Body
Overview
Microsoft Sensitivity Labels (from here referred to as “labels”) are labels that should be applied to files and emails where sensitive or restricted data is involved. This article will explain the usage of these sensitivity labels.
The Purdue Data Classification and Handling Procedures will be referenced in this article. This procedure can be found here: https://www.purdue.edu/securepurdue/data-handling/index.php
By default, all files and emails will be given the label of General Data.
Details
General Data is described as this: The General Data label is classified as public data in accordance with Purdue Data Classification and Handling Procedures. Public Data means that it has no special restrictions for storage or sharing.
This label does not provide public access to the files and emails. The label is just a statement that the data contained is not of a sensitive or restricted nature and can be stored and shared as you like.
This label does not have any effect on the files and emails it is applied to.
Sensitive Data – Purdue Only is described as this: The Sensitive Data – Purdue Only label is classified as sensitive data in accordance with Purdue Data Classification and Handling Procedures. Sensitive Data – Purdue Only means that it is data that special care should be taken concerning its storage and sharing with internal individuals. This data should not be shared outside of designated Purdue employees who have a business need to see this data.
This label will place a watermark on the file.
These files will not be able to be viewed by individuals without a Purdue M365 tenant or otherwise associated account.
Sensitive Data – Purdue and External is described as this: The Sensitive Data – Purdue and External label is classified as sensitive data in accordance with Purdue Data Classification and Handling Procedures. Sensitive Data – Purdue and External means that it is data that special care should be taken concerning its storage and sharing with external persons or entities. This data should only be shared outside of designated Purdue employees with external persons or entities that have a business need to see this data.
This label will place a watermark on the file.
Restricted Data – Purdue Only is described as this: The Restricted Data – Purdue Only label is classified as restricted data in accordance with Purdue Data Classification and Handling Procedures. Restricted Data – Purdue Only means that it is data that special care should be taken concerning its storage and sharing with internal individuals. This data should not be shared outside of designated Purdue employees who have a business need to see this data. Restricted data is usually governed by regulatory controls such as HIPAA or FERPA.
Restricted data should be located in the SharePoint Restricted Data Storage.
This label will place a watermark on the file.
These files will not be able to be viewed by individuals without a Purdue M365 tenant or otherwise associated account.
Restricted Data – Purdue and External is described as this: The Restricted Data – Purdue and External label is classified as restricted data in accordance with Purdue Data Classification and Handling Procedures. Restricted Data – Purdue and External means that it is data that special care should be taken concerning its storage and sharing with external persons or entities. This data should only be shared outside of designated Purdue employees with external persons or entities that have a business need to see this data. Restricted data is usually governed by regulatory controls such as HIPAA or FERPA.
Restricted data should be located in the SharePoint Restricted Data Storage.
This label will place a watermark on the file.
Still need help? Click the 'Purdue IT Request' button to start a ticket.