Presentation is loading. Please wait.

Presentation is loading. Please wait.

We have to Share Data - Now What? Jon R. Wall Security / IA Microsoft.

Published byMeagan Rudman Modified over 10 years ago

Similar presentations

Presentation on theme: "We have to Share Data - Now What? Jon R. Wall Security / IA Microsoft."— Presentation transcript:

1 We have to Share Data - Now What? Jon R. Wall Security / IA Microsoft

2 The move from need to know to need to share Within Organizations Within Organizations Across Organizations Across Organizations Across Civilian and Military Across Civilian and Military 5Is 5Is Across Govt. and Commercial Across Govt. and Commercial

3 Interest – the wrong type Florida Dept. of Labor: 4,624 files Florida Dept. of Labor: 4,624 files Bureau of the Census: 1,138 Laptops Bureau of the Census: 1,138 Laptops City of Savanna, Georgia: 8,800 files City of Savanna, Georgia: 8,800 files USDA Data Breach: 26,000 files USDA Data Breach: 26,000 files US Navy Data Breach: 28,00 files US Navy Data Breach: 28,00 files TJX Sued for Loss of Consumer Data TJX Sued for Loss of Consumer Data U.S. Department of Veterans Affairs 25.5 million veterans and military personnel U.S. Department of Veterans Affairs 25.5 million veterans and military personnel http://www.privacyrights.org/ar/ChronD ataBreaches.htm#CP http://www.privacyrights.org/ar/ChronD ataBreaches.htm#CP http://www.privacyrights.org/ar/ChronD ataBreaches.htm#CP http://www.privacyrights.org/ar/ChronD ataBreaches.htm#CP

4 4 Risk Management

5 Microsoft Confidential Secure Infrastructure Protection against malware, unauthorized access and evolving threats Managed identities and protected personal information from unauthorized access Protected sensitive data from prying eyes Protected document security throughout its lifecycle Monitoring systems and measuring compliance BitLocker Drive Encryption Encrypting File System Windows Server Rights Management Services (RMS) Office Information Management Services (IRM) Technology Framework for Data Governance Identity & Access Control Data Encryption DocumentManagementDocumentManagement Auditing & Reporting Reporting

6 Many Governmental compliance rules (HIPAA, Sarbanes Oxley, FDA 21CFR11, etc.) require that measures are put into place to safeguard digital information Many Governmental compliance rules (HIPAA, Sarbanes Oxley, FDA 21CFR11, etc.) require that measures are put into place to safeguard digital information Expiration of content required for many other industry and governmental regulations Expiration of content required for many other industry and governmental regulations Government and Industry Compliance

7 Todays Policy Expression Today, most communication policies only exist on paperToday, most communication policies only exist on paper Its easy to unintentionally forward e-mails & documentsIts easy to unintentionally forward e-mails & documents Its easy to intentionally share/sell plans w/competitors, press, InternetIts easy to intentionally share/sell plans w/competitors, press, Internet

8 Boundary-Based Technologies 5

9 6

10 Access Control List Yes No Perimeter Todays Information Protection

11 Microsoft Confidential Windows RMS provides organizations with the tools they need to safeguard confidential & sensitive data Data protected at rest and during collaboration Information Protection Specify not only who has initial access to information but also what they can do with it Policy Enforcement Integrated with SharePoint, Office, XPS, Exchange, Windows Mobile Out-of-box scenarios RMS SDK Partner Ecosystem Customizable Solution 9

12 Document Author can define who do the following: Document Author can define who do the following: View document View document Edit document Edit document Print document Print document Copy/Paste Copy/Paste RMS Gives Authors Control

13 1. On first use, authors receive client licensor certificate from RMS server 2. Author creates content and assigns rights 3. File is distributed to recipient(s) 4. Recipient opens file, and their RMS client contacts server for user validation and to obtain a license 5. Application opens the file and enforces the restrictions How RMS Works

14 Windows RMS Usage Scenarios Control access to sensitive plans Set level of access: view, change, print, etc. Determine length of access Protect Sensitive Files Keep Executive e-mail off the Internet Reduce internal forwarding of confidential information Templates to centrally manage policies Do-Not-Forward Email Safeguard financial, legal, HR content Set level of access: view, print, export View Office 2003 rights protected info Safeguard Intranet Content Keep Internal Information Internal

15 RMS Will NOT … …provide unbreakable, hacker-proof security …provide unbreakable, hacker-proof security …protect against analog attacks …protect against analog attacks

16 Comparing S/MIME and RMS Comparing S/MIME and RMS When Should I Use Which Technology? Comparing implementation of S/MIME signing, S/MIME encryption, and IRM. Feature S/MIME Signing S/MIME Encryption IRM Authenticates the senderYesNo Authenticates the recipientNoYes Uses two-factor authentication *Yes No Can encrypt contentNoYes Prevents content tamperingYes Offers content expirationNo Yes Controls content viewing, forwarding, saving, modifying, or printing by recipient No Yes Differentiates permissions by recipientNo Yes

17 With IRM turned on in SharePoint Central Admin, define Policies for specific document libraries, such as Project X, Confidential, Restricted, FOUO, etc. With IRM turned on in SharePoint Central Admin, define Policies for specific document libraries, such as Project X, Confidential, Restricted, FOUO, etc. Define when policies expire, whether users can print, how often credentials must be validated, etc. Define when policies expire, whether users can print, how often credentials must be validated, etc. Automates and forces the RMS encryption of the files in the specific document library Automates and forces the RMS encryption of the files in the specific document library Users can still create their own policies and upload encrypted documents to other doclibs Users can still create their own policies and upload encrypted documents to other doclibs IRM and SharePoint

18 DoD 5015.2 certification Certified May 24, 2007. It is now listed on the JITC product register Certified May 24, 2007. It is now listed on the JITC product registerJITC product registerJITC product register Applies to: Microsoft Office SharePoint Server 2007 Applies to: Microsoft Office SharePoint Server 2007Microsoft Office SharePoint Server 2007Microsoft Office SharePoint Server 2007

19 Titus Labs Suite: Message Classification Message Classification Microsoft Outlook, OWA and Windows Mobile to force the classification of e-mails Microsoft Outlook, OWA and Windows Mobile to force the classification of e-mails Document Classification Document Classification Microsoft Office to force the classification of Office documents (Word, PowerPoint & Excel) Microsoft Office to force the classification of Office documents (Word, PowerPoint & Excel)

20 Internal Use Confidential Restricted x-header 3 rd party Gateway Confidential Restricted Public Enforcing policy… proper handling… prevent disclosure… Encrypted User A User B Visual (Labels) Non-Visual (MetaData)

21 RMS at Microsoft Example of RMS Templates Corporate RMS templates available from the Permission menu of Outlook, Word, PowerPoint, and Excel Corporate RMS templates available from the Permission menu of Outlook, Word, PowerPoint, and Excel Microsoft Confidential Only Microsoft employees can access the message. Allows for View, Reply, Reply All, Save, Edit, and Forward Microsoft Confidential Read Only Only Microsoft employees can access the message. Allows for View, Reply, Reply All Microsoft FTE Confidential Only Microsoft full-time employees can access the message. Allows for View, Reply, Reply All, Save, Edit, and Forward Microsoft FTE Confidential Read Only Only Microsoft full-time employees can access the message. Allows for View, Reply, and Reply All.

22 Summary RMS enables organizations to keep internal information internal RMS enables organizations to keep internal information internal Key benefits: Key benefits: Safeguards sensitive internal information Safeguards sensitive internal information Augments existing perimeter security technologies Augments existing perimeter security technologies Digitally enforces organization policies Digitally enforces organization policies Persistent file protection Persistent file protection Easy to use Easy to use

23 © 2005 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.

Download ppt "We have to Share Data - Now What? Jon R. Wall Security / IA Microsoft."

Similar presentations

Copyright Critical Software S.A. 1998-2008 All Rights Reserved. COTS based approach for the Multilevel Security Problem Bernardo Patrão.

Copyright Critical Software S.A All Rights Reserved. COTS based approach for the Multilevel Security Problem Bernardo Patrão.
Meganet Corporation VME Office 2004. Meganet Corporation Meganet Corporation is a leading worldwide provider of data security to Governments, Military,

Meganet Corporation VME Office Meganet Corporation Meganet Corporation is a leading worldwide provider of data security to Governments, Military,
Identity & Security. Today's IT Security challenges Rising Internal Attacks 75% of companies report insiders responsible for breaches Growing headcount.

Identity & Security. Today's IT Security challenges Rising Internal Attacks 75% of companies report insiders responsible for breaches Growing headcount.
Rights Management Services (RMS) Paul Cullimore Graham Calladine Security Solutions Team, MCS, UK.

Rights Management Services (RMS) Paul Cullimore Graham Calladine Security Solutions Team, MCS, UK.
SLIDE 1 Westbrook Technologies from Fortis: A Healthcare Solution for Medical Records, Billing and HIPAA.

SLIDE 1 Westbrook Technologies from Fortis: A Healthcare Solution for Medical Records, Billing and HIPAA.
Microsoft Confidential Solution Overview: Foxit Software Corporation’s PDF Security Suite.

Microsoft Confidential Solution Overview: Foxit Software Corporation’s PDF Security Suite.
Securing Corporate Email & Documents Richard Elphick Titus Labs.

Securing Corporate & Documents Richard Elphick Titus Labs.
We have to Share Data - Now What?. The move from need to know to need to share Within Organizations Within Organizations Across Organizations Across Organizations.

We have to Share Data - Now What?. The move from need to know to need to share Within Organizations Within Organizations Across Organizations Across Organizations.
Enterprise Desktop A Detailed Intro ved Jeppe Skovhus Gerholt © 2006 Microsoft Corporation. All rights reserved. This presentation is for informational.

Enterprise Desktop A Detailed Intro ved Jeppe Skovhus Gerholt © 2006 Microsoft Corporation. All rights reserved. This presentation is for informational.
General Business Secure Information Sharing in SharePoint 2010 Antonio Maio Senior Product Manager, Titus Inc.

General Business Secure Information Sharing in SharePoint 2010 Antonio Maio Senior Product Manager, Titus Inc.
PETs and ID Management Privacy & Security Workshop JC Cannon Privacy Strategist Corporate Privacy Group Microsoft Corporation.

PETs and ID Management Privacy & Security Workshop JC Cannon Privacy Strategist Corporate Privacy Group Microsoft Corporation.
Security Controls – What Works

Security Controls – What Works
Joe Schulman Program Manager, Forefront For Office

Joe Schulman Program Manager, Forefront For Office
Understanding Active Directory

Understanding Active Directory
1 © Copyright 2007 EMC Corporation. All rights reserved. EMC Documentum Information Rights Management EMC Content Management and Archiving.

1 © Copyright 2007 EMC Corporation. All rights reserved. EMC Documentum Information Rights Management EMC Content Management and Archiving.
1 of 2 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2006 Microsoft Corporation.

1 of 2 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2006 Microsoft Corporation.
Why Compliance Legal and Regulatory requirements Organizational governance requests Internal and external threats Today’s Challenges Duplicate solutions.

Why Compliance Legal and Regulatory requirements Organizational governance requests Internal and external threats Today’s Challenges Duplicate solutions.
Exchange 2010 Overview Name Title Group. What You Tell Us Communication overload Globally distributed customers and partners High cost of communications.

Exchange 2010 Overview Name Title Group. What You Tell Us Communication overload Globally distributed customers and partners High cost of communications.
SIM318. Protect Sensitive Information Reduce risk associated with information leaks Improve regulatory compliance Centrally manage information protection.

SIM318. Protect Sensitive Information Reduce risk associated with information leaks Improve regulatory compliance Centrally manage information protection.
© 2011 Autodesk Securing AutoCAD IP in the era of WikiLeaks Presenter: Rahul Kopikar Co-Founder, Seclore Technology.

© 2011 Autodesk Securing AutoCAD IP in the era of WikiLeaks Presenter: Rahul Kopikar Co-Founder, Seclore Technology.

Similar presentations

Ads by Google