Microsoft Azure Information Protection can be purchased either standalone or through one of the following Microsoft licensing suites:
- Enterprise Mobility + Security
- Microsoft 365 Enterprise
Azure Information Protection is offered as a user subscription license. It's available for direct purchase online or through the following programs:
|Feature||Free||Azure Information Protection for Office 365||Azure Information Protection Premium P1||Azure Information Protection Premium P2|
|Azure Information Protection content consumption by using work or school accounts from AIP policy-aware apps and services|
|Protection for Microsoft Exchange Online, Microsoft SharePoint Online, and Microsoft OneDrive for Business content|
|Bring Your Own Key (BYOK) for customer-managed key provisioning life cycle2|
|Custom templates, including departmental templates|
|Protection for on-premises Exchange and SharePoint content via Rights Management connector|
|Azure Information Protection software developer kit for protection for all platforms – Windows, Windows Mobile, iOS, Mac OSX, and Android|
|Protection for non-Microsoft Office file formats, including PTXT, PJPG, and PFILE (generic protection)|
|Azure Information Protection content creation by using work or school accounts|
|Office 365 Message Encryption|
|Manual, default, and mandatory document classification|
|Azure Information Protection scanner for content discovery of on-premises files matching any of the sensitive information types|
|Azure Information Protection scanner to apply a label to all files in an on-premises file server or repository|
|Rights Management connector with on-premises Windows Server file shares by using the File Classification Infrastructure (FCI) connector|
|Document tracking and revocation|
|Microsoft Information Protection software developer kit (SDK) to apply labels and protection to emails and files for all platforms – Windows, iOS, Mac OSX, Android, and Linux|
|Configure conditions for automatic and recommended classification|
|Set labels to automatically apply pre-configured S/MIME protection in Outlook|
|Hold Your Own Key (HYOK) that spans Azure Information Protection and Active Directory (AD) Rights Management for highly regulated scenarios|
|Azure Information Protection scanner for automated classification, labeling, and protection of supported on-premises files|
Self-service subscription for users in an organization who have been sent sensitive files that have been protected by Azure Information Protection, but that can't be authenticated because the users' IT department does not manage an account for them in Azure—for example, the IT department doesn't have Office 365 or use Azure services.
Azure Information Protection for Office 365
Microsoft Azure Information Protection is included in the Office 365 Enterprise E3 and above plans.
Azure Information Protection Premium P1
Provides additional rights to use the on-premises connectors, track and revoke shared documents, and enable users to manually classify and label documents.
Note: Also part of Microsoft Enterprise Mobility + Security E3 and Microsoft 365 E3.
Azure Information Protection Premium P2
Builds on Azure Information Protection Premium P1 with automated and recommended classification, labeling, and protection, with policy-based rules and Hold Your Own Key (HYOK) configurations that span Azure Rights Management and Active Directory Rights Management.
Note: Also part of Enterprise Mobility + Security E5 and Microsoft 365 E5.
Support & SLARead the SLA for Azure Information
Estimate your monthly costs for Azure services
Review Azure pricing frequently asked questions
Learn more about Azure Information Protection
Review technical tutorials, videos, and more resources