I’ve been missing an easy way to tell if an AIP label will encrypt information, or if it “only” adds the label metadata and/or visual markings. Sure, I can explain it in the description of the label, but that is not very intuitive.
We cannot add images to AIP labels, but I realized that there are a lot of symbols in the Unicode world – that are in fact just text but shown as icons – and I found this padlock icon using Word’s Insert Symbol feature:
If I insert that symbol into Word, I can then copy it from there and paste it wherever I want it.
This is what it looks like as text in Word 2016:
This is what it looks like in the Azure Portal, after I have pasted it into the Label display name and Description of an AIP label:
This is what it looks like in Word 2016 as an AIP label:
So the symbol looks different on different platforms, but it is always a padlock. There are other fonts that have padlocks, but I chose Segoe UI Symbol, since that font is installed by default in Windows.
Please note that using an unusual Unicode character might cause issues:
PowerShell ISE can partly handle the symbol correctly:
while PowerShell cannot:
Azure Information Protection Client can show it (right-clicking on files in Windows):
Cloud App Security can also show it correctly:
I do not know how it will look on platforms that do not have that font.
I do not know if other systems (like DLP) are able to correctly read/set the label. Many DLP can however use partial matching of strings.
Please leave a comment below if you have any more info on where this works or does not work.
Microsoft Security Solutions 