Microsoft 365 中的 Microsoft 信息保护Microsoft Information Protection in Microsoft 365

Microsoft 365 安全和合规性许可Licensing for Microsoft 365 Security & Compliance

实施 Microsoft 信息保护 (MIP),无论在何处生活或旅居在外,均可助你发现、分类和保护敏感信息。Implement Microsoft Information Protection (MIP) to help you discover, classify, and protect sensitive information wherever it lives or travels.

MIP 功能包含在 Microsoft 365 合规性中,提供了了解数据保护数据防止数据丢失的工具。MIP capabilities are included with Microsoft 365 Compliance and give you the tools to know your data, protect your data, and prevent data loss.

有关 MIP 如何帮助你发现、分类和保护敏感数据的图像

有关管理数据的信息,请参阅 Microsoft 365 中的 Microsoft 信息管理For information about governing your data, see Microsoft Information Governance in Microsoft 365.

了解你的数据Know your data

备注

有关在 Azure Purview 中对数据进行分类和标记的详细信息,请参阅当前处于预览中的在 Azure Purview 中自动标记内容For information about classifying and labeling data in Azure Purview, currently in preview, see Automatically label your content in Azure Purview.

若要了解在混合环境中的数据全景并发现重要数据,请使用以下功能:To understand your data landscape and identify important data across your hybrid environment, use the following capabilities:

功能Capability 它能解决什么问题?What problems does it solve? 开始行动Get started
敏感信息类型Sensitive information types 使用内置或自定义正则表达式或函数识别敏感数据。补强证据包括关键字、可信度和接近度。Identifies sensitive data by using built-in or custom regular expressions or a function. Corroborative evidence includes keywords, confidence levels, and proximity. 自定义内置敏感信息类型Customize a built-in sensitive information type
可训练的分类器Trainable classifiers 通过使用您感兴趣的数据示例而不是识别项中的元素来标识敏感数据(模式匹配)。Identifies sensitive data by using examples of the data you're interested in rather than identifying elements in the item (pattern matching). 可使用内置分类器,或使用自己的内容培训分类器。You can use built-in classifiers or train a classifier with your own content. 可训练的分类器入门Get started with trainable classifiers
数据分类Data classification 组织中具有敏感度标签、保留标签或已分类的项目的图形标识。A graphical identification of items in your organization that have a sensitivity label, a retention label, or have been classified. 此信息还可用于深入了解用户正在针对这些项目采取的操作。You can also use this information to gain insights into the actions that your users are taking on these items. 内容资源管理器入门Get started with content explorer

活动资源管理器入门Get started with activity explorer

保护数据Protect your data

若要应用包含加密、访问限制和视觉标记的灵活保护操作,请使用以下功能:To apply flexible protection actions that include encryption, access restrictions, and visual markings, use the following capabilities:

功能Capability 它能解决什么问题?What problems does it solve? 开始行动Get started
敏感度标签Sensitivity labels 跨应用、服务和设备的单一解决方案可在行经组织内外时标记并保护你的数据。A single solution across apps, services, and devices to label and protect your data as it travels inside and outside your organization.

示例方案:Example scenarios:
管理 Office 应用的敏感度标签Manage sensitivity labels for Office apps
加密文档和电子邮件Encrypt documents and emails
在 Power BI 中应用和查看标签Apply and view labels in Power BI

有关敏感度标签的方案综合列表,请参阅入门文档。For a comprehensive list of scenarios for sensitivity labels, see the Get started documentation.
开始使用敏感度标签 Get started with sensitivity labels
Azure 信息保护统一标记客户端Azure Information Protection unified labeling client 对于 Windows 计算机,扩展了其他特性和功能的敏感标签,包括标记和保护文件资源管理器和 PowerShell 中的所有文件类型For Windows computers, extends sensitivity labels for additional features and functionality that includes labeling and protecting all file types from File Explorer and PowerShell

示例附加功能:自定义配置 Azure 信息保护统一标记客户端Example additional features: Custom configurations for the Azure Information Protection unified labeling client
Azure 信息保护统一标记客户端管理员指南Azure Information Protection unified labeling client administrator guide
双密钥加密Double Key Encryption 在所有情况下,只有你可以解密受保护的内容,或者为了满足监管要求,你必须在某一地理范围内持有加密的密钥。Under all circumstances, only your organization can ever decrypt protected content or for regulatory requirements, you must hold encryption keys within a geographical boundary. 部署双密钥加密Deploy Double Key Encryption
Office 365 邮件加密 (OME)Office 365 Message Encryption (OME) 请加密发送到任意设备上任何用户的电子邮件和附加文档,以便仅获授权的收件人可阅读电子邮件信息。Encrypts email messages and attached documents that are sent to any user on any device, so only authorized recipients can read emailed information.

示例方案: 撤消通过高级邮件加密进行加密的电子邮件Example scenario: Revoke email encrypted by Advanced Message Encryption
设置全新的邮件加密功能Set up new Message Encryption capabilities
使用客户密钥执行服务加密Service encryption with Customer Key 防止未经授权的系统或人员查看数据,并在 Microsoft 数据中心中补充 BitLocker 磁盘加密。Protects against viewing of data by unauthorized systems or personnel, and complements BitLocker disk encryption in Microsoft datacenters. 设置 Office 365 的客户密钥Set up Customer Key for Office 365
SharePoint 信息权限管理 (IRM)SharePoint Information Rights Management (IRM) 保护 SharePoint 列表和库,以便当用户签出文档时,对下载的文件进行保护,即仅获得授权人员可根据指定策略查看和使用该文件。Protects SharePoint lists and libraries so that when a user checks out a document, the downloaded file is protected so that only authorized people can view and use the file according to policies that you specify. 在 SharePoint 管理中心设置信息权限管理 (IRM)Set up Information Rights Management (IRM) in SharePoint admin center
权限管理连接器Rights Management connector 保护 - 仅适用于使用 Exchange 或 SharePoint Server 的现有本地部署,或运行 Windows Server 和文件分类基础结构的文件服务器 (FCI) 的文件服务器。Protection-only for existing on-premises deployments that use Exchange or SharePoint Server, or file servers that run Windows Server and File Classification Infrastructure (FCI). 部署 RMS 连接器的步骤Steps to deploy the RMS connector
Azure 信息保护统一标记扫描器Azure Information Protection unified labeling scanner 发现、标记和保护驻留在本地数据存储区中的敏感信息。Discovers, labels, and protects sensitive information that resides in data stores that are on premises. 配置和安装 Azure 信息保护统一标记扫描器Configuring and installing the Azure Information Protection unified labeling scanner
Microsoft Cloud App SecurityMicrosoft Cloud App Security 发现、标记和保护驻留在云中数据存储区内的敏感信息。Discovers, labels, and protects sensitive information that resides in data stores that are in the cloud. 发现、分类、标记和保护存储在云中的管控和敏感数据Discover, classify, label, and protect regulated and sensitive data stored in the cloud
Microsoft 信息保护 SDKMicrosoft Information Protection SDK 将灵敏度标签扩展到第三方应用和服务。Extends sensitivity labels to third-party apps and services.

示例方案: 设置和获取灵敏度标签 (C++)Example scenario: Set and get a sensitivity label (C++)
Microsoft 信息保护 (MIP) SDK 安装和配置Microsoft Information Protection (MIP) SDK setup and configuration

防止数据丢失Prevent data loss

若要帮助防止意外地过度共享敏感信息,请使用以下功能:To help prevent accidental oversharing of sensitive information, use the following capabilities:

功能Capability 它能解决什么问题?What problems does it solve? 开始行动Get started
数据丢失防护Data loss prevention 帮助防止意外共享敏感项目。Helps prevent unintentional sharing of sensitive items. 开始使用默认 DLP 策略Get started with the default DLP policy
终结点数据丢失防护Endpoint data loss prevention 将 DLP 功能扩展到 Windows 10 计算机上使用和共享的项目。Extends DLP capabilities to items that are used and shared on Windows 10 computers. 终结点数据丢失防护入门Get started with Endpoint data loss prevention
Microsoft 合规性扩展(预览版)Microsoft Compliance Extension (preview) 将 DLP 功能扩展到 Chrome 浏览器Extends DLP capabilities to the Chrome browser Microsoft 合规性扩展(预览版)入门Get started with the Microsoft Compliance Extension (preview)
Microsoft 365 数据丢失防护本地扫描程序(预览版)Microsoft 365 data loss prevention on-premises scanner (preview) 将 DLP 对文件活动的监视以及针对这些文件的安全操作扩展到本地文件共享和 SharePoint 文件夹和文档库。Extends DLP monitoring of file activities and protective actions for those files to on-premises file shares and SharePoint folders and document libraries. Microsoft 365 本地扫描仪数据丢失防护入门(预览)Get started with Microsoft 365 data loss prevention on-premises scanner (preview)
保护 Microsoft Teams 聊天和频道消息中的敏感信息Protect sensitive information in Microsoft Teams chat and channel messages 将一些 DLP 功能扩展到 Teams 聊天和频道消息Extends some DLP functionality to Teams chat and channel messages 了解 Microsoft Teams(预览版)中的默认数据丢失防护策略Learn about the default data loss prevention policy in Microsoft Teams (preview)

许可要求Licensing requirements

MIP 的许可证要求取决于所使用的方案和功能,而不是为本页中列出的每个功能设置许可要求。License requirements for MIP depend on the scenarios and features you use, rather than set licensing requirements for each capability listed on this page. 若要了解 MIP 的许可要求和选项,请参阅 Microsoft 365 许可文档中的 信息保护 部分,并下载相关的 PDF 或 Excel。To understand your licensing requirements and options for MIP, see the Information Protection section from the Microsoft 365 licensing documentation, and download the related PDF or Excel.