Microsoft Azure Information Protection (or AIP) is a cloud-based solution with which organizations can classify documents and emails and optionally protect them by using labels.

Labels can be applied automatically based on rules and conditions. But they can also be applied manually. You can also use a combination of automatic and manual steps to encourage users to choose recommended labels.

The following screenshot shows AIP in action on a user’s computer. In this example, the administrator has configured a label with rules that are used to detect sensitive data. When a user saves a Microsoft Word document that contains a credit card number, a custom tooltip is displayed. The tooltip recommends naming the file as Confidential \ All Employees (Confidential \ All employees). This designation is configured by the administrator. This name is used to classify and protect the document.

After your content has been classified, you can track and control how it is used. For example, you can do the following:

  • Analyze data flows to gain insights about your company
  • Identifying risky behavior and taking corrective action
  • Track access to documents
  • Prevent data leaks or misuse of confidential information

Source Microsoft Learn.