The modern enterprise demands a single, extensible control plane for all the data being created, consumed and shared by their current and future on-premise and cloud environments. The Microsoft Office 365 and Azure ecosystems empower productive organizations around the globe. Ionic Security Inc. and Microsoft Corp. are collaborating on a first-of-kind solution that maximizes simplicity while maintaining flexibility for enterprise end-users and compliance, security, and risk professionals alike. The new joint solution extends Microsoft’s Azure Information Protection (AIP) platform to interoperate with Ionic Security’s best-in-class cross-cloud Data Trust Platform.
Ionic Security and Microsoft partner to simplify risk management and accelerate enterprise cloud adoption
Through this collaboration, and working with some of the world’s largest enterprises, the companies have endeavored to deliver on a first-of-its-kind solution: Ionic Data Trust Services for Microsoft AIP. This technology empowers joint customers – the world’s largest banks, insurance providers, management consulting firms, defense agencies, and technology companies – to bring a common access control, privacy, accountability, and integrity plane to data natively inside the Microsoft’s Office 365 and Microsoft Azure, across cloud providers, and within custom line-of-business applications.
“Our customers choose Microsoft 365 and Azure to deliver continuous innovation, and do so securely. With our new extensibility framework for Azure Information Protection, and together with Ionic Security, we are helping to change the narrative of how simple it is to bring advanced security, risk, and trust management capabilities natively to some of the most utilized business productivity solutions worldwide.”
Head of Product for Azure Information Protection
This joint solution solves two of the toughest challenges the security market wrestles with on behalf of customers: Usability and Policy Consistency. By extending the policy decision-making framework for Microsoft AIP to interoperate with third-party services such as Ionic Security’s real-time data trust platform, enterprises now have a consistent management framework for all their data while maintaining a native user experience in the world’s most pervasive business productivity solution, Microsoft Office 365, across mobile, web and desktop environments.
Machine-scale trust for our machine-scale age
Available today for select customers is a limited-preview of the new extensibility model for the on-premises Hold Your Own Key (HYOK) solution. The new extensibility model for Azure powered Bring Your Own Key (BYOK) services will be made available later in 2018.
For more information about this new AIP extensibility model view Microsoft’s Azure Information Protection blog post https://aka.ms/aipionic
Externalized Policy Decision Point for Azure Information Protection
Key features of the immediately available limited-preview include:
- Seamless end user experience – This integration operates wherever the AIP-enlightened applications exist. The Ionic Data Trust platform can natively control the release of key material to the full range of Windows, OSX, mobile devices, Office applications, email clients, web clients, and more.
- Policy Extensibility – The Ionic Data Trust platform supports integration with multiple Policy Information Points (PIPs), which enables enterprises to leverage not only the document classification, but real-time user posture—including attributes beyond the Microsoft ecosystem — to enrich decisions around releasing AIP keys for access to AIP-encrypted document data. This flexible, just-in-time policy decision framework provides lineage-level visibility over access requests and access decisions
- Attribute Extensibility – Enterprises can protect their highest-confidentiality data with the breadth of attributes and flexibility of real-time changes provided by the Ionic Data Trust platform, extending Microsoft’s notion of conditional access to the full set of attributes available to the enterprise, including those within Line-of-business applications, for policy consideration.
- Hold Your Own Key – Because the integration available today operates in AIP’s Hold Your Own Key (HYOK) configuration, enterprises keep control of their own keys for highly confidential data, on premise, as well as extend their policy decision-making beyond the Microsoft ecosystem.
- Policy Localization – The distributed and hybrid technology architecture of the Ionic Data Trust platform enables multi-national organizations to jurisdictionally localize where policy information lives and is enforced while still providing global shared services with native end-user experiences.
- Cross Cloud Consistency – Because the Ionic Data Trust platform is the leading cross-cloud data trust service provider, enterprises are now able to have a single point of policy definition, encryption key management, and policy enforcement while being able to leverage the best technologies from the major cloud providers.
- (Coming later in 2018): Azure powered BYOK services will be able to make use of each of the above listed features, and provide seamless interoperability between BYOK and HYOK powered workflows.