Use the Sensitivity feature in Office to apply and view sensitivity labels

Supported OS tags: Windows10

This policy setting controls whether sensitivity labels configured by an admin can be applied and viewed by using sensitivity labels in an Office app, such as Word. It applies only to subscription versions of Office, such as Microsoft 365 Apps for enterprise.​ This setting has been updated for newer versions of M365 Apps. For more information about this setting and how it applies to versions of M365 Apps, see https://go.microsoft.com/fwlink/p/?linkid=2207430. ​ For newer versions of M365 Apps:​ If you enable this policy setting, or don’t configure this policy setting, sensitivity labels that are built into Office apps can be used to apply and view sensitivity labels. If you disable this policy setting, sensitivity labels that are built into Office apps can’t be used to apply or view sensitivity labels. If the Microsoft Azure Information Protection unified labeling client is installed and you want to use the add-in from that client for labeling, you must also configure the policy setting "Use the Azure Information Protection add-in for sensitivity labeling".​ For prior versions:​ If you enable this policy setting, labels built into Office apps can be used to apply and view sensitivity labels. If the Microsoft Azure Information Protection unified labeling client is installed, we also recommend you block that client’s add-in from loading in Word, Excel, PowerPoint, and Outlook. If you disable this policy setting, or don’t configure this policy setting, labels built into Office apps can’t be used to apply and view sensitivity labels. If the Microsoft Azure Information Protection unified labeling client is installed, the add-in from that client can be used to apply and view sensitivity labels in Office apps.

This policy has no additional user input fields.

• User
  ActiveX Control Initialization

  Windows7
• User
  Allow Basic Authentication prompts from network proxies

  Windows7
• User
  Allow file extensions for OLE embedding

  Windows7
• User
  Allow root or intermediate certificates as VBA trusted publishers

  Windows 10
• User
  Allow specified hosts to show Basic Authentication prompts to Office apps

  Windows7
• User
  Allow VBA to load typelib references by path from untrusted intranet locations

  Windows 10
• User
  Automation Security

  Windows7
• User
  Block additional file extensions for OLE embedding

  Windows7
• User
  Block all internet macros (ignore trusted locations or publishers)

  Windows 10
• User
  Block Insecure Protocols

  Windows7
• User
  Block loading of COM/VSTO add-ins registered in HKCU

  Windows 10
• User
  Block OLE Graph

  Windows7