MK
Muhammed Koca
BLOG & IT SOLUTIONS
TR EN
Home Blog About
Ağ & Network
100%

Using Sensitivity Labels in Microsoft 365 Web Applications

Detailed technical guide on the use and configuration steps of sensitivity labels in Microsoft 365 web applications.

Contents

Overview

Microsoft has introduced an important update for Microsoft 365 web-based applications (Word, Excel and PowerPoint). Sensitivity Labels and user-defined permissions can now be applied directly via the browser, without having to switch to the desktop application. This feature accelerates data security and compliance processes.

Problem

Previously, sensitivity tags, and specifically user-defined permissions, were only available in desktop clients. This situation forced web-based users to switch to the desktop version to protect their files and interrupted the workflow.

Solution: Requirements and Configuration

In order to use this feature, certain prerequisites must be met at the tenant level. It is critical that co-authoring support is active, especially for encrypted files.

Step 1: Preliminary Preparation and Co-authoring Control

Microsoft 365 Admin Center or PowerShell can be used to enable co-authoring on encrypted files. The following command can be used to verify tenant settings:

Set-SPOTenant -IsSensitivityLabelForOfficeFilesEnabled $true

Step 2: Apply Tags on the Web

  • Open the Microsoft 365 web app (Word, Excel, or PowerPoint).
  • Click the Sensitivity button on the top ribbon menu.
  • Select the tag you want to apply.
  • If the tag requires user-defined permissions, define the required users and access levels in the window that opens.
    • Warning: This feature was launched in mid-April 2026 and is expected to be available globally by early May 2026. If you don't see the option, contact your tenant administrator to check if the feature update is complete.

    Technical Details

    Sensitivity tags are managed centrally through the Microsoft Purview platform. These tags encrypt files via the Rights Management Service (RMS) engine. This update to web applications signifies full integration of the RMS engine into browser-based file handling processes. In this way, who has permission to read, edit or print the file can be instantly controlled via the browser.

    Conclusion

    This update provides great convenience for hybrid working models. It is now possible to protect sensitive data without compromising security standards when sharing files over the web.

    Related Articles

    View All
    Ağ & Network

    New TeamViewer Connector for Microsoft Intune: Installation and Configuration Guide

    Detailed guide on the installation, SSO configuration and migration process of the new TeamViewer connector that comes with the Microsoft Intune 2604 update.

    Ağ & Network

    Windows 11 25H2: Automatic Update Maintenance Schedule Configuration

    Learn how to configure GPO settings for the new maintenance window coming with Windows 11 25H2. Step by step guide and technical details.

    Ağ & Network

    Microsoft 365 Copilot Cowork: Setup and Management of Autonomous Artificial Intelligence Agents

    How to set up Microsoft 365 Copilot Cowork autonomous agents? Technical details about Work IQ integration and Frontier program.