Extending DLP and Enhancing Labeling with Microsoft Information Protection (MIP)
BigID integrates with Microsoft Information Protection (MIP) to extend native data protection and labeling capabilities for stronger enforcement, protection and compliance.
Our MIP integration leverages a consolidated approach to data discovery and classification, so that organizations can automatically apply data protection policies – and take action based on deep insight into sensitive and regulated data.
With BigID, you can automatically scan and classify sensitive data across the enterprise to enhance, extend, and drive enforcement accuracy for existing MIP policies. BigID’s data discovery extends beyond Microsoft data stores, building profiles across disparate data types and platforms so that organizations have a single unified inventory of all of their sensitive data.
BigID’s integration with MIP allows enterprises to automatically propagate labels to sensitive and personal data for greater accuracy, ensure consistent enforcement, and address emerging privacy regulations including GDPR and CCPA.
What does MIP do?
Microsoft Information Protection combines capabilities from Azure Information Protection (AIP) with Office 365 labeling. The technology enables organizations to apply labels to specific types of data, and automatically apply data protection (and data handling) policies to sets of data that are tagged with a specific label.
Extend MIP Data Protection & Privacy with BigID
BigID customers can extend their MIP policy management to new data privacy and data protection use cases (including CCPA and GDPR) and apply consistent policies across their data stores.
BigID helps identify whether or not MIP labeled data contains data regulated by resident-based policy (like the CCPA or GDPR) or identity-based policy (like HIPAA or CCPA) – and can automate data management policies based on regulation and data privacy best practices. With BigID, organizations can automate data access rights, assign data residency, and monitor & alert on cross-border data flows.
BigID empowers organizations to manage and protect their sensitive data – enabling continuous compliance through ongoing discovery, tagging, labeling, and automatically applying data protection policies through the Microsoft AIP policy console.
Why BigID for MIP?
- Identify and label sensitive data that conventional classification and native discovery solutions missed or mislabeled
- Automatically scan and classify data based on defined MIP labels
- Utilize defined MIP labels to drive classification type and automatic discovery within all systems to which BigID connects
- Correlate labeled and sensitive data with data subjects and owners for additional context for enforcement and compliance
- Achieve continuous compliance through ongoing data source scans and classification
- Maintain consistent personal data processing policies across Office 365, OneDrive, SharePoint, and MS SQL service in Azure and on-premises
- Support consolidated discovery in hybrid architecture, with scanners deployed in Azure, Elastic pools and on-premise
How it Works: BigID & MIP
Identify regulated data within an MIP label data set
Existing MIP labels don’t always specify whether or not that document contains regulated, personal data that falls under privacy laws like CCPA and/or GDPR.
BigID scans Office 365 data – both labeled and unlabelled – for personal data and automatically indexes those results into identities, mapping specific attributes and locations so that organizations can more easily fulfill privacy regulations and reduce risk on that data.
This data gets indexed into a data inventory, where organizations can define tags for target files based on MIP labels and send that added context back to MIP.
With that added context, Microsoft can automatically apply protection policies to the newly-identified regulated data, and can extend data protection by restricting access rights or encrypting files.
4 Steps to Integrate BigID with MIP
Step 1: Connect BigID via the Microsoft Information Protection SDK (MIP SDK), and import the MIP labels
BigID/MIP Label Configuration
Step 2: Define a tag in BigID to identify the files with PI, and associate it with an MIP label. You can configure the tag directly in the BigID UI.
BigID Tag Configuration
Step 3: Create a Labeling Scan Profile and select the data sources where the files reside that you wish to apply the labels to.
BigID Labeling Scan Profile
Step 4: Trust but verify. Once the labeling scan has completed the files will be labeled within Office365 as shown in the Spreadsheet example below.
Spreadsheet stored in Office365 labeled by BigID
Automate and Enforce Data Privacy with BigID and MIP
BigID’s integration with MIP extends Microsoft customers’ ability to address data privacy mandates like the CCPA and GDPR. Organizations can enable consistent file and object labeling across a hybrid environment, on-premises, or in the cloud – and can automate data privacy workflows, from subject access rights to continuous compliance.
See how BigID integrates with MIP to help organizations protect personal data and meet data privacy requirements.