New Contributor

I used a file policy to automatically label every document in a SharePoint folder with a sensitivity label (unified), which applies encryption and has a pre-configured (not user-specified) permission.  Normally, when documents are labelled with that pre-configured label manually, and when they are uploaded to a SharePoint site, the labels are recognized and the documents can be opened in Word on the web (e.g. Excel or PowerPoint) for co-authoring.  However, when documents are labelled automatically by Cloud App Security by a file policy.  The documents' labels are not recognized in SharePoint and those documents cannot be open for co-authoring.  Is it an expected behavior or there are some settings that I have missed?!  


The encryption applied to the documents are owned by whom? I notice the "Modified By" column in SharePoint lists out the user "SharePoint App" for that document.  Does it mean the document is encrypted under the "SharePoint App" user account? and how do I use it to decrypt it if necessary? 





Hi, would you be able to share some screen shots of how you created your MCAS file policy please and I will see if I can reproduce the policy in my tenant to see how it responds.

@PeterRising Thanks.  A screen shot showing the policy is now attached.   Basically, the policy specifies a folder in SharePoint and it will automatically apply a sensitivity label to every file under that folder. 



So, I recreated your policy and the label auto applies.  However, when I try and open an existing file in the SharePoint Online library in the browser, I get this message;


Screenshot 2020-06-27 at 18.42.40.png

And if I try and open in the Word app I get the following;


Screenshot 2020-06-27 at 18.42.52.png

Is this the same as what you are seeing?


Weirdly though, if I create a new file in the library, the policy matches and I can continue to access the document.

@PeterRising Yes, I encountered the same first error screen (IRM warning).  But I didn't encounter the 2nd warning screen.   Can you open the document in Word for the web for co-authoring?



No, I am unable to open the document in Word Online.  As I said, this document existed already in the doc library before I created the MCAS file policy.  If I now create a new doc, it works as expected.  Very strange.  


I'm going to play around with this some more.  In the meantime, I would recommend opening a Microsoft support case to see if they can advise on this behaviour.

We support Ukraine and condemn war. Push Russian government to act against war. Be brave, vocal and show your support to Ukraine. Follow the latest news HERE