In my last few blog posts I have explained what is Azure information protection and how we can use it to protect sensitive data in an organization. You can access those using following links,

Step-by-Step Guide: Protect confidential data using Azure information protection 

Step-by-Step Guide: Automatic Data Classification via Azure Information Protection 

Step-by-Step Guide: On-premise Data Protection via Azure Information Protection Scanner 

In this blog post I am going to demonstrate how we can use Azure information protection to secure sensitive data transfers over email. 

My organization is using Office 365. With recent content search I found out sales team shares credit card details of customers via emails. These are very sensitive data and I want to make sure they can’t share these data with anyone else (internal or external). 

To do that first I am going to setup a new label in Azure Information Protection. In my previous blog post http://www.rebeladmin.com/2018/12/step-step-guide-protect-confidential-data-using-azure-information-protection/ I explained how to setup labels so I am not going to repeat the steps. 

This new label is called CreditCardData. Megan is sales manager and she has co-owner permissions for the data with this label. Rest of the sales team is only having viewer permissions. They only can read the data. For testing purpose, I am using one of the sales user Isaiah.

The data protected by this label will have watermark applied. 

Also, I like to apply this label automatically to any data with credit card number. for that I am using a condition. 

Now we have the label, next thing is to publish it. to do that,