title | ms.author | author | manager | ms.date | ms.audience | ms.topic | ms.service | localization_priority | ms.collection | ms.custom | description | ||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Step 4: Configure Windows Information Protection |
josephd |
JoeDavies-MSFT |
laurawi |
04/25/2019 |
ITPro |
article |
o365-solutions |
Priority |
|
Understand and deploy Windows Information Protection in Microsoft 365. |
This step is optional and applies to both the E3 and E5 versions of Microsoft 365 Enterprise
With more personal devices being used for work, there’s increased risk for apps and devices to leak private organization data. For example, an employee inadvertently sends a picture of a marketing plan for a future product to a social media site or saves a file containing highly confidential information to their public cloud storage.
Windows Information Protection (WIP) helps protect against these types of data leakage on Windows 10 devices. For more information, see Protect your enterprise data using WIP.
In Microsoft 365 Enterprise, WIP is a combination of Windows 10 Enterprise and Microsoft Intune, which is included with Enterprise Mobility + Security (EMS) in your subscription.
To deploy WIP in your organization with Microsoft 365 Enterprise:
- Enroll your Windows devices in Intune. You should have done this in Phase 4: Mobile Device Management.
- Create an Intune policy for WIP.
- Ensure that you have filled out your Protected apps list.
- Choose your WIP protection level.
You can also use WIP with System Center Configuration Manager.
See WIP best practices for more information.
As an interim checkpoint, see the exit criteria corresponding to this step.
Configure Office 365 Data Loss Prevention |