Previously in this chapter, we discussed deploying the AIP clients. Once that's done, the policy you create can be downloaded to those clients. The policy may apply a default label to Exchange items and Office files, or it may just make the labels available to users to classify their content.

Here's an example of a modified global policy. You could just modify the global policy that applies to everyone, like this one, or create additional policies that apply to specific users and groups:

Taken note of some of the powerful options here:

• Display the Information Protection bar in Office apps
• Add the Do Not Forward button to the Outlook ribbon
• Customizable policy tips for emails
• Require justification for lowering classification or removing protection

To get started, go to Azure (portal.azure.com), find the Azure Information Protection blade, and select Policies. From here, you can select the default Global policy or click Add a new policy:

Next, let's find out what a super user is and how to configure one.