AIP label and policy priority

AiP label and policy priority really impact how security mechanisms work. It really determines which label will be used and which policy will be applied.

Label priority (order matters)

Order of the labels is important because it reflects their priority. Most restrictive sensitivity label, such as Highly Confidential, should appear at the bottom of the list. Least restrictive sensitivity label, such as Public, should appear at the top.

In which cases the order of the labels matters ?
  • If you set an option that requires your users to provide a justification for changing a label to a lower classification.

    this option does not apply to sub-labels

  • with automatic labeling – when multiple matches result for more than one label, the last sensitive label is selected (or the last sub-label)

Label policy priority (order matters)

The label policy with the lowest priority is shown at the top, and the label policy with the highest priority is shown at the bottom.

If you include a user in multiple label policies, then the user will see all the sensitivity labels from those policies. However, there will be only one policy settings applied: from the highest level policy.