Microsoft Entra ID · Security & Compliance
Azure Information Protection Administrator
Can manage all aspects of the Azure Information Protection product including labels, policies, and protection templates.
Scope: Full administrative control over Azure Information Protection service
Permissions
- Configure labels for AIP policy
- Manage protection templates
- Activate protection
- Configure AIP scanner
- Manage AIP policies and settings
- View AIP analytics and reports
Common use cases
- Sensitivity label configuration
- Protection template management
- AIP scanner deployment
- Data classification policies
- Rights management configuration
Best practices
- Align labels with data classification policy
- Test label policies before deployment
- Use auto-labeling carefully
- Monitor label usage analytics
- Document protection configurations
Security considerations
- Controls data protection policies
- Label changes affect data access
- Protection templates control encryption
- Monitor for policy changes