Sensitivity Labels and Policies

Complete the full lesson to earn 25 points

Work through each section, then tap “Mark as Complete” on the last one.

Section 1 of 11

✦ Skip the page breaks and see fewer ads — read each lesson on a single page with Pro

Sensitivity Labels and Policies: Protecting Data in the Modern Workplace

In the old days of corporate security, we relied on the "castle and moat" strategy. We built a strong perimeter around our office network, and as long as your data stayed inside those walls, it was considered safe. However, the way we work has fundamentally changed. Data now lives in the cloud, travels on personal mobile devices, and is shared across organizations via Microsoft Teams, email, and SharePoint. The "moat" is gone. In this environment, security must be data-centric. This means the protection must stay with the file itself, regardless of where it is stored or who it is shared with.

Microsoft Purview Sensitivity Labels are the primary tool for achieving this data-centric security. Think of a sensitivity label as a digital stamp that you apply to a document or email. This stamp is more than just a visual marking; it is embedded into the file's metadata. Because it is part of the file, the protection follows the data even if it leaves your organization's tenant. Whether a file is sitting on a thumb drive, attached to a Gmail message, or stored in a personal Dropbox account, the sensitivity label ensures that only authorized users can access the content.

In this lesson, we will explore the mechanics of sensitivity labels and policies. We will look at how to design a labeling taxonomy, how to configure encryption and visual markings, and how to automate the labeling process to reduce the burden on your end users. By the end of this guide, you will understand how to implement a comprehensive information protection strategy that balances security with user productivity.


Section 1 of 11
PrevNext