Presentation on theme: "? ? AreaPropertiesValues Information Privacy Personally Identifiable InformationHigh; Moderate; Low; Public; Not PII Protected Health InformationHigh;"— Presentation transcript:
AreaPropertiesValues Information Privacy Personally Identifiable InformationHigh; Moderate; Low; Public; Not PII Protected Health InformationHigh; Moderate; Low Information Security ConfidentialityHigh; Moderate; Low Required ClearanceRestricted; Internal Use; Public Legal Compliancy SOX; PCI; HIPAA/HITECH; NIST SP ; NIST SP ; U.S.-EU Safe Harbor Framework; GLBA; ITAR; PIPEDA; EU Data Protection Directive; Japanese Personal Information Privacy Act DiscoverabilityPrivileged; Hold ImmutableYes/No Intellectual Property Copyright; Trade Secret; Parent Application Document; Patent Supporting Document Records Management Retention Long-term; Mid-term; Short-term; Indefinite Retention Start Date Organizational ImpactHigh; Moderate; Low Department Engineering ;Legal; Human Resources … Project Personal UseYes/No
Data classification Demo
DCT Database 4. Report 1. Import 2. Export 3. Deploy OOB Knowledge Scale (#File Servers) Hybrid Environment Staging File Server Production File Servers Windows 2008 R2 Windows 2012 Collect Domain Controller (Active Directory) Management Client Windows 2012 R2
x 50 Country 50 Groups Branch x Groups Customers 100,000 Groups! x 100
User claims User.Department = Finance User.Clearance = High ACCESS POLICY Applies = High Allow | Read, Write | if AND == True) Device claims Device.Department = Finance Device.Managed = True Resource properties Resource.Department = Finance Resource.Impact = High AD DS 12 File Server
Windows Server 2012 Active Directory Windows Server 2012/R2 File Server End User Access Policy ? Resource Property Definitions User Claims
Central access policies Demo
Automatic RMS protection Demo
Domain Controller (Active Directory) Client User Accounts Forest 2012 Domain Controller (Active Directory) Resources Forest Share with Access Based Enumeration on Windows 2012 File Server COI1 COI2 COI3 Active Directory Trusts with Selective Authentication Access to User Data Shares
Files Rule 1 Files Rule 2Files Rule 3 Customer Defined Access Policy For access to COI information, a user must be a member of the COI for which the data is classified. If data is not classified, only the Owner, Administrators, and SYSTEM have Full Control.
Folders Rule 1 Folders Rule 2Folders Rule 3 Files Rule 1 Files Rule 2Files Rule 3 ACCESS POLICY For access to COI data, the user’s COI claim must match the data being requested. If data is not classified or if the data is in a folder that does not permit the COI for which the data is labeled, only the Owner, Administrators, and SYSTEM have Full Control. The use Device Claims and clearance information is currently being planned.
Customer solution Demo
WCA-B204Active Directory Enables User Productivity and IT Risk Management Strategies Across a Variety of Devices WCA-B214Windows Server Work Folders overview – my corporate data on all my devices WCA-B332Windows Server Work Folders – a deep dive into the new Windows Server data sync solution WCA-B333Enable work from anywhere without losing sleep: remote access with the Web Application Proxy and VPN solutions WCA-B334Secure anywhere access to corporate resources such as Windows Server Work Folders using ADFS Hands on lab Active Directory Deployment and Management Enhancements Hands on lab Using Dynamic Access Control to Automatically and Centrally Secure Data Hands on lab Windows Server 2012 R2 Work Folders