Microsoft 資料分類服務整合Microsoft Data Classification Services integration

適用於:Microsoft Cloud App SecurityApplies to: Microsoft Cloud App Security

Microsoft Cloud App Security 讓您能夠以原生方式使用 Microsoft 資料分類服務,以便對雲端應用程式中的檔案進行分類。Microsoft Cloud App Security enables you to natively use the Microsoft Data Classification Service to classify the files in your cloud apps. Microsoft 資料分類服務為 Office 365、Azure 資訊保護和 Microsoft Cloud App Security 提供統一的資訊保護體驗。Microsoft Data Classification Service provides a unified information protection experience across Office 365, Azure Information Protection, and Microsoft Cloud App Security. 此分類服務可讓您將資料分類工作延伸到受 Microsoft Cloud App Security 保護的協力廠商雲端應用程式,使用您在眾多應用程式中做出的決策。The classification service allows you to extend your data classification efforts to the third-party cloud apps protected by Microsoft Cloud App Security, using the decisions you already made across an even greater number of apps.


這項功能目前已在美國、歐洲、澳大利亞、印度、加拿大、日本和 APAC 推出。This feature is currently available in the US, Europe, Australia, India, Canada, Japan, and APAC.

使用資料分類服務啟用內容檢查Enable content inspection with Data Classification Services

您可以選擇設定 [檢查方法]**** 使用 [Microsoft 資料分類服務]****,而無需額外設定。You have the option to set the Inspection method to use the Microsoft Data Classification Service with no additional configuration required. 在為 Microsoft Cloud App Security 中的檔案建立資料洩漏防護原則時,此選項會很有用。This option is useful when creating a data leak prevention policy for your files in Microsoft Cloud App Security.

  1. [檔案原則] 頁面的 [檢查方法]**** 下,選取 [資料分類服務]****。In the file policy page, under Inspection method, select Data Classification Service. 您也可以在 [會話原則] 頁面中,使用 [控制檔案下載 ( ] 設定檢查方法,並) 選取 [檢查]。You can also set the Inspection method in the session policy page with Control file download (with inspection) selected.


  2. 選取滿足 [任何]**** 或 [全部]**** 條件時,是否應套用該原則。Select whether the policy should apply when any or all of the criteria are met.

  3. 透過選取 [敏感性資訊類型]**** 來選擇檢查類型Choose inspection type by selecting the Sensitive information types.


  4. 您可以使用預設敏感性資訊類型,定義受 Microsoft Cloud App Security 保護的檔案會發生什麼情況。You can use the default sensitive information types to define what happens to files protected by Microsoft Cloud App Security. 您也可以重複使用任何 Office 365 自訂敏感性資訊類型You can also reuse any of your Office 365 custom sensitive information types.


    您可以將原則設定為使用 advanced 分類類型,例如 指紋完全符合的資料,以及 可訓練分類器。You can configure your policy to use advanced classification types such as Fingerprints, Exact Data Match, and trainable classifiers.

  5. 或者,您可以將相符項目的最後四個字元取消遮罩。Optionally, you can unmask the last four characters of a match. 根據預設,符合項目會加上遮罩,並顯示在其上下文中,且包含符合項目之前與之後的 40 個字元。By default, matches are masked and shown in their context, and include the 40 characters before and after the match. 如果您選取此核取方塊,它會將相符項目本身的最後四個字元取消遮罩。If you select this checkbox, it will unmask the last four characters of the match itself.

  6. 您也可以利用檔案原則來設定原則的警示和治理動作。Leveraging file policies, you can also set alerts and governance actions for the policy. 如需詳細資訊,請參閱檔案原則治理動作For more information, see file policies and governance actions. 利用會話原則,您也可以在檔案符合 DC 類型時,即時監視和控制動作。Leveraging session policies, you can also monitor and control actions in real-time when a file matches a DCS type. 如需詳細資訊,請參閱 會話原則For more information, see session policy.

設定這些原則可讓您輕鬆地將 Office 365 DLP 功能的優勢擴充到所有其他獲批准的雲端應用程式,並使用 Microsoft Cloud App Security 所提供的完整工具組來保護儲存在其中的資料,例如自動套用 Azure 資訊保護分類標籤以及控制共用權限的能力。Setting these policies enables you to easily extend the strength of the Office 365 DLP capabilities to all your other sanctioned cloud apps and protect the data stored in them with the full toolset provided to you by Microsoft Cloud App Security – such as the ability to automatically apply Azure Information Protection classification labels and the ability to control sharing permissions.

下一步Next steps

若您遇到任何問題,我們隨時提供協助。If you run into any problems, we're here to help. 若要取得產品問題的協助或支援,請建立支援票證To get assistance or support for your product issue, please open a support ticket.