Skip to main content
Microsoft 365 logo

What You Need to Know About Microsoft Sensitivity Labels


What is a sensitivity label? Why would I use a sensitivity label in Microsoft 365?

First, let us explain what the label is and what it does.

When you add a sensitivity label to content, it's like a stamp that's applied and is:

  • CustomizableSpecific to your organization and business needs, you can create categories for different levels of sensitive content in your organization. For example, Internal, Public, Confidential.


  • Clear text  - Because a label is stored in clear text in the metadata for files and emails, third-party apps and services can read it and then apply their own protective actions, if required.


  • Persistent  - Because the label is stored in metadata for files and emails, the label roams with the content, no matter where it's saved or stored. The unique label identification becomes the basis for applying and enforcing the policies that you configure.

Helping Protect Your Business

For millions of businesses, Microsoft products have become essential. They have found that they simply can no longer operate without the use of these applications and systems. One such system that has become essential for businesses needing to enable employees to access data while also protecting that data at the same time has come through the Microsoft sensitivity labels.
You may be unfamiliar with this term, but it has become an essential part of doing business. This is part of the Microsoft information protection that protects data by creating sensitivity labels that classify who and how information should be accessed.
In using the Microsoft docs, a label is attached to the document. The labels assigned to documented include personal, private, general, confidential, and highly confidential. This determines the protection level assigned to the document, which can then determine who will have access.
In most businesses, there are three levels of access: admin, and user, and office or third-party service. The admin would clearly have the highest level of access to documents, enabling them to use Microsoft 365 to be able to gain access to any document where a label has been assigned.
The end-user, are able to work on a document or email. They may even have the capability to classify a document by assigning a label according to Microsoft compliance. That leaves the office or third-party service, which enforces the protection settings.

How It Works

This is not a very complicated system, but it can still be a little confusing. Understanding it may become clear through the use of an example. Say an employee or supervisor creates a document. They then assign a sensitivity label to that document based upon who and how it should be accessed. Others may be involved in creating the document and can be classified as “co-author.”
Documents can then be accessed through the server or sent via email. If a specific user is sent to the document, then only that user would have the ability to alter the document. If placed on the server, only those granted permissions would be able to do so according to Microsoft compliance.
This is a great way to minimize access to a specific document, while still ensuring that there are multiple people who can access it. In this way, the Microsoft sensitivity labels are helping to protect data while making businesses more efficient.

Feel free to contact us with any questions.