Sensitivity Labels are classification and protection tags in Microsoft 365 that assign a confidentiality level to documents, emails, Teams, and SharePoint sites. They operate on two layers: classification (visible marking with header, footer, or watermark) and optional encryption with granular permissions. For a successful start, classification without encryption is usually sufficient — it already removes roughly 80% of the project complexity.
When an IT administrator needs to prevent sensitive documents from being accidentally shared with external recipients, uncontrolled guest accounts, or AI systems, they need a mechanism that makes confidentiality levels consistently visible and, where required, technically enforced — without the rollout taking months or blocking end users.
A Sensitivity Label operates on two effect layers that can be deployed independently of each other.
Layer 1: Classification. The label visualizes the confidentiality level on the document, SharePoint site, or Team. End users see a marking such as "Internal", "Confidential", or "Highly Confidential" directly in the user interface. Headers, footers, and watermarks with freely definable text can also be added.
Layer 2: Encryption and permissions. The document is technically encrypted, and a separate permission layer is defined at the label itself — in addition to existing SharePoint permissions. This means: even if a document is accidentally shared with "Everyone except external users", nobody who is not explicitly authorized at the label level can open it. Even if the document is uploaded to an external AI tool, it cannot be processed there because it cannot be decrypted.
Important: You do not need to introduce both layers at the same time. Pure classification without encryption already has a significant effect — simply making "Highly Confidential" or "Do not use with AI" visible changes user behavior measurably and eliminates 80% of project complexity up front.
Technically, a Sensitivity Label consists of two separate configuration objects: the label itself (defines encryption, permissions, content marking) and the publishing policy (determines which users can see and apply the label). Both must be configured before end users can work with a label.
Sensitivity Labels can be applied on two fundamentally different layers — and most mistakes arise because this distinction is not understood.
| Criterion | Container Layer | Data Layer |
| Applies to | Teams, Microsoft 365 Groups, SharePoint sites | Documents, emails, Teams meetings, chats, Power BI, Fabric |
| Effect | Sets group/site settings (guests, privacy, unmanaged devices) | Marks and protects the content itself |
| Encryption | No — settings only | Optional — including permissions |
| Inheritance to documents | No inheritance | Directly on the document |
| Content marking | Not available | Header, footer, watermark possible |
Container labels control the configuration of the group or site: who may be added as a guest, which access types are permitted for unmanaged devices, whether the Team is private or public, whether it is visible in the Team directory. The label sets these configurations but has no influence on documents within the SharePoint library.
An important pitfall with container labels: If you remove the label, the settings that were applied are not rolled back. If a label set a SharePoint site to "no external sharing" and you remove the label, "no external sharing" remains in place. Settings are only synchronized when switching to a different label. Anyone removing a label must reset the settings manually or via script.
Labels on the data layer serve a completely different purpose: they mark and protect individual documents, emails, or meetings. SharePoint permissions are overridden by label encryption — a user not authorized at the label level cannot open the document even if SharePoint grants them access.