|
||||
|
||||
|
||||
|
||||
## Related topic
|
||||
- [Information protection in Windows overview](information-protection-in-windows-overview.md)
|
||||
@ -31,12 +31,13 @@ Windows Defender ATP is seamlessly integrated in Microsoft Threat Protection to
|
||||
> Read our blog post about how [Windows Defender ATP integrates with Microsoft Information Protection to discover, protect, and monitor sensitive data on Windows devices](https://cloudblogs.microsoft.com/microsoftsecure/2019/01/17/windows-defender-atp-integrates-with-microsoft-information-protection-to-discover-protect-and-monitor-sensitive-data-on-windows-devices/).
|
||||
|
||||
|
||||
Windows Defender ATP applies two methods to discover and protect data:
|
||||
Windows Defender ATP applies the following methods to discover, classify, and protect data:
|
||||
- **Data discovery** - Identify sensitive data on Windows devices at risk
|
||||
- **Data classification** - Automatically classify data based on common Microsoft Information Protection (MIP) policies managed in Office 365 Security & Compliance Center. Auto-classification allows you to protect sensitive data even if the end user hasn’t manually classified it.
|
||||
- **Data protection** - Windows Information Protection (WIP) as outcome of Azure Information Protection label
|
||||
|
||||
|
||||
## Data discovery
|
||||
## Data discovery and data classification
|
||||
Windows Defender ATP automatically discovers files with sensitivity labels and files that contain sensitive information types.
|
||||
|
||||
Sensitivity labels classify and help protect sensitive content.
|
||||
@ -51,7 +52,6 @@ Default sensitive information types include information such as bank account num
|
||||
Custom types are ones that you define and is designed to protect a different type of sensitive information (for example, employee IDs or project numbers). For more information see, [Create a custom sensitive information type](https://docs.microsoft.com/en-us/office365/securitycompliance/create-a-custom-sensitive-information-type).
|
||||
|
||||
|
||||
|
||||
When a file is created or edited on a Windows device, Windows Defender ATP scans the content to evaluate if it contains sensitive information.
|
||||
|
||||
Turn on the Azure Information Protection integration so that when a file that contains sensitive information is discovered by Windows Defender ATP though labels or information types, it is automatically forwarded to Azure Information Protection from the device.
|
||||
@ -96,10 +96,15 @@ InformationProtectionLogs_CL
|
||||
|
||||
|
||||
## Data protection
|
||||
For data to be protected, they must first be identified through labels. Sensitivity labels are created in Office Security and Compliance (SCC). Windows Defender ATP then uses the labels to identify endpoints that need Windows Information Protection (WIP) applied on them.
|
||||
|
||||
### Endpoint data loss prevention
|
||||
For data to be protected, they must first be identified through labels.
|
||||
|
||||
When you create sensitivity labels, you can set the information protection functionalities that will be applied on the file. The setting that applies to Windows Defender ATP is the Data loss prevention. You'll need to turn on the Data loss prevention and select Enable Windows end point protection (DLP for devices).
|
||||
Sensitivity labels are created in Office 365 Security & Compliance Center. Windows Defender ATP then uses the labels to identify endpoints that need Windows Information Protection (WIP) applied on them.
|
||||
|
||||
When you create sensitivity labels, you can set the information protection functionalities that will be applied on the file. The setting that applies to Windows Defender ATP is the Endpoint data loss prevention.
|
||||
|
||||
For the endpoint data loss prevention, you'll need to turn on the Endpoint Data loss prevention and select Enable Windows end point protection (DLP for devices).
|
||||
|
||||
|
||||
|
||||
@ -108,6 +113,17 @@ Once, the policy is set and published, Windows Defender ATP automatically enable
|
||||
|
||||
This functionality expands the coverage of WIP to protect files based on their label, regardless of their origin.
|
||||
|
||||
For more information, see [Configure information protection in Windows](information-protection-in-windows-config.md).
|
||||
|
||||
## Auto labeling
|
||||
|
||||
Auto labeling is another way to protect data and can also be configured in Office 365 Security & Compliance Center. When Windows Defender ATP scans the content of a file in a Windows device and finds that it contains sensitive information, it will automatically apply a label to it even if the user hasn't manually classified it.
|
||||
|
||||
> [!NOTE]
|
||||
> Auto-labeling is supported in Office apps only when the Azure Information Protection unified labeling client is installed. When sensitive content is detected in email or documents matching the conditions you choose, a label can automatically be applied or a message can be shown to users recommending they apply it themselves.
|
||||
|
||||
|
||||
|
||||
For more information, see [Configure information protection in Windows](information-protection-in-windows-config.md).
|
||||
|
||||
|
||||
|
||||
Reference in New Issue
Block a user