Designing Microsoft Purview Labels
Sensitivity Labels help in the classification of data based on its sensitivity and apply protection on them. Before configuring sensitivity labels in Purview consider the following:
- What categories to use to protect information. Examples include Public, Confidential, Restricted etc.
- Are the label names and descriptions clear for users to understand and apply.
- What would you like each category of label to do? For example, restrict access, apply encryption, or block external users etc.
- Assign each category of label to a specific color. For example, green to public or red to restricted. This will provide a visual indicator when the user opens the document.
- Consider creating a Microsoft 365 Group and add users who will access restricted content.
The following table shows an example of label categories and their usage. You can also determine what items to protect for each of the labels in the planning stage. Once you have designed the labels and their properties, the next step will be to configure the labels in Purview.
| Label category | Details |
| Public | (1) Non sensitive information (2) Allow external access (3) Guests require MFA (4) No encryption |
| Confidential | (1) Sensitive information (2) Allow external access (3) Guests require MFA and (4) No encryption |
| Highly Confidential | (1) Restricted to organization users (2) No external access (3) No document encryption |
| Restricted | (1) Sensitive and restricted information (2) Allow external access (3) Encryption required (4) MFA required |
| Strict | (1) Restricted to organization users (2) No external access (3) Encryption required |