Applies to: Azure Rights Management, Office 365
Use the following information to help you understand how the most commonly used end-user applications (such as the Office applications, Word, Excel, PowerPoint, and Outlook) and services (such as Exchange and SharePoint) can use Microsoft Azure Rights Management to help protect your organization’s data.
To verify the applications and versions that Azure Rights Management (Azure RMS) supports, see Requirements for Azure Rights Management.
In some cases, information protection is automatically applied, according to policies that you configure. For example, this is the case with SharePoint libraries, classified files, and Exchange transport rules. In other cases, users must apply information protection themselves from their applications, either by selecting a template or by selecting specific options. For example, this is the case when users share a file by email, or protect a file in-place by restricting access or usage to selected users or to users outside the organization.
Templates make it easier for users (and administrators who configure policies) to apply the correct level of protection and restrict access to people inside your organization. Although Azure Rights Management comes with two default templates, you will probably want to create custom templates to reduce the times when they have to specify individual options. For more information, see Configuring custom templates for Azure Rights Management.
For the cases where users must apply information protection themselves, be sure to provide them with instructions and guidance how and when to do this. The instructions should be specific for the application and versions that they use and how they use them, and the guidance for when and how to apply information protection should be appropriate for your business. For more information, see Helping users to protect files by using Azure Rights Management.
For information about how to configure these applications for Azure RMS, see Configuring applications for Azure Rights Management.
For examples and screenshots of applications using Azure RMS, see Azure RMS in action: What administrators and users see.
Search services can integrate with Rights Management in different ways. For example:
Exchange Online and Exchange Server use service-side indexing so that a user's RMS-protected emails are automatically displayed in their search results.
SharePoint Online and SharePoint Server apply RMS protection to files only on download, which means that indexing and search results on SharePoint are not affected by this document protection solution. However, if you have a document that you want to store in SharePoint and should not be returned in search results, RMS-protect the file before uploading it to SharePoint.
Windows desktop search uses a shared index between different users of the device, so to keep the data in the protected documents secure, it does not index RMS-protected files. This means that although your search results don’t include files that you have protected, you can be assured that your files containing sensitive data will not be displayed in search results for other users who might sign in to or connect to your PC.
Learn more about how each of the following supports Azure RMS: