Currently, documents that are labelled can be co-authored in Office, but any document that is encrypted can only be opened by one person at a time. This prevents most of the business scenarios folks use today with two three or more folks editing a document at the same time. Instead - it forces businesses to email copies of a document around after setting AIP policies to allow folks to all edit it. A huge blocker for most of our customers.185 votes
Web based clients co-authoring is now availble in GA.
We are working to support rich clients co-authoring with protected documents in the future.
Provide in explorer visual indicators that easily shows the classification and protection status of the document, both in the icon views and in the list views showing document properties.173 votes
This is in work in progress as part of Microsoft Information Protection integrations with Windows.
There is no publicly availble ETA for availability.
Surface label policies in the Office 365 DLP engines to allow consistent classification, labeling and protection157 votes
It could be great knowing who changes a label to correct this or who violates the internal classification policy.80 votes
Reporting of label changes is being built in the Windows Defender ATP client. Preview coming soon.
Allow AutoSave to work when a document is protected. Currently, it becomes disabled when you protect the document which then causes inconsistent behavior across documents and interferes with coauthoring.51 votes
The new version of OME that is now more integrated into AIP needs to have an encrypt only option such as you can configure using the message classification configuration.
The DNF use case is too restrictive for our organisation.
Thank you for consideration.39 votes
Add new options in EXO DLP to interrogate and analyze protected attachments in unprotected emails or in emails protected with a different policy.37 votes
Support for attachments in protected emails (with the same or different policy) is already available, support for protected attachments in unprotected emails is being completed (currently in testing).
Users may uninstall AIP client to attempt to circumvent AIP policies or just because they find it annoying. If the default label could be applied to any documents in SharePoint or OneDrive could be applied even if AIP client is not present, it would alleviate this potential security end-run.
Typically, end-users will not have admin rights to uninstall applications, but some times it is inescapable, esp in a small business.31 votes
Provide the ability to show the specific condition(s) which triggers Automatic or Recommended label, this allow user to understand and aware which condition triggers the labeling18 votes
This is availble for Office 365 Word client when Built-in labeling is used.
Office Insider builds.
Option to change the default "Protect" action for exchange online from Do Not forward to Encrypt Only
The Do Not Forward option is the current default protect action in new exchange online emails. This protection level is very restrictive and not preffered by enterprise. The Encrypt Only option is a better fit for business. Would like to have the ability for organizations to Change the default protect action for their users to allow setting Encrypt Only as the default action.15 votes
When a user sets an AIP label, recipients can see the too many lines between Visual Markings and main contents of the mail,
So we would like to ask to reduce this gap,
please see the attachment for the detail14 votes
Bring Unified Sensitivity Labels into GCC and GCC High.10 votes
In current version only Word, PowerPoint and Outlook support visual markings in different colors. Visual markings that are configured for colors always display as black in Excel. In future versions visual markings that are configured for colors should displayed in color in Excel.7 votes
Will be available in versions newer then 1.40.15 which will be released in few months
When a file is attached via email. The label is not updated based on what the document has. The user selects the label, which can be different from the document classification. The highest level of the label should apply either by email or document.7 votes
Move from the current model of running rules on send to applying in real-time6 votes
This is already availble in OWA and will be coming soon to Rich clients using the built-in labeling capabilities in Office 365 clients.
This suggestion describe a scenario when all mails that are sent without a label (no AIP client, mail client that don't support labeling, enforce mandatory labeling) will be applied with the policy default label on the Exchange Online service side5 votes
If we have an encrypted document through AIP, we cannot open it through PowerBI. Any chance of having this type of support with PowerBI and other applications (visio, project, etc)?5 votes
Encrypt Only is available in Outlook as a stand-alone option. In the same way a label can apply Do Not Forward, allow admins to define Encrypt Only as the action applied by a label.4 votes
It would be nice, to have control which type of labels are available on a user device.
Usecase is for example, to prevent labels for highly confidential content on mobile devices or virtual desktop environments.
A user should see the label on a trusted device, but on another device which isn't secure enough the label should be prevented.4 votes
We plan to enable control via Conditional Access on a per-label basis, which should address this need.
If you think this will meet the need stated here I’ll merge the feature requests.
Currently, IRM-enabled SPO libraries protect pdf files using the v1 format (.ppdf), but with the extension .pdf.
Adobe's MIP/AIP plugin only supports the ISO compliant (v2) format protected pdf. To open a v1 pdf, users must actively use a different pdf reader or the AIP viewer.
Switching to the ISO compliant pdf format would bring a more consistent user experience and less support.3 votes
- Don't see your idea?