Data Protection with Microsoft Purview Labels

An option has been added that will apply classification results as MIP labels while tagging files stored in OneDrive or SharePoint Online. An example is shown below with OneDrive as data source.

1. Navigate to Dashboard > Enterprise Search.
2. On the GQL query box, enter a classification. For example, here we selected classification=Confidential.

   

3. Select a file. For example, here we selected the file_13.txt.

   

4. On SharePoint online, say the file_13.txt currently does not have any assigned sensitivity label. Something like as shown below:

   

5. You can limit the file tagging scope (i.e. what files to tag) here. It can be done for the whole data source (applies to all scan configurations in this data source). In this example only files matching this GQL will be tagged.

   

6. You can next initiate the File tagging process here:

   

7. You can chose what type of tags or labels to apply. There are 3 option cloud labels , persistent tagging (i.e. metadata or properties, which is a part of a file, which is retained even when a file is downloaded). The Add/update MIP (Sensitivity) label is additionally added now as shown below:

   

8. Click Start Tagging. It will display following pop up message:

   

9. Next, click on the classified files displayed under Scan Configurations page and make a note of the configuration ID.

   

10. Next navigate to Administration > Live Events > File Audit Log and filter event by scan config id and by event type (CLOUD_AND_MIP_TAGGING_FINISHED). Each row in the results corresponds to a file tagged with MIP label.

    

11. Open the file in SharePoint and see the labels in Sensitivity column. Also the label should be visible on the ribbon under Sensitivity tab. For example: