Using Windows Information Protection, can I prevent users from saving Words docs as Personal when there is PII in them? RRS feed

  • Question

  • I have a question about the capabilities of Windows Information Protection.  Say I have Microsoft Word identified as an app in my WIP policy.  It is enlightened so users can work with either Work or Personal data.  When a user creates a Word doc that contains Work data, say PII, how do I prevent them from saving that doc as a Personal doc so that they can then copy and paste that PII to Twitter or wherever?  Is there a policy that forces Word to save everything as Work data?  This scenario assumes that the user wants to circumvent policy and leak the data because they don't want to be restricted in how they handle the document.

    As a follow-up to that, assuming a policy that forces Word to save everything as Work data exists, is there a way that I can still allow the user to create both Personal and Work docs with Word but still somehow enforce saving as Work data if they are working with PII?  This seems like kind of a long shot to me as I imagine it would have to be able to scan what is being written and just know that the information is PII.

    I asked this question on the Windows 10 Security forum and they directed me to a SCCM forum.

    Shane Curtis

    Friday, June 30, 2017 7:43 PM

All replies

  • Hi,

        Unfortunately, there seems no such policy which can enforce users save everything as work data when using WIP based on my testing at this moment, or in other words block the copy/paste operations from managed apps to unmanaged apps. Users can choose to save as the work data as Personal data and thus these data will be converted to personal owned.

        Also, you can try to request a FREE support ticket with Microsoft CSS for help, here's the guide how to get support with Intune:



    Please remember to <b>mark the replies as answers</b> if they help.<br/> If you have feedback for TechNet Subscriber Support, contact <a href=""></a>.

    Monday, July 3, 2017 12:45 PM