Windows Server 2012: Identity and Access Module 4: Data Encryption.

Module Manual
Author: Andrew J Warren, Content Master

Published: September 10th, 2012

Information in this document, including URLs and other Internet Web site references, are subject to change without notice. Unless otherwise noted, the example companies, organizations, products, domain names, e-mail addresses, logos, people, places, and events depicted herein are fictitious, and no association with any real company, organization, product, domain name, e-mail address, logo, person, place or event is intended or should be inferred. Complying with all applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording, or otherwise), or for any purpose, without the express written permission of Microsoft Corporation. Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from Microsoft, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property. 2012 Microsoft Corporation. All rights reserved. Microsoft is either a registered trademark or trademark of Microsoft Corporation in the United States and/or other countries. The names of actual companies and products mentioned herein may be the trademarks of their respective owners.

Microsoft Virtual Academy Student Manual

ii

Contents
CONTENTS.................................................................................................................................................................................................................. III LESSON 3: DATA ENCRYPTION ........................................................................................................................................................................... 4 Data Encryption Challenge .............................................................................................................................................................................. 5

Microsoft Virtual Academy Student Manual

iii

Module 4: Data Encryption.

Lesson 3: Data Encryption

Protection of sensitive information is mainly about mitigating risk for the organization. Various compliance regulations, such as Health Insurance Portability and Accountability Act (HIPAA) or Payment Card Industry Data Security Standard (PCI-DSS), dictate encryption of information, and there are numerous business reasons to encrypt sensitive business information. However, encrypting information is expensive, and it might impair business productivity. Thus, organizations tend to have different approaches and priorities for encrypting their information.

Microsoft Virtual Academy Student Manual

Module 4: Data Encryption.

Data Encryption Challenge

Active Directory Rights Management Services (RMS), updated for Windows Server 2012, works with Dynamic Access Control as another component of the overall information protection solution. Recognizing that a document's location may change frequentlyit can be on a file server, a USB flash drive, a corporate laptop, or a home computerit is essential to ensure that the data itself is protected wherever it is stored at any given time. RMS tackles this problem by securing the document itselfencrypting its contents and applying policy to it so that access to the file is controlled and managed by AD DS. For Windows Server 2012, Dynamic Access Control has been integrated with RMS, so the central access policy components of Dynamic Access Control automatically apply RMS templates to specific documents.

Next Step watch the Automatic Rights Management Protection demo video.

Microsoft Virtual Academy Student Manual