Configuring Label Import

This section provides the configuration details for importing labels.

Imported labels are used for detection by creating File Labeling classifiers and using them in rules and action plans.
Important:
  • Before you import Microsoft Information Protection (MIP) labels for the first time, you must obtain permission for the Forcepoint application to import the labels.

    Log into the Microsoft 365 Admin Consent page, authenticate using your Microsoft 365 admin credentials, and accept the permissions statement.

  • Forcepoint Security Manager enables import of sensitivity labels from the Microsoft 365 Security and Compliance Center. If you want to import Azure Information Protection labels, you must migrate them to Microsoft 365, as described on the Microsoft’s Azure Information Protection site.
  • Files that are protected by MIP can be decrypted automatically during DLP analysis.
  • For Microsoft 365 Admin Consent Prompt Permissions for Forcepoint DLP AIP Integration, see this article

On the Microsoft Information Protection Properties page, do the following:

Steps

  1. Enter your Microsoft Office 365 admin credentials, and click Import Labels.
    We recommend that you enter credentials for an administrator who has visibility to all MIP labels used in the organization. User credentials are not stored on Forcepoint servers. However, you should ensure that your web browser does not store this information.
  2. Click OK to start the import process.
    If “admin consent” has not already been established, this step generates an error message and the import does not occur. Complete the Microsoft admin consent process and try again.
    After a successful import, the Last Import Details section is updated with the imported labels and a message. The message lists date, time, and number of imported labels.