diff --git a/windows/security/information-protection/windows-information-protection/how-wip-works-with-mip-labels.md b/windows/security/information-protection/windows-information-protection/how-wip-works-with-mip-labels.md
index 1bba091ee4..2a448df493 100644
--- a/windows/security/information-protection/windows-information-protection/how-wip-works-with-mip-labels.md
+++ b/windows/security/information-protection/windows-information-protection/how-wip-works-with-mip-labels.md
@@ -12,7 +12,7 @@ ms.localizationpriority: medium
 ms.date: 08/27/2018
 ---
 
-# How Windows Information Protection works with Microsoft Information Protection labels
+# How Windows Information Protection works with other Microsoft Information Protection technologies 
 
 Microsoft Information Protection technologies work together as an integrated solution to help enterprises:
 
@@ -32,25 +32,45 @@ This topic explains how Windows Information Protection works with the other Micr
 - [Office 365 Information Protection](https://docs.microsoft.com/office365/securitycompliance/office-365-info-protection-for-gdpr-overview) is a solution to classify, protect, and monitor personal data in Office 365 and other Software-as-a-Service (SaaS) apps.
 
 
-## Default behaviors for a MIP label
+## Default behaviors for a label
 
-- When the label is configured with WIP=Work, the device enforces Work protection for documents with the MIP label
+Enterprises can create and manage labels on the **Labels** page in the Office 365 Security & Compliance Center. When you create a label, you can specify that endpoint protection should apply to content with that label. 
+
+- When the label is configured for content that includes business data, the device enforces work protection for documents with the label
 - When the label is *not configured* with any WIP policy, the device reverts to whatever WIP policy has been defined in Intune or System Center Configuration Manager (SCCM):
-  - If the document is downloaded from a work site, the device enforces Work protection
+  - If the document is downloaded from a work site, the device enforces work protection
   - If the document is downloaded from a personal site, no work protection is applied
 
+For more information about labels, see [Overview of labels](https://docs.microsoft.com/office365/securitycompliance/labels).
+
+## User downloads or creates a document from a work site
+
+If a lable is configured so that endpoint protection will apply to content with that label, then when a user downloads or creates a new document with that label, that document will be protected by WIP. 
+
 ![Sensitivity labels](images/sensitivity-labels.png)
 
-## User downloads any document from a work site
+<!-- Ask Brendan how a label is configured so that endpoint protection will apply it 
+-->
 
-## User downloads a Confidential Office or PDF document from a personal site (find out if this include PTXT)
+Windows Defender ATP scans for any file that gets modified or created. If the file has a label, then the corresponding WIP protection gets applied. That can happen when you download a file or create a new file. For example: 
+
+1. A user can create a file on a Mac device and label it as Condidential.
+2. Send it via Gmail to another user on a Windows 10 device.
+3. When the user opens the file on the Windows 10 device, WIP policy gets applied and the file is protected.
+
+The file does not need to have any other work context beyond the label. 
+
+## User downloads a confidential Office or PDF document from a personal site 
+
+<!-- does not include PTXT 
+-->
 
 ## Prerequisites
 
-- Windows Defender Advanced Threat Protection (WDATP)
+- Windows Defender Advanced Threat Protection (WDATP) scans content for a label and applies corresponding WIP protection
 - Windows 10 version 1809
-- Label configuration (via SCC in Office 365)
-- Windows Information Protection policy
+- Labels need to be configured in the Office 365 Security & Compliance Center
+- Windows Information Protection policy need to be applied to endpoint devices
 
 
 
diff --git a/windows/security/information-protection/windows-information-protection/images/sensitivity-labels.png b/windows/security/information-protection/windows-information-protection/images/sensitivity-labels.png
index 5a497b20ca..89a133bcbe 100644
Binary files a/windows/security/information-protection/windows-information-protection/images/sensitivity-labels.png and b/windows/security/information-protection/windows-information-protection/images/sensitivity-labels.png differ