What Microsoft Information Protection does
Microsoft Information Protection provides a framework for classifying and protecting data based on its sensitivity. Sensitivity labels are applied to content, indicating its level of confidentiality and dictating access controls and protection measures. These labels can be applied manually by users, automatically based on predefined rules, or recommended to users through the Microsoft 365 interface. MIP integrates with Data Loss Prevention (DLP) policies to enforce data protection rules and prevent sensitive data from leaving the organisation’s control.
Microsoft Information Protection in Australian tenants today
The rollout of Microsoft Copilot in AU mid-market organisations is increasingly driving adoption of MIP. Copilot respects sensitivity labels, meaning organisations must have a defined labelling scheme in place to avoid unexpected behaviour. A practical baseline for many AU organisations is a three-label system: Public, Internal, and Confidential. Scaling beyond this requires careful planning and user training, considering the complexity of granular labels and the potential for user fatigue. Compliance obligations, such as those outlined in APRA CPS 234 and the Notifiable Data Breach scheme, reinforce the need for robust data protection measures like MIP.