Import and enable Microsoft Information Protection labels

Next, to import enable Microsoft Information Protection labels, first ensure that the labeling system is installed on the network, and then do the following:

1. Log into the Data Security module of the Security Manager.
2. Go to Settings > General > Services and select the Decryption and File Labeling tab.
3. Click the Microsoft Information Protection link.
4. On the Microsoft Information Protection Properties page, in the Microsoft admin Credentials section, select Application credentials or System admin credentials from Credentials type drop-down.
5. If you select Application credentials, follow the instructions below:

   • Enter the following information for activating the MIP server decryption or import lables.
     • Tenant ID
     • Client ID
     • Client secret
   If you select System admin credentials, follow the instructions below:

   • Enter the following information for activating the MIP server decryption or import lables.
     • User name
     • Password
6. In the Import Labels section, click Import Labels button.
   Note: We recommend that you enter credentials for an administrator who has visibility to all Microsoft Information Protection labels used in the organization. User credentials are not stored on Forcepoint servers. You should also ensure that your web browser does not store this information.
7. Click OK to start the import process. Note that if the consent process was not completed, this step generates an error. Complete the consent process, and then try again.
8. When the importation is successfully completed, the time and date of the process and a list of imported labels appear in the Last import field.
9. Select the Apply file labels check box. You can now define DLP action plans that use Microsoft Information Protection file labels.

   When this box is unchecked, Microsoft Information Protection labels are used only for detection. Configuring Labels

10. Click OK to save the changes.