For each capability, the following tables list the minimum Office version that you need to support sensitivity labels using built-in labeling. Or, if the label capability is in public preview or under review for a future release. Use the Microsoft roadmap for details about new capabilities that are planned for future releases.
New versions of Office apps are made available at different times for different update channels. The minimum version numbers can also be different from one update channel to the next. For more information, see Overview of update channels for Microsoft Apps and Update history for Microsoft Apps. New capabilities that are in private preview are not included in the table but you might be able to join these previews by nominating your organization for the Microsoft Information Protection private preview program.
Additional capabilities are available when you install the Azure Information Protection unified labeling client, which runs on Windows computers only.
For these details, see Compare the labeling clients for Windows computers. When you compare the minimum versions in the tables with the versions you have, remember the common practice of release versions to omit leading zeros.
For example, you have version 4. For easier comparison, read 4. Your version of 4. For Windows and the Semi-Annual Enterprise Channel, the minimum supported version numbers might not yet be released. Learn more. The Office built-in labeling client downloads sensitivity labels and sensitivity label policy settings from the Microsoft compliance center. To use the Office built-in labeling client, you must have one or more label policies published to users from the compliance center, and a supported version of Office.
If both of these conditions are met but you need to turn off the built-in labels in Office apps, use the following Group Policy setting:. Set Use the Sensitivity feature in Office to apply and view sensitivity labels to 0.
Deploy this setting by using Group Policy, or by using the Office cloud policy service. The setting takes effect when Office apps restart. If users have the Azure Information Protection client installed on their Windows computers, by default, built-in labels are turned off in Office apps that support them. Because built-in labels don't use an Office add-in, as used by the Azure Information Protection client, they have the benefit of more stability and better performance.
They also support the latest features, such as advanced classifiers. Rather than uninstalling the Azure Information Protection client, we recommend you prevent the Azure Information Protection add-in from loading in Office apps. Then, you get the benefits of built-in labeling in Office apps, and the benefits of the Azure Information Protection client labeling files outside Office apps.
For more information about the labeling features supported outside Office apps, see Sensitivity labels and Azure Information Protection. To prevent the Azure Information Protection client add-in loading in Office apps, use the Group Policy setting List of managed add-ins as documented in No Add-ins loaded due to group policy settings for Office and Office programs. For your Office apps that support built-in labeling, use the configuration for Microsoft Word , Excel , PowerPoint , and Outlook , specify the following programmatic identifiers ProgID for the Azure Information Protection client, and set the option to 0: The add-in is always disabled blocked.
If you use the Group Policy setting Use the Sensitivity feature in Office to apply and view sensitivity labels and set this to 1 , there are some situations where the Azure Information Protection client might still load in Office apps. Blocking the add-in from loading in each app prevents this happening.
This method is suitable for a single computer, and ad-hoc testing. For instructions, see View, manage, and install add-ins in Office programs. For detailed information about which features are supported by the Azure Information Protection client and the Office built-in labeling client, see Choose your Windows labeling solution from the Azure Information Protection documentation.
When a file type is not supported for built-in labeling, the Sensitivity button is not available in the Office app. For more information, see File types supported by the Azure Information Protection unified labeling client from that client's admin guide. Administrator-defined protection templates , such as those you define for Office Message Encryption, aren't visible in Office apps when you're using built-in labeling.
This simplified experience reflects that there's no need to select a protection template, because the same settings are included with sensitivity labels that have encryption enabled.
You can convert an existing template into a sensitivity label when you use the New-Label cmdlet with the EncryptionTemplateId parameter. Sensitivity labels that you configure to apply encryption remove the complexity from users to specify their own encryption settings.
In many Office apps, these individual encryption settings can still be manually configured by users by using Information Rights Management IRM options. For example, for Windows apps:.
When users initially label a document or email, they can override your label configuration settings with their own encryption settings. For example:. This user then manually configures the IRM settings to restrict access to a user outside your organization. As an exception, for Outlook on the web, the options from the Encrypt menu aren't available for a user to select when the currently selected label applies encryption.
A user applies the General label to a document, and this label isn't configured to apply encryption. This user then manually configures the IRM settings to restrict access to the document. The end result is a document that's labeled General but that also applies encryption so that some users can't open it as expected. If the document or email is already labeled, a user can do any of these actions if the content isn't already encrypted, or they have the usage right Export or Full Control.
For a more consistent label experience with meaningful reporting, provide appropriate labels and guidance for users to apply only labels to protect documents and emails.
To do so, select the message using the check box to the left of the message, or open the message. NOTE: You can remove multiple labels from a message at one time.
You can assign colors to your labels so you can easily spot them in your inbox. By default, all labels are colored with a light gray background and dark gray text.
To change the color on a label, move your mouse over the desired label. Click the down arrow to the right of the label to access its drop-down menu. To do this, open a label as we discussed earlier in this lesson, then drag the favicon of the page from the address bar to the Bookmarks toolbar.
Now, you can click this bookmark to access all your messages associated with this label. If you have a long list of labels in Gmail, you may want certain labels visible that you use more often while hiding the rest. The pre-set Gmail labels can also be hidden.
We will be referring to various parts of the Settings screen throughout this series. With the ability to hide labels and to automatically direct messages into those labels using filters see the next section , you may be wondering how to quickly tell if you have unread messages in the hidden labels.
You can easily choose to show hidden labels when there are any unread messages in them. This brings us to the end of Lesson 3. You should have a fairly firm understanding of how to keep your inbox organized using different tabs, styles, and settings. Then, to close things out, we introduce the star system, which helps you keep track of important emails. Browse All iPhone Articles Browse All Mac Articles Do I need one? Browse All Android Articles Browse All Smart Home Articles Customize the Taskbar in Windows Browse All Microsoft Office Articles What Is svchost.
Browse All Privacy and Security Articles Browse All Linux Articles Browse All Buying Guides. Best Portable Monitors. Best Gaming Keyboards. Best Drones. Subscribe to get the best Verge-approved tech deals of the week.
Cookie banner We use cookies and other tracking technologies to improve your browsing experience on our site, show personalized content and targeted ads, analyze site traffic, and understand where our audiences come from. By choosing I Accept , you consent to our use of cookies and other tracking technologies.
Cybersecurity Mobile Policy Privacy Scooters. Phones Laptops Headphones Cameras. Tablets Smartwatches Speakers Drones. Accessories Buying Guides How-tos Deals. Health Energy Environment. YouTube Instagram Adobe.
Kickstarter Tumblr Art Club. Film TV Games. Fortnite Game of Thrones Books. Comics Music. Filed under: Google How-to Tech. How to tame your Gmail inbox with labels.
Linkedin Reddit Pocket Flipboard Email. For example, apply a "Confidential" label to a document or email, and that label encrypts the content and applies a "Confidential" watermark. Content markings include headers and footers as well as watermarks, and encryption can also restrict what actions authorized people can take on the content. Protect content in Office apps across different platforms and devices. Protect content in third-party apps and services by using Microsoft Cloud App Security.
With Cloud App Security, you can detect, classify, label, and protect content in third-party apps and services, such as SalesForce, Box, or DropBox, even if the third-party app or service does not read or support sensitivity labels.
For example, set privacy settings, external user access and external sharing, and access from unmanaged devices. Extend sensitivity labels to Power BI : When you turn on this capability, you can apply and view labels in Power BI, and protect data when it's saved outside the service.
Extend sensitivity labels to assets in Azure Purview : When you turn on this capability, currently in preview, you can apply your sensitivity labels to assets such as SQL columns, files in Azure Blob Storage, and more.
Extend sensitivity labels to third-party apps and services. Using the Microsoft Information Protection SDK, third-party apps can read sensitivity labels and apply protection settings. Classify content without using any protection settings. You can also simply assign a label as a result of classifying the content. This provides users with a visual mapping of classification to your organization's label names, and can use the labels to generate usage reports and see activity data for your sensitive content.
Based on this information, you can always choose to apply protection settings later. In all these cases, sensitivity labels in Microsoft can help you take the right actions on the right content. With sensitivity labels, you can classify data across your organization, and enforce protection settings based on that classification. For more information about these and other scenarios that are supported by sensitivity labels, see Common scenarios for sensitivity labels.
New features are being developed all the time that support sensitivity labels, so you might also find it useful to reference the Microsoft roadmap. Specific to your organization and business needs, you can create categories for different levels of sensitive content in your organization.
Clear text. Because a label is stored in clear text in the metadata for files and emails, third-party apps and services can read it and then apply their own protective actions, if required. Because the label is stored in metadata for files and emails, the label roams with the content, no matter where it's saved or stored.
The unique label identification becomes the basis for applying and enforcing the policies that you configure. When viewed by users, a sensitivity label appears like a tag on apps that they use and can be easily integrated into their existing workflows. Each item that supports sensitivity labels can have a single sensitivity label applied to it. Documents and emails can have both a sensitivity label and a retention label applied to them.
After a sensitivity label is applied to an email or document, any configured protection settings for that label are enforced on the content. You can configure a sensitivity label to:. Encrypt emails and documents to prevent unauthorized people from accessing this data. You can additionally choose which users or group have permissions to perform which actions and for how long.
For example, you can choose to allow all users in your organization to modify a document while a specific group in another organization can only view it. Alternatively, instead of administrator-defined permissions, you can allow your users to assign permissions to the content when they apply the label. For more information about the Encryption settings when you create or edit a sensitivity label, see Restrict access to content by using encryption in sensitivity labels. Mark the content when you use Office apps, by adding watermarks, headers, or footers to email or documents that have the label applied.
Watermarks can be applied to documents but not email. Example header and watermark:. Need to check when content markings are applied? See When Office apps apply content marking and encryption. Some, but not all apps support dynamic markings by using variables. For example, insert the label name or document name into the header, footer, or watermark. For more information, see Dynamic markings with variables. String lengths: Watermarks are limited to characters. Headers and footers are limited to characters, except in Excel.
Excel has a total limit of characters for headers and footers but this limit includes characters that aren't visible, such as formatting codes.
0コメント