保护敏感数据应该始终是每个操作系统的一个重要方面，这是Microsoft非常了解的。该公司在Windows 10^{(Windows 10)}方面做得非常出色，解决了与安全有关的大多数问题，而Windows 信息保护^{(Windows Information Protection)}是其中的重要组成部分。我们应该指出，此保护套件包含Windows 信息保护^{(Windows Information Protection)}、Azure 信息保护^{(Azure Information Protection)}和Microsoft Cloud App Security之类的。

事情是这样的，Windows 信息保护^{(Windows Information Protection)}，也称为WIP，被赋予了通过敏感信息类型功能保护自动分类文件的能力。它充分利用了Windows Defender ATP，但请记住，最新改进仅在Windows 10 1903 及更高版本中可用。

配置在制品

在我们继续之前，我们想谈谈如何配置Windows 信息保护^{(Windows Information Protection)}。这非常简单直接，所以让我们为您的乐趣而启动和运行。

好的，所以用户需要做的第一件事是通过他们的 Web 浏览器访问manage.microsoft.com并使用^{(manage.microsoft.com)}Windows Intune管理帐户登录。之后，用户应该会在左侧看到一个导航窗格，然后选择Policies选项。

1. 登录到 microsoft.com，并确保使用您的 Windows Intune管理帐户登录。
2. 从左侧窗格中，选择显示为Policies的选项。
3. 在窗口中，用户应该会看到Add Policy。请^(Please)点击它继续前进。
4. 人们现在应该会看到一个名为Create a New Policy的对话框，然后继续展开Windows，然后确保选择Windows Information Protection。
5. 最后，单击Create and Deploy a Custom Policy。
6. 然后，下一步是单击创建策略
7. 请务必输入策略的名称
8. 输入^(Enter)描述并指定应用程序规则^{(App Rules)}（如果这是您的事情）。

这就是配置WIP的地方。如您所知，这项任务非常简单，尤其是对于那些熟悉计算机操作的人来说。

^(Protect)使用Endpoint Data Loss Prevention^{(Endpoint Data Loss Prevention)}保护敏感度标签

当涉及到管理敏感度标签时，这可以在Microsoft 365合规中心相对轻松地完成。

对于那些不知道的人，Windows Defender能够提取文件以检查它是否被病毒或恶意软件污染。它还可以检查文件是否包含敏感信息，例如信用卡号或其他类型的重要数据。

默认的敏感信息类型包括信用卡号码、电话号码、驾照号码等。但是，这里有趣的是用户可以根据需要设置自定义敏感信息类型。

Windows 信息保护

每当用户在Windows 10^{(Windows 10)}端点上创建或编辑文件时，都会立即提取内容并由Windows Defender ATP评估。然后它将检查文件中是否存在任何已定义的敏感信息类型。

现在，如果文件匹配，Windows Defender ATP将继续应用端点数据丢失防护。

应该注意的是，Windows Defender ATP与Microsoft Azure 信息保护^{(Microsoft Azure Information Protection)}集成，该功能主要用于数据发现。它还可以报告最近发现的敏感数据类型。

对于想要查看敏感信息类型的用户，我们建议在通过Microsoft Office 365合规性^{(Microsoft Office 365)}分类^{(Classifications)}下进行检查。请记住^(Bear)，所有默认敏感信息类型都将Microsoft作为发布者。当涉及到自定义类型时，它们将附加到租户的名称上。

希望这可以帮助。^{(Hope this helps.)}

Windows Information Protection (WIP) automatically protects classified files

Protecting sensitive data should always be an important aspect of every operating system, and this is something Microsoft knows verу well. The company has done a wonderful job with Windows 10 to address mоst сoncerns where security is concerned, and Windows Information Protection is a big part of it. We should point out that this protection suite contains the likes of Windows Information Protection, Azure Information Protection, and Microsoft Cloud App Security.

Here’s the thing, Windows Information Protection, otherwise known as WIP, is well endowed to protect automatically classified files via the sensitive information types feature. It takes full advantage of Windows Defender ATP, but bear in mind the latest improvements are only available in Windows 10 1903 and later.

Configure WIP

Before we go forward, wed like to talk about how to configure Windows Information Protection. It’s quite easy and straight to the point, so let’s get things up and running for your pleasure.

OK, so the first thing the user needs to do is to visit manage.microsoft.com via their web browser and log-in with a Windows Intune administrative account. After that, the user should see a navigation pane on the left and select the option that says Policies.

1. Login to microsoft.com, and make sure to do it with your Windows Intune administrative account.
2. From the left pane, select the option that says Policies.
3. From within the window, users should see Add Policy. Please click on that to move forward.
4. Folks should now see a dialog known as Create a New Policy, then move ahead to expand Windows, then make sure to select Windows Information Protection.
5. Finally, click on Create and Deploy a Custom Policy.
6. The next step, then, is to click on Create Policy
7. Be sure to enter a name for the policy
8. Enter the description and specify App Rules if that’s your thing.

That’s it right there for configuring WIP. As you can tell, the task is quite easy, especially for those who know their way around a computer.

Protect sensitivity labels with Endpoint Data Loss Prevention

When it comes down to managing sensitivity labels, this can be done in the Microsoft 365 compliance center with relative ease.

For those who were not aware, Windows Defender is capable of extracting a file to check if it has been contaminated with a virus or malware. It can also check if a file contains sensitive information such as credit card numbers or other types of important data.

The default sensitive information types include credit card numbers, phone numbers, driver’s license numbers, and more. However, what’s interesting here is the ability for users to set custom sensitive information types should they wish to do so.

Windows Information Protection

Whenever the user creates or edits a file on Windows 10 endpoint, the content is promptly extracted an evaluated by Windows Defender ATP. It will then check the files for any defined sensitive information types.

Now, if the files have a match, Windows Defender ATP will then proceed to apply endpoint data loss prevention.

It should be noted that Windows Defender ATP is integrated with Microsoft Azure Information Protection, a feature that was designed primarily for data discovery. It can also report sensitive data types that were recently discovered.

For those who want to see the sensitive information types, we suggest checking under Classifications via Microsoft Office 365 compliance. Bear in mind that all default sensitive information types have Microsoft as the publisher. When it comes down to custom types, they will be attached to the name of the tenant.

Hope this helps.

Related posts

• 在Windows Defender启用和配置Ransomware Protection

• 如何在Windows 10的Exploit Protection中添加或排除应用程序

• 如何在Windows 10中清除Windows Defender Protection History

• 什么是Windows 10中的Firewall and Network Protection以及如何隐藏此部分

• 从Windows Security修改Exploit Protection防止用户

• 如何启用Windows Defender Periodic Scanning在Windows 10

• 该Service无法启动，Error 0x80070422在Windows Defender

• Fix Windows Defender error code 0x8050800c在Windows 11/10上

• 在Windows 10上永久禁用Windows Defender

• 在Windows 10启用潜在的Unwanted Applications protection

• Windows Defender Threat Service已在Windows 10中停止

• WinDefThreatsView - Windows Defender Set default威胁的动作

• 如何将File type or Process Exclusion添加到Windows Security

• 什么是Windows 10中的Family Options以及如何隐藏此部分

• 在Windows 10启用或禁用Core Isolation and Memory Integrity

• 该计划的服务已停止，0x800106BA，在Windows Defender中

• 如何从Windows Defender scan在Windows 10排除的文件夹

• Fix Windows Defender error 0x8007139f在Windows 11/10上

• 什么是Windows 10中的WDAGUtilityAccount？我应该删除它吗？

• Windows Defender在Windows 10中没有自动更新