• Contact Us

    We will get back to you as soon as possible.

  • We do not collect personal information except to the extent you provide that information to use through email, your web browser or through our contact forms. We will not share, sell or otherwise provide non-public information to others without your consent.

  • This field is for validation purposes and should be left unchanged.

SIGN UP FOR OUR NEWSLETTER

  • We do not collect personal information except to the extent you provide that information to use through email, your web browser or through our contact forms. We will not share, sell or otherwise provide non-public information to others without your consent.

  • This field is for validation purposes and should be left unchanged.
O365 Sensitivity Labels – Dynamic Content Marking
Published on April 4, 2021
Sensitivity Labels

Sensitivity Label

Before using Dynamic Content Marking(s) for Sensitivity Labels, there are some initial housekeeping chores required.

A sensitivity label is simply a tag that indicates the value of the item to your organization. It can be applied manually, or automatically. Once applied it gets embedded in the document and will follow it everywhere it goes. A sensitivity label enables various protective behaviors, such as mandatory watermarking or encryption.

Sensitivity labels must be enabled for files that are in SharePoint and OneDrive in order for the corresponding data to surface in the data classification page. For more information, see Enable sensitivity labels for Office files in SharePoint and OneDrive.

Sensitivity Labels – Dynamic Content Marking

When configuring content marking for a sensitivity label, you can now use the dynamic variables such as ${Item.Label} and ${Item.Location} in the text string for your header, footer, or watermark.

Important

Currently, not all apps on all platforms support dynamic content markings that you can specify for your headers, footers, and watermarks. For apps that don’t support this capability, they apply the markings as the original text specified in the label configuration, rather than resolving the variables.

The Azure Information Protection unified labeling client supports dynamic markings. For labeling built in to Office, see the tables in the capabilities section on this page.

When you configure a sensitivity label – dynamic content marking – for content markings, you can use the following variables in the text string for your header, footer, or watermark:

 

Variable Description Example
${Item.Label} Label display name of the label applied General
${Item.Name} File name or email subject of the content being labeled Sales.docx
${Item.Location} Path and file name of the document being labeled, or the email subject for an email being labeled \\Sales\2020\Q3\Report.docx
${User.Name} Display name of the user applying the label Richard Simone
${User.PrincipalName} Azure AD user principal name (UPN) of the user applying the label rsimone@contoso.com
${Event.DateTime} Date and time when the content is labeled, in the local time zone of the user applying the label 8/10/2020 1:30 PM

Note:

The syntax for these variables is case-sensitive.

Setting different visual markings for Word, Excel, PowerPoint, and Outlook

As an additional variable, you can configure visual markings per Office application type by using an “If.App” variable statement in the text string, and identify the application type by using the values Word, Excel, PowerPoint, or Outlook. You can also abbreviate these values, which is necessary if you want to specify more than one in the same If.App statement.

Examples:

Set header text for Word documents only:

${If.App.Word}This Word document is sensitive ${If.End}

In Word document headers only, the label applies the header text “This Word document is sensitive”. No header text is applied to other Office applications.

Set footer text for Word, Excel, and Outlook , and different footer text for PowerPoint:

${If.App.WXO}This content is confidential. ${If.End}${If.App.PowerPoint}This presentation is confidential. ${If.End}

In Word, Excel, and Outlook, the label applies the footer text “This content is confidential.” In PowerPoint, the label applies the footer text “This presentation is confidential.”

Set specific watermark text for Word and PowerPoint, and then watermark text for Word, Excel, and PowerPoint:

${If.App.WP}This content is ${If.End}Confidential

In Word and PowerPoint, the label applies the watermark text “This content is Confidential”. In Excel, the label applies the watermark text “Confidential”. In Outlook, the label doesn’t apply any watermark text because watermarks as visual markings are not supported for Outlook.

Require users to apply a label to their email and documents

IMPORTANT – Sensitivity Labels – Dynamic Content Marking

Also known as mandatory labeling, not all apps on all platforms currently support the policy setting of Require users to apply a label to their email and documents.

The Azure Information Protection unified labeling client supports mandatory labeling and for labeling built in to Office apps, see the tables in the capabilities section on this page.

When this policy setting is selected, users assigned the policy must select and apply a sensitivity label under the following scenarios:

  • For the Azure Information Protection unified labeling client:
    • For documents (Word, Excel, PowerPoint): When an unlabeled document is saved or users close the document.
    • For emails (Outlook): At the time users send an unlabeled message.
  • For labeling built in to Office apps:
    • For documents ((Word, Excel, PowerPoint): When an unlabeled document is opened or saved.
    • For emails (Outlook): At the time users send an unlabeled email message.
  • Additional information for built-in labeling:
    • When users are prompted to add a sensitivity label because they open an unlabeled document, they can
      add a label or choose to open the document in read-only mode.
    • When mandatory labeling is in effect, users can’t remove sensitivity labels from documents, but can
      change an existing label.

CORE PRACTICES

  • Implementing correct solutions
  • Bringing the correct talent (professional-staff-augmentation or project team)
  • Alignment to the business functional & functional direction
  • Maintaining agility with communication and options
  • Ensure to have a properly scoped project and accurate roadmap eliminating fluff

LATEST VIDEOS

Testimonials

 

Dynamic Technical Solutions is one of the best in the business. I had the pleasure of working and learning a great deal from their team members in the past four years. DTS’ work ethic is unlike any I have ever seen. I have always known them to follow through until the job is completed correctly.

 

R.T., Senior IT Infrastructure & Ops Manager, E-470 Public Highway Authority

Testimonials

 

I had a pleasure working with Dynamic Technical Solutions very closely on a very complex, critical project with a lot of moving parts and unknowns. Not only did DTS quickly grasped all the complexities of the project, they helped bring clarity and order to it. Their dedication and professionalism are tremendous. They are team members whom you can always count on to be there and deliver what’s required and then some. Their technical abilities have allowed us to develop and implement great solutions. DTS’ understanding of IT security helped us not only come up with a robust technical solution, but also a very secure one. I’ll gladly work with them any time again.

 

I.S., VP Technology at Barclays Capital

Testimonials

 

I have had the pleasure of working with Dynamic Technical Solutions over the last year servicing the same customer. DTS demonstrates an exceptional technical aptitude, attention to detail and work ethic that makes their service delivery extraordinary. Anyone requiring solid directory services architectural or technical guidance will benefit from what DTS brings to the table. I recommend their work.

 

N.K., Microsoft - Senior Technical Account Manager

Testimonials

 

I had the pleasure of working with Dynamic Technical Solutions at The Children's Hospital and found them to be an extremely knowledgeable in respect to Microsoft Windows Engineering. Their precision, dedication, thoroughness and understanding in Microsoft Active Directory design and support are impeccable. They take pride in continuously learning, adapting and implementing all of the knowledge they possess and have shown such aptitude in technical writings of Kerberos, DNS and Microsoft products as a whole. I would welcome the opportunity of working with DTS again and hope to do so in the future.

 

M.D., The Children's Hospital

Testimonials

 

We contracted with DTS to perform an upgrade/migration of our existing Active Directory and Exchange environments onto new equipment. The entire process was extremely painless and we were very happy with the results. I can honestly say that our DTS consultants exceeded our expectations. It took less time than we had anticipated, and some of the issues we were afraid of running into did occur, but our DTS consultants were very quick at finding a working solution.

DTS is technically competent, their work is very thorough, and their attention to detail is the best I have seen. I would not hesitate in recommending Dynamic Technical Solutions to anyone looking for Microsoft professionals.

 

R.B. Information Technology Director, Colorado City Government – Town of Vail

Testimonials

 

CH2M Hill is a $5B IT and engineering firm based in Denver, Colorado. CH2M Hill has utilized DTS for complex IT management and support projects. During the time that DTS supported our efforts for one of our customers (a Fortune 500 company), their consultant exhibited significant technical competencies. Furthermore, our DTS consultant is a professional, receiving high marks from the customer for program management as well as communication skills.

 

Director of Business Development, CH2M Hill

read more

Stay Well

Here are some incredibly-simple videos to watch & share with co-workers, family and friend on staying well: