Protect documents with Azure Information Protection (Documents labels)

When handling documents with confidential or sensitive data, encryption is often used to protect documents from unauthorized access.  When documents are encrypted, no matter where they are stored and sent to, only authorized users can open your encrypted documents to view or edit the contents.

In HKUST, Microsoft’s Azure Information Protection (AIP) technology is used to protect documents.  This webpage summarizes the essential steps for you to get started to make use of the protection technology.

AIP Exercise 

To ensure colleagues can master fundamental AIP skills, ITSC has prepared an exercise built on our Canvas Learning Management System. The exercise has a quiz which will be graded. 

Before taking the exercise, you should have either attended our previous trainings "Data protection with AIP" ( video recordings - English [slides], Cantonese [slides] ) or read through contents in this webpage. 

Click the link below to login to Canvas to start the exercise

Start AIP Exercise

Available To
Staff
Service Fee

Free

Service Hours

7x24

How-to Guides

  1. Getting Started - Supported Systems and Required Software
  2. Protecting Documents with Azure Information Protection (AIP)
  3. Sending and Reading Confidential Emails with Azure Information Protection (AIP)

 

1. Getting Started - Supported Systems and Required Software

Follow the links below to view the installation instructions of the required software for Azure Information Protection (AIP).

 

Document Types AIP Supported Systems & Applications
  Windows 11 or 10 macOS iOS Android
Office Documents
& Email

(Word, Excel, PowerPoint & Outlook)
Office 365 or
Office 2016 [1]
Office 365 Microsoft 365 app & 
Outlook
Microsoft 365 app & 
Outlook
PDF View only 

Microsoft Edge browser 
or 
Acrobat Reader [2]

View and Protect
AIP Client [3]

View only
Microsoft Edge browser
or
Acrobat Reader [2]

View only
Azure Information Protection app

View only
Azure Information Protection app

Other Document Types
(e.g. .txt, jpg, etc.)

AIP Client [3]

RMS Sharing app

AIP Viewer [4]

AIP Viewer [4]


(Important: Remember to sign in to your Microsoft Office with your ITSC username and password after the installation.)

 

Notes:

[1]

  • Office 365 is recommended as it provides better integration and collaboration features with other Microsoft products. It also provides continuous security and feature updates, whereas Office 2016 will cease its support in Oct 2025. 
  • To protect email with AIP, you will need to use Microsoft Outlook. 

 

[2]

  • On Windows, to view AIP-protected PDF files, you may use the latest version of Microsoft Edge browser or Adobe Reader.   You may also use the AIP client (add link to the AIP page) to view and enforce AIP protection to PDF files and other file types (e.g. .txt, .jpg, etc.). 

  • On macOS, to view AIP-protected PDF files, you may use the latest version of Microsoft Edge browser or Adobe Reader.  The RMS Sharing app is used for viewing AIP-protected file types (e.g. .txt, .jpg, etc.) excluding PDF and Microsoft Office documents. 

 

[3]

  • The AIP client is needed only if you need to protect PDF files (and other file types besides Microsoft Office files, e.g. CSV files or images) or if you use Office 2016. Microsoft Office 365 already has built-in support for using AIP to protect files and email.
  • The AIP client allows you to add a sensitivity label to a file in Windows File Explorer (via mouse right-clicking the file). It provides more permission settings to protect your files.
  • To install the AIP client, please refer to this webpage.

 

[4]

  • For iOS and Android, the AIP Viewer allows you to view AIP-protected files, including protected PDF files and other protected document types. To view or create AIP-protected Microsoft Office documents on mobile, you will need to use the Microsoft Office mobile app.  

 

2. Protecting Documents with Azure Information Protection (AIP)

Click here to view the instructions on using AIP to protect documents

 

3. Sending and Reading Confidential Emails with Azure Information Protection (AIP)

Click here to view the instructions on using AIP to protect email