? ? AreaPropertiesValues Information Privacy Personally Identifiable InformationHigh; Moderate; Low; Public; Not PII Protected Health InformationHigh;

Slides:



Advertisements
Similar presentations
Copyright line. Configuring Server Roles in Windows 2008 Exam Objectives New Roles in 2008 New Roles in 2008 Read-Only Domain Controllers (RODCs) Read-Only.
Advertisements

Consumer / personal data Individual work data Team / group work data Personal devices Data location SkyDrive Public cloud SkyDrive Pro SharePoint.
2  Industry trends and challenges  Windows Server 2012: Modern workstyle, enabled  Access from virtually anywhere, any device  Full Windows experience.
Dynamic Access Control Deep Dive Siddharth Bhai Program Manager, Active Directory Microsoft Corporation Matthias Wollnik Program Manager, File Server Microsoft.
? ? AreaPropertiesValues Information Privacy Personally Identifiable InformationHigh; Moderate; Low; Public; Not PII Protected Health InformationHigh;
? ? 63K confirmed security incidents for 2013 w/ 1,367 confirmed data breaches. Over 40% targeted at server assets. 73% of enterprise IT hardware decision.
Security and Policy Enforcement Mark Gibson Dave Northey
What is the problem we are trying to solve? Users want to work anywhere on any device IT needs to retain control and manage risk.
Windows Server 2012 R2 Capabilities for BYOD Scenario Yuri Diogenes Senior Knowledge Engineer Data Center, Devices & Enterprise Client – CSI Team’s Page:
? ? 63K confirmed security incidents for 2013 w/ 1,367 confirmed data breaches. Over 40% targeted at server assets. 73% of enterprise IT hardware.
Understanding Active Directory
Upgrading the Platform - How to Get There!
Active Directory and Dynamic Access Control Pete Calvert
Matt Steele Senior Program Manager Microsoft Corporation SESSION CODE: SIA326.
Managing Client Access
Business Needs and IT Challenges How can IT maintain user productivity and protect against evolving threats How can IT reduce complexity and scale.
Module 1 Introduction to Managing Microsoft® Windows Server® 2008 Environment.
Auditing Logical Access in a Network Environment Presented By, Eric Booker and Mark Ren New York State Comptroller’s Office Network Security Unit.
Christopher Chapman | MCT Content PM, Microsoft Learning, PDG Planning, Microsoft.
Module 10: Designing an AD RMS Infrastructure in Windows Server 2008.
Implementing Secure Shared File Access
Dynamic Access Control Overview Matthias Wollnik Program Manager, File Server Microsoft Corporation.
Christopher Chapman | MCT Content PM, Microsoft Learning, PDG Planning, Microsoft.
Hands-On Microsoft Windows Server 2008
Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®
WSV323. CSO/CIO department Regulation translated to control objectives Infrastructure Support Control objectives turned into control activities.
Keep Your Information Safe! Josh Heller Sr. Product Manager Microsoft Corporation SIA206.
Module 9 Configuring Messaging Policy and Compliance.
20411B 8: Installing, Configuring, and Troubleshooting the Network Policy Server Role Presentation: 60 minutes Lab: 60 minutes After completing this module,
Module 9 Configuring Messaging Policy and Compliance.
User and computer attributes can be used in ACEs ACEs with conditions, including logical and relational operators User and Device Claims Expression-Based.
Kick starting your migration to Windows Server 2012 Alex Pubanz, Jesse Suna Senior PFEs, Microsoft WSV331.
Module 7 Planning and Deploying Messaging Compliance.
Access and Information Protection Product Overview Andrew McMurray Technical Evangelist – Windows
Module 9 User Profiles and Social Networking. Module Overview Configuring User Profiles Implementing SharePoint 2010 Social Networking Features.
Module 11: Designing an Active Directory Federation Services Implementation in Windows Server 2008.
Microsoft Virtual Academy Preparing for the Windows 8.1 MCSA Module 5: Managing Devices & Resource Access.
Keep Your Information Safe! Josh Heller Sr. Product Manager Microsoft Corporation SIA206.
Active Directory Domain Services (AD DS). Identity and Access (IDA) – An IDA infrastructure should: Store information about users, groups, computers and.
The Four Pillars of Identity: A Solution for Online Success Tom Shinder Principle Writer and Knowledge Engineer, SCD iX Solutions Group Microsoft Corporation.
Hybrid Identity Deep dive Ross Adams 2016 Redmond Summit | Identity Without Boundaries May 25 th 2016 Azure AD
Enabling the Modern Workstyle with Windows 10 & Azure Active Directory Venkatesh Gopalakrishnan 2016 Redmond Summit | Identity Without Boundaries May 25,
Redmond Protocols Plugfest 2016 Randy Dong AD Family and BYOD Protocol Test Suite Updates Software Engineer.
Protect your data Enable your users Desktop Virtualization Information protection Mobile device & application management Identity and Access Management.
Today’s challenges Data Users Apps Devices
Deployment Planning Services
Implementing Active Directory Domain Services
Session Dynamic Access Control – The NEW Black
Information Protection
9/6/2018 1:41 AM SAC-422T Using claims-based access control for compliance and information governance Samuel Devasahayam Nir Ben Zvi Lead Program Manager.
Acutelearn Azure Administration Training in Hyderabad Classroom Training Instructor led trainings at Acutelearn premises Corporate Training Custom tailored.
Dynamic Access Control
11/16/2018 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.
11/19/2018 6:21 AM SAC-425T Building security auditing solutions for compliance and forensic analysis Jay Dave Dave McPherson Program Manager Security.
11/22/2018 2:11 PM © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or.
Access and Information Protection Product Overview October 2013
Using classification for access control and compliance
TechEd /6/2018 1:14 PM © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks.
TechEd /7/ :16 AM © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered.
TechEd /8/2018 7:24 PM © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks.
TechEd /9/2018 1:09 PM © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks.
Active Directory Overview
Brian Puhl Technology Architect Microsoft Corporation
Windows Active Directory Environment
4/9/ :42 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.
System Center Marketing
TechEd /24/ :20 AM © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered.
TechEd /6/ :24 PM © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks.
TechEd /18/ :51 PM © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered.
Microsoft Virtual Academy
Presentation transcript:

? ?

AreaPropertiesValues Information Privacy Personally Identifiable InformationHigh; Moderate; Low; Public; Not PII Protected Health InformationHigh; Moderate; Low Information Security ConfidentialityHigh; Moderate; Low Required ClearanceRestricted; Internal Use; Public Legal Compliancy SOX; PCI; HIPAA/HITECH; NIST SP ; NIST SP ; U.S.-EU Safe Harbor Framework; GLBA; ITAR; PIPEDA; EU Data Protection Directive; Japanese Personal Information Privacy Act DiscoverabilityPrivileged; Hold ImmutableYes/No Intellectual Property Copyright; Trade Secret; Parent Application Document; Patent Supporting Document Records Management Retention Long-term; Mid-term; Short-term; Indefinite Retention Start Date Organizational ImpactHigh; Moderate; Low Department Engineering ;Legal; Human Resources … Project Personal UseYes/No

Data classification Demo

DCT Database 4. Report 1. Import 2. Export 3. Deploy OOB Knowledge Scale (#File Servers) Hybrid Environment Staging File Server Production File Servers Windows 2008 R2 Windows 2012 Collect Domain Controller (Active Directory) Management Client Windows 2012 R2

x 50 Country 50 Groups Branch x Groups Customers 100,000 Groups! x 100

User claims User.Department = Finance User.Clearance = High ACCESS POLICY Applies = High Allow | Read, Write | if AND == True) Device claims Device.Department = Finance Device.Managed = True Resource properties Resource.Department = Finance Resource.Impact = High AD DS 12 File Server

Windows Server 2012 Active Directory Windows Server 2012/R2 File Server End User Access Policy ? Resource Property Definitions User Claims

Central access policies Demo

Automatic RMS protection Demo

Domain Controller (Active Directory) Client User Accounts Forest 2012 Domain Controller (Active Directory) Resources Forest Share with Access Based Enumeration on Windows 2012 File Server COI1 COI2 COI3 Active Directory Trusts with Selective Authentication Access to User Data Shares

Files Rule 1 Customer Defined Access Policy For access to COI information, a user must be a member of the COI for which the data is classified. If data is not classified, only the Owner, Administrators, and SYSTEM have Full Control.

Folders Rule 1 Folders Rule 2Folders Rule 3 Files Rule 1 Files Rule 2Files Rule 3 ACCESS POLICY For access to COI data, the user’s COI claim must match the data being requested. If data is not classified or if the data is in a folder that does not permit the COI for which the data is labeled, only the Owner, Administrators, and SYSTEM have Full Control. The use Device Claims and clearance information is currently being planned.

Customer solution Demo

WCA-B204Active Directory Enables User Productivity and IT Risk Management Strategies Across a Variety of Devices WCA-B214Windows Server Work Folders overview – my corporate data on all my devices WCA-B332Windows Server Work Folders – a deep dive into the new Windows Server data sync solution WCA-B333Enable work from anywhere without losing sleep: remote access with the Web Application Proxy and VPN solutions WCA-B334Secure anywhere access to corporate resources such as Windows Server Work Folders using ADFS Hands on lab Active Directory Deployment and Management Enhancements Hands on lab Using Dynamic Access Control to Automatically and Centrally Secure Data Hands on lab Windows Server 2012 R2 Work Folders

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.