Confidential and Protected documents can be viewed by non AIP Agent hotmail adresses RRS feed

  • Question

  • I use the standard AIP Labeling and add protection (Azure Cloud Key) to the "Highly Confidential - All Employees label".

    I leave that Standard Rule "Global" with the scope of "All Tenant User".

    On a Windows 10 virtual machine with Office 365 from the E5 plan installed and the the AIP Agent installed,
    I then create as a tenant user a document and label it as ""Highly Confidential - All Employees label".

    I save the document in my tenant user's OneDrive.

    I then send a link to the document on OneDrive to my private Hotmail address and open the document on another computer
    without the AIP agent.

    I would expect that I cannot open the document but the "highly confidential" document opens without any problems.

    Is this expected bahavior? and how can I prevent non-tenant users or any user on devices without the AIP agent accessing the document?


    Wednesday, June 13, 2018 8:42 AM