question

BmoreOs-2852 avatar image
0 Votes"
BmoreOs-2852 asked CaseyYangMSFT-4714 commented

Protecting Confidential Cloud Data

Hello -

We recently moved from GCP to Azure and have all of our file shares on prem. We now want to move our storage to the cloud in a centralized Document Library. My biggest concern is confidential data (HR info, for example). While on prem provides a bit more protection, I know there are probably ways to provide the same, or more protection within the cloud. I did see Information Rights Management (IRM) and looked that over a bit. What are the best ways to to avoid a data breach from external attacks? I say this after we have already setup MFA, conditional access rules, etc. etc. Is there anything else that I am not thinking of? For those who use it, would Information Rights Management (IRM) help?

Thanks

office-sharepoint-onlineazure-security-center
· 1
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

CaseyYangMSFT-4714 avatar image CaseyYangMSFT-4714 ·

Hi @BmoreOs-2852,

Thank you for your question. We will give you an update as soon as possible. Thank you for your understanding and support.

0 Votes 0 ·

1 Answer

CaseyYangMSFT-4714 avatar image
1 Vote"
CaseyYangMSFT-4714 answered CaseyYangMSFT-4714 commented

Hi @BmoreOs-2852,

Yes, you could enable Information Rights Management (IRM). After site owners enable IRM for a list or library when people download files in an IRM-enabled list or library, the files are encrypted so that only authorized people can view them. Each rights-managed file also contains an issuance license that imposes restrictions on the people who view the file. Typical restrictions include making a file read-only, disabling the copying of text, preventing people from saving a local copy, and preventing people from printing the file. Client programs that can read IRM-supported file types use the issuance license within the rights-managed file to enforce these restrictions. This is how a rights-managed file retains its protection even after it is downloaded.

And here is a article about policy recommendations for securing SharePoint sites and files.

If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


· 3
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

BmoreOs-2852 avatar image BmoreOs-2852 ·

@CaseyYangMSFT-4714 -

Thanks! Can you enable IRM on certain folders or does it apply to the entire document library?

0 Votes 0 ·
CaseyYangMSFT-4714 avatar image CaseyYangMSFT-4714 BmoreOs-2852 ·

Hi @BmoreOs-2852,

Per my knowledge, when you enable IRM it will apply to the entire library or list.

0 Votes 0 ·
CaseyYangMSFT-4714 avatar image CaseyYangMSFT-4714 ·

Hi @BmoreOs-2852,

Is there any update on this thread? Whether the answer helps you? You can accept the answer if it helps. Comment here if you still need any help.

0 Votes 0 ·