Concerned about recent PAN-OS and other firewall/VPN CVEs? Take advantage of Zscaler’s special offer today

Zscaler Blog

Get the latest Zscaler blog updates in your inbox

Products & Solutions

Giving Data Protection a good (MIP) Label


Whether you’re a Microsoft shop or not, chances are you’ve heard of Microsoft Information Protection (MIP), or its former designation; Azure Information Protection (AIP). Designed to help identify and label sensitive data, Microsoft’s suite of data protection technologies is often a popular option for organizations trying to maximize their Microsoft ecosystem and license. To be clear, AIP was rebranded to MIP, and then subsumed into Microsoft Purview Information Protection (MPIP). All the name-switching confusion aside, the goal of the technology is admirable: empower users to adopt a data protection program.

Within Microsoft 365, MIP allows users to easily label documents as sensitive or internal, providing the document with valuable meta information that can help the rest of the M365 platform handle it appropriately. Once labeled, policy can be created to help control data—e.g. preventing it from being shared inappropriately, or only allowing “view” and not “edit” access.  

The importance of integrating with SSE

One of the reasons MIP has become so popular is mainly because the challenge of securing data has never been more difficult. With users regularly off-network and working remotely, and cloud apps distributing data far and wide, organizations are now faced with new challenges. Gone are the old days when centralized data center protections could solve your problems. They can’t follow your data off-network and are losing more visibility every day. As such, today’s forward-leaning companies are embracing a more modern approach, mainly focusing on Gartner’s Security Service Edge (SSE). Built from the ground up for the world of cloud and mobility, this cloud-delivered platform helps unify security, data protection, and visibility across any connection or location.   

With the rise of SSE, it’s only natural that organizations look to marry its advantages with their existing Microsoft deployments. So, while MIP is a powerful concept, there are some aspects of its approach that need to be supercharged. Enter Zscaler.

How Zscaler supercharges MIP

As the world’s largest security cloud and the pioneer of the Zero Trust Exchange, Zscaler’s strategic position alongside sensitive data can significantly uplevel MIP functionality.

Since Zscaler natively sits inline and can scale to inspect all SSL, it has an eagle’s eye on the comings and goings of all sensitive data. The first MIP integration leverages this fact to help further enforce policy. The integration starts with a syncing between Zscaler’s cloud and Microsoft MIP labels. Once Zscaler receives these labels, it can use its best-in-class DLP engine to enable policy blocking across any sensitive or internal labels attached to outbound data. Doing this inline, leveraging the metadata attached to the document, enables organizations to add a valuable real-time blocking and control aspect to MIP data. This ensures sensitive data doesn’t leave the organization to unsanctioned or risky SaaS Apps (outside M365).

The second Zscaler MIP integration focuses on data at rest inside of M365. Since Zscaler already knows the MIP labels and also has a full multi-mode CASB, it can go hunting inside of your Microsoft 365 platform for improperly labeled data. Together, Zscaler CASB and DLP can find sensitive data at rest and check if it has been properly labeled. If it hasn’t, it can update the document with the proper label, and moving forward it will be treated accordingly by MIP policy within the M365 Platform.

Seeing the Zscaler MIP integration in action

While the integration story sounds great, a picture is worth a thousand words. To that end, we’ve compiled a demo of the integration so you can see how it looks and feels inside the Zscaler console.    


Ready to learn more about Zscaler Data Protection?

While Microsoft MIP integration is a powerful feature, rest assured that Zscaler’s Data Protection solution has much much more to offer. Thousands of organizations have looked to embrace Zscaler for their data protection initiatives, and have successfully deployed it to help further protect and empower their M365 ecosystem. To learn more about how Zscaler can help transform your data security, visit our solution page, or feel free to talk to one of our experts.


form submtited
Thank you for reading

Was this post useful?

dots pattern

Get the latest Zscaler blog updates in your inbox

By submitting the form, you are agreeing to our privacy policy.