Overview
This feature allows for seamless integration with Symantec Data Loss Prevention (DLP) solutions, enhancing data protection and monitoring capabilities. By integrating with Symantec DLP, you can enforce data security policies and effectively manage data loss risks.
- MIP Configuration: Implemented configuration capabilities for Microsoft Information Protection (MIP).
- Mapping Classifier with Label: Allows for the mapping of classifiers to labels, which enhances data classification.
- Adding Labels as File Metadata: Provides functionality to ensure that labels are applied to classified files on endpoints.
This page displays,
- Labeling Source Tab:
- MIP Account Details Section: Configure the account name, client ID, tenant ID, and client server.
- Status Section:
- Connection Status: Displays the connection status with the MIP server (e.g., Active).
- Label Count: Shows the total number of labels.
- Last Received Timestamp: Indicates the last time labels were fetched.
- MIP Label Tab:
- Fetched Labels: Lists the labels fetched from the MIP server.
- Label Details:
- Priority: Displays the priority of each label.
- Linked Classifiers Count: Shows the number of classifiers linked to each label.
- Link Status: Indicates whether the labels are successfully linked to classifiers.
MIP Integration: Registering Seqrite Data Privacy with Microsoft Entra ID
Registering Seqrite Data Privacy with Microsoft Entra ID is essential for integrating with Microsoft Information Protection (MIP) and ensuring seamless interaction with other Microsoft services. This process establishes the necessary credentials and permissions for secure and effective operation within the Microsoft ecosystem.
Steps
- Register Seqrite Data Privacy:
- Navigate to the Register an app with Microsoft Entra ID guide and proceed to the "Register a new application" section.
- Use the following settings for testing:
- Supported Account Types: Select "Accounts in this organizational directory only."
- Redirect URI: Set the URI type to "Public client (mobile & desktop)." If using the Microsoft Authentication Library (MSAL), use
http://localhost. Otherwise, use a URI in the format<app-name>://authorize.
- Save Application ID:
- After registration, you will be redirected to the Registered app page. Copy the GUID from the Application (client) ID field and save it. This ID is required for subsequent steps and Quickstarts.
- Configure API Permissions:
- Click API permissions to open the permissions settings.
- Click Add a permission to open the Request API permissions blade.
Add MIP API Permissions:- Azure Rights Management Services:
- On the Select an API page, click Azure Rights Management Services.
- On the API page, select Delegated permissions.
- Check the user_impersonation permission to allow Seqrite Data Privacy to create and access protected content on behalf of a user.
- Click Add permissions to save.
- Microsoft Information Protection Sync Service:
- Return to the Select an API page and click APIs my organization uses.
- In the search box, type "Microsoft Information Protection Sync Service" and select it.
- On the API page, select Delegated permissions.
- Expand the UnifiedPolicy node and check UnifiedPolicy.User.Read.
- Click Add permissions to save.
- Grant Admin Consent:
- On the API permissions page, click Grant admin consent for [Tenant Name] and then click Yes. This step provides pre-consent for Seqrite Data Privacy to access the APIs with the specified permissions. If signed in as a global administrator, this consent applies to all users in the tenant. Otherwise, it applies only to your user account.
By completing these steps, you ensure that Seqrite Data Privacy is properly registered and configured with the required permissions to interact securely and effectively with Microsoft services, including Microsoft Information Protection (MIP) and Symantec Data Loss Prevention (DLP).