![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(291.2, 46%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EP%3C/text%3E%3C/svg%3E)
Microsoft Purview
A Microsoft data governance service that helps manage and govern on-premises, multicloud, and software-as-a-service data. Previously known as Azure Purview.
1,156 questions
@prasantc - Thanks for the question and using MS Q&A paltform.
Based on the official documentation: Restrict access to content by using sensitivity labels to apply encryption, it is recommended to use sensitivity labels to restrict and encrypt access to documents when sharing them with external users via email. You can also enforce protection settings such as encryption, watermarks, and access restrictions. For example, users can apply a Confidential label to a document or email, which can encrypt the content and add a Confidential watermark.
Recommendations for the expiry and offline access settings:
Regarding the expiration of public sharing of files in email, it is recommended to set the user access to content to never expire unless the content has a specific time-bound requirement. The offline access setting depends on the sensitivity of the content. For sensitive business data that could cause damage to the business if shared with unauthorized people, it is recommended to allow offline access for only a limited number of days, such as 7. For very sensitive business data that would cause damage to the business if shared with unauthorized people, it is recommended to never allow offline access. For less sensitive content, it is recommended to always allow offline access for up to 30 days or the configured use license validity period for the tenant.
As for modifying an existing public label or creating a sublabel under it for public sharing of files in email, it is not clear from the provided document whether this is a good approach or not. It is recommended to use sensitivity labels to classify and protect data based on business requirements. You can apply sensitivity labels to containers like SharePoint sites and help manage external users' access. However, it is important to note that sensitivity labels on containers can restrict access to the container, but content in the container doesn't inherit the label.
Hope this helps. Do let us know if you any further queries.
If this answers your query, do click Accept Answer and Yes for was this answer helpful. And, if you have any further query do let us know.