The Tip of the Night for April 28, 2018 discussed Azure Information Protection, which allows Microsoft 365 to classify and protect files meeting certain criteria. Protected files must be authenticated - individual users must be authorized to access them. The way in which files are used can also be restricted, and the use of the files can be logged using the AIP system.
Azure Information Protection Viewer is a separate application needed to view these protected files.
You can spot these files by the 'p' added to the beginning of the file extension. For example, a protected text file will have the extension, '.ptxt'.
The AIP system cannot be used to protect .exe, .bat., .pst, and other common system files. Email .msg files; rich text format .rtf files, and compressed .rar files are not protected by default when the AIP scanner is used. AIP's ability to scan .rtf files is limited even when it is enabled to do so.
AIP can successfully scan zip files, but an admin must use a special PowerShell command. The file name for a protected zip file will be changed to 'name.zip.pfile'.
A different PowerShell command is used to OCR TIFF images, and scan them for sensitive information which should be protected.