I’m having (nerd) fun testing out the new auto-apply Sensitivity Label capabilities in Office Apps with the Built-in Office labeling client. The primary advantage of auto-apply is how it removes the responsibility of labeling a document from the information worker – it’s automatically done for them. Nice!
A sensitivity label can either be recommended or automatically applied based on sensitive information found within the document.
In the scenario for this post, there are 2 sensitivity labels, each one recommended under a different condition:
- Label “A” to be recommended if a Canadian Social Insurance Number (SIN) is detected
- Label “B” to be recommended if a Credit Card # is detected
Priority matters with Sensitivity labels. The higher the priority, the more weight a sensitivity label’s conditions has when content is evaluated within a document.
In this setup, Label “A” has a higher priority than Label “B” which means if Label “A”s condition is met, the auto-apply engine will recommend Label “A” even if conditions for Label “B” are also met. You will only see the Policy tip for one sensitivity label at a time, Label “A”.
Note: In case it’s relevant, I’m on the Current Channel (Preview) of Microsoft Office within Microsoft Word.
Through the testing process, I came across the new, very helpful feature in Word called Microsoft Editor. It provides a fly-out pane with lots of helpful writing guidance (grammar, clarity, etc.), however a pleasantly surprising key piece of functionality it also provides is a section titled Sensitive Content (image). This feature can help end-users remediate sensitive content in their document in-the-moment during the editing process.
Here it is in action
If sensitive information is detected in a document and there is a sensitivity label recommended when it’s detected, you will see a yellow toolbar with a Policy Tip showing the recommendation. At this point, an information worker has 1 of 2 options:
- Apply sensitivity – this will apply the recommended Sensitivity label
- Show sensitive content – an Editor pane will open up on the right-hand side of the Microsoft Word editing pane
The Editor fly-out pane chronologically highlights all sensitive information within the document for the sensitivity label being recommended. This provides an opportunity for the information worker to remove (~redact) the information from the document from within the Editor pane if this is the preferred course of action.
In the Editor pane image below, a Canada Social Insurance Number has been detected and previously removed (green check mark indicates it is no longer there) as well as 3 Credit Card numbers still existing in the document that have NOT been removed:
In the video below, I’ve added a SIN and 3 Credit Card numbers in a document which meets the conditions for both Label “A” and Label “B” to be recommended. Because Label “A” is higher priority, it is recommended first. Once I remove the SIN (the condition for Label “A”), the remaining content is evaluated against the label policy and Label “B” is recommended. I then sequentially remove all Credit Card information from the document eventually making it so neither Label “A” nor Label “B” are recommended.
We need to continually strive to strike an acceptable balance between implementing security/protection controls and the end-user experience… something easier said than done. The feature shown in this post should be included in your end-user training to ensure they know it exists, and how to remove sensitive content if/when required.
Thanks for reading.
Would you like to connect with me to ask a more complex/involved question or consulting engagement? I’d love to support you in anyway I can. I have several services I offer on Microsoft Bookings to suit your needs! (There is a charge for these services)