Azure Information Protection (Day 3)

This is the third in a series of posts documenting our experiences and impressions with Azure Information Protection. Today we wanted to use Office 365 Data Loss Prevention (DLP) to map AIP classification labels applied within an external domain to labels defined within our domain. The use case for this is a customer or partner sends you a file or email classified on their domain as “Confidential” and we want DLP to detect that label and automatically apply our version of “Confidential. The short version is we weren’t able to get this to work because we keep running into licensing issues. We’ve opened a case with Microsoft support and will update this page when we can resume our efforts. Stay tuned…ok, we’re back.

Unfortunately, we haven’t resolved the issue. The Microsoft support people have been super-responsive but we’re not making progress. The MSFT support rep asked for screen captures, Fiddler logs (network traffic), and the page source of the popup that displays the error message. I sent the screen captures but the rest seems like busy work. Blades and menu items in the Security & Compliance center appear and disappear when I refresh my browser so something is definitely not right. Luckily, we have two different Microsoft 365 tenancies so we’re going to try with that one. We’re determined to make this work!

Here’s the error and the licenses that I have applied to my account: