SlideShare a Scribd company logo

Microsoft (Data Protection Solutions)

Download as PPS, PDF
Vinayak Hegde
Vinayak Hegde
SpiritualTechnology
1 of 41
A Critical Analysis of Microsoft Data Protection Solutions
Agenda ,[object Object],[object Object],[object Object],[object Object],[object Object]
Agenda ,[object Object],[object Object],[object Object],[object Object],[object Object]
[object Object],Windows Server 2008 Service Hardening Windows Advanced Firewall BitLocker Drive Encryption Server Core Dynamic Partitioning Next Generation TCP/IP 64x64-bit Cores Investment in the Fundamentals Operations Infrastructure Centralized Role Management Failover Clustering Windows Virtualization Network Access Protection Terminal Services AD Read Only Domain Controllers Windows PowerShell Security Reliability Performance Application Platform IIS 7 .NET Framework 3.0 Resource Management Federated Identity
Agenda ,[object Object],[object Object],[object Object],[object Object],[object Object]
BitLocker™ Drive Encryption ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],BitLocker
BDE is an option
Bitlocker™ features overview ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
What is a Trusted Platform Module (TPM)? ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],TPM 1.2 spec: www.trustedcomputinggroup.org
BDE Disk layout and key storage System ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],System Volume Contains: MBR, Loader, Boot Utilities (Unencrypted, small) ,[object Object],[object Object],[object Object],[object Object],SRK 1 2 3 OS Volume PIN USB-hosted key FVEK
BDE: Available Authenticators ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],TPM TPM+USB TPM+PIN USB Key (Recovery or Non-TPM) 123456-789012-345678- Recovery Password (48 Digits) TPM+USB+Pin
BDE architecture Static root of trust measurement of early boot components
[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
BDE passwords and PINs... ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
BDE Recovery options ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
How about Embedded Security for HP ProtectTools? Supported applications: ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
But...there’s more than Technology... “ 54321 TO SILENCE ALARM” “ REPEAT CODE TO RESET”
Agenda ,[object Object],[object Object],[object Object],[object Object],[object Object]
EFS investments ,[object Object],[object Object],[object Object],[object Object],[object Object]
EFS with Smartcards ,[object Object],[object Object],[object Object],[object Object],[object Object],Smartcard Private Key Derive a symmetric key AES-256 key Use as Software Private Key (Accelerated) Cache in LSA Use to encrypt FEK RSA mode Accelerated mode
EFS with remote files Client side encryption Local EFS encryption [Keys and certificates live on the client] Client connects to remote server share SMB protocol No need to enable Trust For Delegation Encrypted file sent to server File Share
EFS Group policy enhancements
EFS Re-Key Wizard ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
EFS key backup improvements ,[object Object],[object Object],[object Object],[object Object]
Agenda ,[object Object],[object Object],[object Object],[object Object],[object Object]
Information Author The Recipient RMS Server SQL Server Active Directory 2 3 4 5 ,[object Object],[object Object],[object Object],[object Object],[object Object],1 How does RMS work?
AD RMS in Windows Server 2008 ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Challenges in External Collaboration ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Challenges in External Collaboration ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Solution: AD Federation Service ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
External RMS collaboration via ADFS Contoso Fabrikam RMS WebSSO ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],AD AD FS-A FS-R 1 RAC CLC PL 2 4 3 5 6 7 8 9 RAC CLC 10 UL 11 12
Exchange 2007 and RMS Author using Office 2003 / 2007 The Recipient SQL Server Active Directory 4 5 6 ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],1 4 2 3
But...there’s more than Technology... All must enter through electronic mantrap Fence ends here Sign says, “road is for cars only”
Agenda ,[object Object],[object Object],[object Object],[object Object],[object Object]
Technology comparison BDE EFS RMS Encryption AES 128 (RSA32.LIB) AES 128 (Crypt32.DLL) AES 128 (Crypt32.DLL) Data Awareness Blocks Files App defined; docs/email Master Key TPM + SW Identity, Dongle, File SW, Smart-card Obfuscated SW (lockbox) Content Key Same as root key Same as root key Server Protects What? Windows and Data Directories and Files Documents (including use) Protects Who? Machine Owner, User Users Document Owners Protection Local, removable media Local, removable media, remote Remote, removable media Who is god? Local admin, net admin Local admin, net admin Document owner, RMS admin Supports other security systems? Yes Yes (ISV’s only) No (RMS is a security platform for applications) Data Recovery Mechanism Dongle, File, Network; Manual Key Entry Local or AD based policy RMS server policy Killer Client Scenario Lost or Stolen laptop Multi-user PC Protected Document Sharing Killer Server Scenario Branch-Office Server Protect Documents on File Shares from Admin RMS support in Sharepoint and Exchange Killer Admin Scenario Just switch it on. (also Force Recovery) My Documents encrypted by default Establish corporate information policy
What feature should I use? ,[object Object],[object Object],[object Object],Some cases can result in overlap. (e.g. Multi-user roaming laptops with untrusted network admins) Scenarios BDE EFS RMS Laptops X Branch office server X Local single-user file & folder protection X Local multi-user file & folder protection X Remote file & folder protection X Untrusted network admin X Remote document policy enforcement X
Overview ,[object Object],[object Object],[object Object],[object Object],[object Object]
Questions?
Download the HP Security Handbook! ,[object Object],[object Object]
More information ,[object Object],[object Object],[object Object]
Thank You ,[object Object],[object Object]

Recommended

A Critical Analysis of Microsoft Data Protection Solutions
A Critical Analysis of Microsoft Data Protection SolutionsA Critical Analysis of Microsoft Data Protection Solutions
A Critical Analysis of Microsoft Data Protection SolutionsJohn Rhoton
 
Security @ Windows 10 Partner Technical Bootcamp Microsoft Norway October 2015
Security @ Windows 10 Partner Technical Bootcamp Microsoft Norway October 2015Security @ Windows 10 Partner Technical Bootcamp Microsoft Norway October 2015
Security @ Windows 10 Partner Technical Bootcamp Microsoft Norway October 2015Jan Ketil Skanke
 
Deploying Microsoft BitLocker
Deploying Microsoft BitLockerDeploying Microsoft BitLocker
Deploying Microsoft BitLockerutahmisfit
 
Operating system security (a brief)
Operating system security (a brief)Operating system security (a brief)
Operating system security (a brief)cnokia
 
Bit locker Drive Encryption: How it Works and How it Compares
Bit locker Drive Encryption: How it Works and How it ComparesBit locker Drive Encryption: How it Works and How it Compares
Bit locker Drive Encryption: How it Works and How it ComparesLumension
 
Windows Server 2008 Security Enhancements
Windows Server 2008 Security EnhancementsWindows Server 2008 Security Enhancements
Windows Server 2008 Security EnhancementsPresentologics
 
How Endpoint Encryption Works
How Endpoint Encryption WorksHow Endpoint Encryption Works
How Endpoint Encryption WorksSymantec
 
System protection in Operating System
System protection in Operating SystemSystem protection in Operating System
System protection in Operating Systemsohaildanish
 

Recommended

A Critical Analysis of Microsoft Data Protection Solutions
A Critical Analysis of Microsoft Data Protection SolutionsA Critical Analysis of Microsoft Data Protection Solutions
A Critical Analysis of Microsoft Data Protection SolutionsJohn Rhoton
 
Security @ Windows 10 Partner Technical Bootcamp Microsoft Norway October 2015
Security @ Windows 10 Partner Technical Bootcamp Microsoft Norway October 2015Security @ Windows 10 Partner Technical Bootcamp Microsoft Norway October 2015
Security @ Windows 10 Partner Technical Bootcamp Microsoft Norway October 2015Jan Ketil Skanke
 
Deploying Microsoft BitLocker
Deploying Microsoft BitLockerDeploying Microsoft BitLocker
Deploying Microsoft BitLockerutahmisfit
 
Operating system security (a brief)
Operating system security (a brief)Operating system security (a brief)
Operating system security (a brief)cnokia
 
Bit locker Drive Encryption: How it Works and How it Compares
Bit locker Drive Encryption: How it Works and How it ComparesBit locker Drive Encryption: How it Works and How it Compares
Bit locker Drive Encryption: How it Works and How it ComparesLumension
 
Windows Server 2008 Security Enhancements
Windows Server 2008 Security EnhancementsWindows Server 2008 Security Enhancements
Windows Server 2008 Security EnhancementsPresentologics
 
How Endpoint Encryption Works
How Endpoint Encryption WorksHow Endpoint Encryption Works
How Endpoint Encryption WorksSymantec
 
System protection in Operating System
System protection in Operating SystemSystem protection in Operating System
System protection in Operating Systemsohaildanish
 
Symantec Endpoint Encryption - Proof Of Concept Document
Symantec Endpoint Encryption - Proof Of Concept DocumentSymantec Endpoint Encryption - Proof Of Concept Document
Symantec Endpoint Encryption - Proof Of Concept DocumentIftikhar Ali Iqbal
 
Windows 7 Seminar - Acend Corporate Learning
Windows 7 Seminar - Acend Corporate LearningWindows 7 Seminar - Acend Corporate Learning
Windows 7 Seminar - Acend Corporate LearningAcend Corporate Learning
 
Windows 7 Security
Windows 7 SecurityWindows 7 Security
Windows 7 SecurityJorge Orchilles
 
Security
SecuritySecurity
SecurityPooja Talreja
 
SERVICE AGGREMENT IT
SERVICE AGGREMENT ITSERVICE AGGREMENT IT
SERVICE AGGREMENT ITHiram Medero , PE
 
Managing bitlocker with mbam
Managing bitlocker with mbamManaging bitlocker with mbam
Managing bitlocker with mbamOlav Tvedt
 
Guide to Windows 7 - Managing Disks
Guide to Windows 7 - Managing DisksGuide to Windows 7 - Managing Disks
Guide to Windows 7 - Managing DisksGene Carboni
 
569 492-500
569 492-500569 492-500
569 492-500idescitation
 
Dell Quest TPAM Privileged Access Control
Dell Quest TPAM Privileged Access ControlDell Quest TPAM Privileged Access Control
Dell Quest TPAM Privileged Access ControlAidy Tificate
 
Ch1 2
Ch1 2Ch1 2
Ch1 2Sumit Tambe
 
Chapter 14 - Protection
Chapter 14 - ProtectionChapter 14 - Protection
Chapter 14 - ProtectionWayne Jones Jnr
 
Operating System Security
Operating System SecurityOperating System Security
Operating System SecurityRamesh Upadhaya
 
OSCh19
OSCh19OSCh19
OSCh19Joe Christensen
 
Windows 7 professional Vs Windows 7 enterprise
Windows 7 professional Vs Windows 7 enterpriseWindows 7 professional Vs Windows 7 enterprise
Windows 7 professional Vs Windows 7 enterprise247infotech
 
Module 03 installing, upgrading, and migrating to windows 7
Module 03 installing, upgrading, and migrating to windows 7Module 03 installing, upgrading, and migrating to windows 7
Module 03 installing, upgrading, and migrating to windows 7aesthetics00
 
Windows 7 in 60 minutes - New Horizons Bulgaria
Windows 7 in 60 minutes - New Horizons BulgariaWindows 7 in 60 minutes - New Horizons Bulgaria
Windows 7 in 60 minutes - New Horizons BulgariaNew Horizons Bulgaria
 
Domain Migration/Administration for the
Domain Migration/Administration for the Domain Migration/Administration for the
Domain Migration/Administration for the webhostingguy
 
Windows 7 Security Enhancements
Windows 7 Security EnhancementsWindows 7 Security Enhancements
Windows 7 Security EnhancementsPresentologics
 
Lesson 2 - Understanding Operating System Configurations
Lesson 2 - Understanding Operating System ConfigurationsLesson 2 - Understanding Operating System Configurations
Lesson 2 - Understanding Operating System ConfigurationsGene Carboni
 
Operating system vulnerability and control
Operating system vulnerability and control Operating system vulnerability and control
Operating system vulnerability and control أحلام انصارى
 
Common app schools
Common app schools Common app schools
Common app schools Sxrxhx Sxrxbxa
 
Karnataka Nature Snaps
Karnataka Nature SnapsKarnataka Nature Snaps
Karnataka Nature SnapsVinayak Hegde
 

More Related Content

What's hot

Symantec Endpoint Encryption - Proof Of Concept Document
Symantec Endpoint Encryption - Proof Of Concept DocumentSymantec Endpoint Encryption - Proof Of Concept Document
Symantec Endpoint Encryption - Proof Of Concept DocumentIftikhar Ali Iqbal
 
Windows 7 Seminar - Acend Corporate Learning
Windows 7 Seminar - Acend Corporate LearningWindows 7 Seminar - Acend Corporate Learning
Windows 7 Seminar - Acend Corporate LearningAcend Corporate Learning
 
Managing bitlocker with mbam
Managing bitlocker with mbamManaging bitlocker with mbam
Managing bitlocker with mbamOlav Tvedt
 
Guide to Windows 7 - Managing Disks
Guide to Windows 7 - Managing DisksGuide to Windows 7 - Managing Disks
Guide to Windows 7 - Managing DisksGene Carboni
 
Dell Quest TPAM Privileged Access Control
Dell Quest TPAM Privileged Access ControlDell Quest TPAM Privileged Access Control
Dell Quest TPAM Privileged Access ControlAidy Tificate
 
Operating System Security
Operating System SecurityOperating System Security
Operating System SecurityRamesh Upadhaya
 
Windows 7 professional Vs Windows 7 enterprise
Windows 7 professional Vs Windows 7 enterpriseWindows 7 professional Vs Windows 7 enterprise
Windows 7 professional Vs Windows 7 enterprise247infotech
 
Module 03 installing, upgrading, and migrating to windows 7
Module 03 installing, upgrading, and migrating to windows 7Module 03 installing, upgrading, and migrating to windows 7
Module 03 installing, upgrading, and migrating to windows 7aesthetics00
 
Windows 7 in 60 minutes - New Horizons Bulgaria
Windows 7 in 60 minutes - New Horizons BulgariaWindows 7 in 60 minutes - New Horizons Bulgaria
Windows 7 in 60 minutes - New Horizons BulgariaNew Horizons Bulgaria
 
Domain Migration/Administration for the
Domain Migration/Administration for the Domain Migration/Administration for the
Domain Migration/Administration for the webhostingguy
 
Windows 7 Security Enhancements
Windows 7 Security EnhancementsWindows 7 Security Enhancements
Windows 7 Security EnhancementsPresentologics
 
Lesson 2 - Understanding Operating System Configurations
Lesson 2 - Understanding Operating System ConfigurationsLesson 2 - Understanding Operating System Configurations
Lesson 2 - Understanding Operating System ConfigurationsGene Carboni
 
Operating system vulnerability and control
Operating system vulnerability and control Operating system vulnerability and control
Operating system vulnerability and control أحلام انصارى
 

What's hot (20)

Symantec Endpoint Encryption - Proof Of Concept Document
Symantec Endpoint Encryption - Proof Of Concept DocumentSymantec Endpoint Encryption - Proof Of Concept Document
Symantec Endpoint Encryption - Proof Of Concept Document
 
Windows 7 Seminar - Acend Corporate Learning
Windows 7 Seminar - Acend Corporate LearningWindows 7 Seminar - Acend Corporate Learning
Windows 7 Seminar - Acend Corporate Learning
 
Windows 7 Security
Windows 7 SecurityWindows 7 Security
Windows 7 Security
 
Security
SecuritySecurity
Security
 
SERVICE AGGREMENT IT
SERVICE AGGREMENT ITSERVICE AGGREMENT IT
SERVICE AGGREMENT IT
 
Managing bitlocker with mbam
Managing bitlocker with mbamManaging bitlocker with mbam
Managing bitlocker with mbam
 
Guide to Windows 7 - Managing Disks
Guide to Windows 7 - Managing DisksGuide to Windows 7 - Managing Disks
Guide to Windows 7 - Managing Disks
 
569 492-500
569 492-500569 492-500
569 492-500
 
Dell Quest TPAM Privileged Access Control
Dell Quest TPAM Privileged Access ControlDell Quest TPAM Privileged Access Control
Dell Quest TPAM Privileged Access Control
 
Ch1 2
Ch1 2Ch1 2
Ch1 2
 
Chapter 14 - Protection
Chapter 14 - ProtectionChapter 14 - Protection
Chapter 14 - Protection
 
Operating System Security
Operating System SecurityOperating System Security
Operating System Security
 
OSCh19
OSCh19OSCh19
OSCh19
 
Windows 7 professional Vs Windows 7 enterprise
Windows 7 professional Vs Windows 7 enterpriseWindows 7 professional Vs Windows 7 enterprise
Windows 7 professional Vs Windows 7 enterprise
 
Module 03 installing, upgrading, and migrating to windows 7
Module 03 installing, upgrading, and migrating to windows 7Module 03 installing, upgrading, and migrating to windows 7
Module 03 installing, upgrading, and migrating to windows 7
 
Windows 7 in 60 minutes - New Horizons Bulgaria
Windows 7 in 60 minutes - New Horizons BulgariaWindows 7 in 60 minutes - New Horizons Bulgaria
Windows 7 in 60 minutes - New Horizons Bulgaria
 
Domain Migration/Administration for the
Domain Migration/Administration for the Domain Migration/Administration for the
Domain Migration/Administration for the
 
Windows 7 Security Enhancements
Windows 7 Security EnhancementsWindows 7 Security Enhancements
Windows 7 Security Enhancements
 
Lesson 2 - Understanding Operating System Configurations
Lesson 2 - Understanding Operating System ConfigurationsLesson 2 - Understanding Operating System Configurations
Lesson 2 - Understanding Operating System Configurations
 
Operating system vulnerability and control
Operating system vulnerability and control Operating system vulnerability and control
Operating system vulnerability and control
 

Viewers also liked

Karnataka Nature Snaps
Karnataka Nature SnapsKarnataka Nature Snaps
Karnataka Nature SnapsVinayak Hegde
 
Trusted computing introduction and technical overview
Trusted computing introduction and technical overviewTrusted computing introduction and technical overview
Trusted computing introduction and technical overviewSajid Marwat
 
Hypervisor and VDI security
Hypervisor and VDI securityHypervisor and VDI security
Hypervisor and VDI securityDenis Gundarev
 
Intel Trusted eXecution Technology
Intel Trusted eXecution TechnologyIntel Trusted eXecution Technology
Intel Trusted eXecution TechnologyBibhu Biswal
 

Viewers also liked (14)

Common app schools
Common app schools Common app schools
Common app schools
 
Karnataka Nature Snaps
Karnataka Nature SnapsKarnataka Nature Snaps
Karnataka Nature Snaps
 
Teamwork
TeamworkTeamwork
Teamwork
 
Monkey
MonkeyMonkey
Monkey
 
Easy Vs Difficult
Easy Vs DifficultEasy Vs Difficult
Easy Vs Difficult
 
Taj Mahal
Taj MahalTaj Mahal
Taj Mahal
 
Vacation Planner
Vacation PlannerVacation Planner
Vacation Planner
 
Glance Uttrakhand
Glance UttrakhandGlance Uttrakhand
Glance Uttrakhand
 
Threat To Hinduism
Threat To HinduismThreat To Hinduism
Threat To Hinduism
 
Trusted computing introduction and technical overview
Trusted computing introduction and technical overviewTrusted computing introduction and technical overview
Trusted computing introduction and technical overview
 
Txt Introduction
Txt IntroductionTxt Introduction
Txt Introduction
 
Hypervisor and VDI security
Hypervisor and VDI securityHypervisor and VDI security
Hypervisor and VDI security
 
Trusted Computing Base
Trusted Computing BaseTrusted Computing Base
Trusted Computing Base
 
Intel Trusted eXecution Technology
Intel Trusted eXecution TechnologyIntel Trusted eXecution Technology
Intel Trusted eXecution Technology
 

Similar to Microsoft (Data Protection Solutions)

Securing Your Enterprise Web Apps with MongoDB Enterprise
Securing Your Enterprise Web Apps with MongoDB Enterprise Securing Your Enterprise Web Apps with MongoDB Enterprise
Securing Your Enterprise Web Apps with MongoDB Enterprise MongoDB
 
Microsoft Platform Security Briefing
Microsoft Platform Security BriefingMicrosoft Platform Security Briefing
Microsoft Platform Security Briefingtechnext1
 
Module 8 System Hacking
Module 8 System HackingModule 8 System Hacking
Module 8 System Hackingleminhvuong
 
Tips to Remediate your Vulnerability Management Program
Tips to Remediate your Vulnerability Management ProgramTips to Remediate your Vulnerability Management Program
Tips to Remediate your Vulnerability Management ProgramBeyondTrust
 
Storage Server & Brach Cache
Storage Server & Brach CacheStorage Server & Brach Cache
Storage Server & Brach CacheAmit Gatenyo
 
Protecting Your Key Asset – Data Protection Best Practices V2.0 Final
Protecting Your Key Asset – Data Protection Best Practices V2.0 FinalProtecting Your Key Asset – Data Protection Best Practices V2.0 Final
Protecting Your Key Asset – Data Protection Best Practices V2.0 FinalVinod Kumar
 
0828 Windows Server 2008 新安全功能探討
0828 Windows Server 2008 新安全功能探討0828 Windows Server 2008 新安全功能探討
0828 Windows Server 2008 新安全功能探討Timothy Chen
 
Gartner Security & Risk Management Summit 2018
Gartner Security & Risk Management Summit 2018Gartner Security & Risk Management Summit 2018
Gartner Security & Risk Management Summit 2018Paula Januszkiewicz
 
Wave 14 - Winodws 7 Security Story Core by MVP Azra Rizal
Wave 14 - Winodws 7 Security Story Core by MVP Azra RizalWave 14 - Winodws 7 Security Story Core by MVP Azra Rizal
Wave 14 - Winodws 7 Security Story Core by MVP Azra RizalQuek Lilian
 
Creating Secure Applications
Creating Secure Applications Creating Secure Applications
Creating Secure Applications guest879f38
 
Eyes Wide Shut: What Do Your Passwords Do When No One is Watching?
Eyes Wide Shut: What Do Your Passwords Do When No One is Watching?Eyes Wide Shut: What Do Your Passwords Do When No One is Watching?
Eyes Wide Shut: What Do Your Passwords Do When No One is Watching?BeyondTrust
 
Seurity In Vista
Seurity In VistaSeurity In Vista
Seurity In VistaNetworking
 
Chapter 1,2,3 & 4_Win Server AD Basics.pptx
Chapter 1,2,3 & 4_Win Server AD Basics.pptxChapter 1,2,3 & 4_Win Server AD Basics.pptx
Chapter 1,2,3 & 4_Win Server AD Basics.pptxPoornimaGhodke3
 
Understanding the Windows Server Administration Fundamentals (Part-1)
Understanding the Windows Server Administration Fundamentals (Part-1)Understanding the Windows Server Administration Fundamentals (Part-1)
Understanding the Windows Server Administration Fundamentals (Part-1)Tuan Yang
 
Praktiline pilvekonverents - IT haldust hõlbustavad uuendused
Praktiline pilvekonverents - IT haldust hõlbustavad uuendusedPraktiline pilvekonverents - IT haldust hõlbustavad uuendused
Praktiline pilvekonverents - IT haldust hõlbustavad uuendusedPrimend
 
The new rocket science stuff in microsoft pki
The new rocket science stuff in microsoft pkiThe new rocket science stuff in microsoft pki
The new rocket science stuff in microsoft pkiNathan Winters
 

Similar to Microsoft (Data Protection Solutions) (20)

Securing Your Enterprise Web Apps with MongoDB Enterprise
Securing Your Enterprise Web Apps with MongoDB Enterprise Securing Your Enterprise Web Apps with MongoDB Enterprise
Securing Your Enterprise Web Apps with MongoDB Enterprise
 
Microsoft Platform Security Briefing
Microsoft Platform Security BriefingMicrosoft Platform Security Briefing
Microsoft Platform Security Briefing
 
Module 8 System Hacking
Module 8 System HackingModule 8 System Hacking
Module 8 System Hacking
 
Tips to Remediate your Vulnerability Management Program
Tips to Remediate your Vulnerability Management ProgramTips to Remediate your Vulnerability Management Program
Tips to Remediate your Vulnerability Management Program
 
Storage Server & Brach Cache
Storage Server & Brach CacheStorage Server & Brach Cache
Storage Server & Brach Cache
 
Protecting Your Key Asset – Data Protection Best Practices V2.0 Final
Protecting Your Key Asset – Data Protection Best Practices V2.0 FinalProtecting Your Key Asset – Data Protection Best Practices V2.0 Final
Protecting Your Key Asset – Data Protection Best Practices V2.0 Final
 
Ch11
Ch11Ch11
Ch11
 
Ch11 system administration
Ch11 system administration Ch11 system administration
Ch11 system administration
 
Class Presentation
Class PresentationClass Presentation
Class Presentation
 
0828 Windows Server 2008 新安全功能探討
0828 Windows Server 2008 新安全功能探討0828 Windows Server 2008 新安全功能探討
0828 Windows Server 2008 新安全功能探討
 
Gartner Security & Risk Management Summit 2018
Gartner Security & Risk Management Summit 2018Gartner Security & Risk Management Summit 2018
Gartner Security & Risk Management Summit 2018
 
Wave 14 - Winodws 7 Security Story Core by MVP Azra Rizal
Wave 14 - Winodws 7 Security Story Core by MVP Azra RizalWave 14 - Winodws 7 Security Story Core by MVP Azra Rizal
Wave 14 - Winodws 7 Security Story Core by MVP Azra Rizal
 
Creating Secure Applications
Creating Secure Applications Creating Secure Applications
Creating Secure Applications
 
What's New in Windows 7
What's New in Windows 7What's New in Windows 7
What's New in Windows 7
 
Eyes Wide Shut: What Do Your Passwords Do When No One is Watching?
Eyes Wide Shut: What Do Your Passwords Do When No One is Watching?Eyes Wide Shut: What Do Your Passwords Do When No One is Watching?
Eyes Wide Shut: What Do Your Passwords Do When No One is Watching?
 
Seurity In Vista
Seurity In VistaSeurity In Vista
Seurity In Vista
 
Chapter 1,2,3 & 4_Win Server AD Basics.pptx
Chapter 1,2,3 & 4_Win Server AD Basics.pptxChapter 1,2,3 & 4_Win Server AD Basics.pptx
Chapter 1,2,3 & 4_Win Server AD Basics.pptx
 
Understanding the Windows Server Administration Fundamentals (Part-1)
Understanding the Windows Server Administration Fundamentals (Part-1)Understanding the Windows Server Administration Fundamentals (Part-1)
Understanding the Windows Server Administration Fundamentals (Part-1)
 
Praktiline pilvekonverents - IT haldust hõlbustavad uuendused
Praktiline pilvekonverents - IT haldust hõlbustavad uuendusedPraktiline pilvekonverents - IT haldust hõlbustavad uuendused
Praktiline pilvekonverents - IT haldust hõlbustavad uuendused
 
The new rocket science stuff in microsoft pki
The new rocket science stuff in microsoft pkiThe new rocket science stuff in microsoft pki
The new rocket science stuff in microsoft pki
 

More from Vinayak Hegde

Microsoft (Virtualization 2008)
Microsoft (Virtualization 2008)Microsoft (Virtualization 2008)
Microsoft (Virtualization 2008)Vinayak Hegde
 
Microsoft (Silverlight)
Microsoft (Silverlight)Microsoft (Silverlight)
Microsoft (Silverlight)Vinayak Hegde
 
Microsoft (Intro To Office)
Microsoft (Intro To Office)Microsoft (Intro To Office)
Microsoft (Intro To Office)Vinayak Hegde
 
Microsoft (Strength And Weakness)
Microsoft (Strength And Weakness)Microsoft (Strength And Weakness)
Microsoft (Strength And Weakness)Vinayak Hegde
 
Microsoft (SQL Server)
Microsoft (SQL Server)Microsoft (SQL Server)
Microsoft (SQL Server)Vinayak Hegde
 
Microsoft (Projects)
Microsoft (Projects)Microsoft (Projects)
Microsoft (Projects)Vinayak Hegde
 
Microsoft (Office 2007)
Microsoft (Office 2007)Microsoft (Office 2007)
Microsoft (Office 2007)Vinayak Hegde
 
Microsoft (Office 2007 And Math Edit)
Microsoft (Office 2007 And Math Edit)Microsoft (Office 2007 And Math Edit)
Microsoft (Office 2007 And Math Edit)Vinayak Hegde
 
Microsoft (Intro To Office)
Microsoft (Intro To Office)Microsoft (Intro To Office)
Microsoft (Intro To Office)Vinayak Hegde
 
Antarctica Information 2009
Antarctica Information 2009Antarctica Information 2009
Antarctica Information 2009Vinayak Hegde
 
Antarctica Be Developed
Antarctica Be DevelopedAntarctica Be Developed
Antarctica Be DevelopedVinayak Hegde
 
Operation Taj Real Heroes
Operation Taj Real HeroesOperation Taj Real Heroes
Operation Taj Real HeroesVinayak Hegde
 
China Poisoned Milk Must Know For Your Own Safety
China Poisoned Milk Must Know For Your Own SafetyChina Poisoned Milk Must Know For Your Own Safety
China Poisoned Milk Must Know For Your Own SafetyVinayak Hegde
 

More from Vinayak Hegde (20)

Microsoft (Virtualization 2008)
Microsoft (Virtualization 2008)Microsoft (Virtualization 2008)
Microsoft (Virtualization 2008)
 
Microsoft (Silverlight)
Microsoft (Silverlight)Microsoft (Silverlight)
Microsoft (Silverlight)
 
Microsoft (Intro To Office)
Microsoft (Intro To Office)Microsoft (Intro To Office)
Microsoft (Intro To Office)
 
Smart Antennas
Smart AntennasSmart Antennas
Smart Antennas
 
Microsoft (Strength And Weakness)
Microsoft (Strength And Weakness)Microsoft (Strength And Weakness)
Microsoft (Strength And Weakness)
 
Microsoft (SQL Server)
Microsoft (SQL Server)Microsoft (SQL Server)
Microsoft (SQL Server)
 
Microsoft (Projects)
Microsoft (Projects)Microsoft (Projects)
Microsoft (Projects)
 
Microsoft (Office 2007)
Microsoft (Office 2007)Microsoft (Office 2007)
Microsoft (Office 2007)
 
Microsoft (Office 2007 And Math Edit)
Microsoft (Office 2007 And Math Edit)Microsoft (Office 2007 And Math Edit)
Microsoft (Office 2007 And Math Edit)
 
Microsoft (Intro To Office)
Microsoft (Intro To Office)Microsoft (Intro To Office)
Microsoft (Intro To Office)
 
IBMSoftware
IBMSoftwareIBMSoftware
IBMSoftware
 
Antarctica Information 2009
Antarctica Information 2009Antarctica Information 2009
Antarctica Information 2009
 
Antarctica Be Developed
Antarctica Be DevelopedAntarctica Be Developed
Antarctica Be Developed
 
Operation Taj Real Heroes
Operation Taj Real HeroesOperation Taj Real Heroes
Operation Taj Real Heroes
 
Fitness Check
Fitness CheckFitness Check
Fitness Check
 
China Poisoned Milk Must Know For Your Own Safety
China Poisoned Milk Must Know For Your Own SafetyChina Poisoned Milk Must Know For Your Own Safety
China Poisoned Milk Must Know For Your Own Safety
 
Bmx Tricks (Game)
Bmx Tricks (Game)Bmx Tricks (Game)
Bmx Tricks (Game)
 
Best Websites List
Best Websites ListBest Websites List
Best Websites List
 
Autobahn (Game)
Autobahn (Game)Autobahn (Game)
Autobahn (Game)
 
Never Sick Again
Never Sick AgainNever Sick Again
Never Sick Again
 

Recently uploaded

No.1 Amil baba in Pakistan amil baba in Lahore amil baba in Karachi
No.1 Amil baba in Pakistan amil baba in Lahore amil baba in KarachiNo.1 Amil baba in Pakistan amil baba in Lahore amil baba in Karachi
No.1 Amil baba in Pakistan amil baba in Lahore amil baba in KarachiAmil Baba Mangal Maseeh
 
Unity is Strength 2024 Peace Haggadah_For Digital Viewing.pdf
Unity is Strength 2024 Peace Haggadah_For Digital Viewing.pdfUnity is Strength 2024 Peace Haggadah_For Digital Viewing.pdf
Unity is Strength 2024 Peace Haggadah_For Digital Viewing.pdfRebeccaSealfon
 
Tremble song lyrics Powerpoint church music
Tremble song lyrics Powerpoint church musicTremble song lyrics Powerpoint church music
Tremble song lyrics Powerpoint church musicmaynjc
 
A Costly Interruption: The Sermon On the Mount, pt. 2 - Blessed
A Costly Interruption: The Sermon On the Mount, pt. 2 - BlessedA Costly Interruption: The Sermon On the Mount, pt. 2 - Blessed
A Costly Interruption: The Sermon On the Mount, pt. 2 - BlessedVintage Church
 
No.1 Amil baba in Pakistan amil baba in Lahore amil baba in Karachi
No.1 Amil baba in Pakistan amil baba in Lahore amil baba in KarachiNo.1 Amil baba in Pakistan amil baba in Lahore amil baba in Karachi
No.1 Amil baba in Pakistan amil baba in Lahore amil baba in KarachiAmil Baba Naveed Bangali
 
Study of the Psalms Chapter 1 verse 1 - wanderean
Study of the Psalms Chapter 1 verse 1 - wandereanStudy of the Psalms Chapter 1 verse 1 - wanderean
Study of the Psalms Chapter 1 verse 1 - wandereanmaricelcanoynuay
 
Sawwaf Calendar, 2024
Sawwaf Calendar, 2024Sawwaf Calendar, 2024
Sawwaf Calendar, 2024Bassem Matta
 
No.1 Amil baba in Pakistan amil baba in Lahore amil baba in Karachi
No.1 Amil baba in Pakistan amil baba in Lahore amil baba in KarachiNo.1 Amil baba in Pakistan amil baba in Lahore amil baba in Karachi
No.1 Amil baba in Pakistan amil baba in Lahore amil baba in KarachiAmil Baba Naveed Bangali
 
No.1 Amil baba in Pakistan amil baba in Lahore amil baba in Karachi
No.1 Amil baba in Pakistan amil baba in Lahore amil baba in KarachiNo.1 Amil baba in Pakistan amil baba in Lahore amil baba in Karachi
No.1 Amil baba in Pakistan amil baba in Lahore amil baba in KarachiAmil Baba Mangal Maseeh
 
The Chronological Life of Christ part 097 (Reality Check Luke 13 1-9).pptx
The Chronological Life of Christ part 097 (Reality Check Luke 13 1-9).pptxThe Chronological Life of Christ part 097 (Reality Check Luke 13 1-9).pptx
The Chronological Life of Christ part 097 (Reality Check Luke 13 1-9).pptxNetwork Bible Fellowship
 
black magic specialist amil baba pakistan no 1 Black magic contact number rea...
black magic specialist amil baba pakistan no 1 Black magic contact number rea...black magic specialist amil baba pakistan no 1 Black magic contact number rea...
black magic specialist amil baba pakistan no 1 Black magic contact number rea...Amil Baba Mangal Maseeh
 
Understanding Jainism Beliefs and Information.pptx
Understanding Jainism Beliefs and Information.pptxUnderstanding Jainism Beliefs and Information.pptx
Understanding Jainism Beliefs and Information.pptxjainismworldseo
 
原版1:1复刻莫纳什大学毕业证Monash毕业证留信学历认证
原版1:1复刻莫纳什大学毕业证Monash毕业证留信学历认证原版1:1复刻莫纳什大学毕业证Monash毕业证留信学历认证
原版1:1复刻莫纳什大学毕业证Monash毕业证留信学历认证jdkhjh
 
No.1 Amil baba in Pakistan amil baba in Lahore amil baba in Karachi
No.1 Amil baba in Pakistan amil baba in Lahore amil baba in KarachiNo.1 Amil baba in Pakistan amil baba in Lahore amil baba in Karachi
No.1 Amil baba in Pakistan amil baba in Lahore amil baba in KarachiAmil Baba Mangal Maseeh
 
Culture Clash_Bioethical Concerns_Slideshare Version.pptx
Culture Clash_Bioethical Concerns_Slideshare Version.pptxCulture Clash_Bioethical Concerns_Slideshare Version.pptx
Culture Clash_Bioethical Concerns_Slideshare Version.pptxStephen Palm
 
No.1 Amil baba in Pakistan amil baba in Lahore amil baba in Karachi
No.1 Amil baba in Pakistan amil baba in Lahore amil baba in KarachiNo.1 Amil baba in Pakistan amil baba in Lahore amil baba in Karachi
No.1 Amil baba in Pakistan amil baba in Lahore amil baba in KarachiAmil Baba Naveed Bangali
 

Recently uploaded (20)

No.1 Amil baba in Pakistan amil baba in Lahore amil baba in Karachi
No.1 Amil baba in Pakistan amil baba in Lahore amil baba in KarachiNo.1 Amil baba in Pakistan amil baba in Lahore amil baba in Karachi
No.1 Amil baba in Pakistan amil baba in Lahore amil baba in Karachi
 
Unity is Strength 2024 Peace Haggadah_For Digital Viewing.pdf
Unity is Strength 2024 Peace Haggadah_For Digital Viewing.pdfUnity is Strength 2024 Peace Haggadah_For Digital Viewing.pdf
Unity is Strength 2024 Peace Haggadah_For Digital Viewing.pdf
 
Tremble song lyrics Powerpoint church music
Tremble song lyrics Powerpoint church musicTremble song lyrics Powerpoint church music
Tremble song lyrics Powerpoint church music
 
St. Louise de Marillac: Animator of the Confraternities of Charity
St. Louise de Marillac: Animator of the Confraternities of CharitySt. Louise de Marillac: Animator of the Confraternities of Charity
St. Louise de Marillac: Animator of the Confraternities of Charity
 
A Costly Interruption: The Sermon On the Mount, pt. 2 - Blessed
A Costly Interruption: The Sermon On the Mount, pt. 2 - BlessedA Costly Interruption: The Sermon On the Mount, pt. 2 - Blessed
A Costly Interruption: The Sermon On the Mount, pt. 2 - Blessed
 
No.1 Amil baba in Pakistan amil baba in Lahore amil baba in Karachi
No.1 Amil baba in Pakistan amil baba in Lahore amil baba in KarachiNo.1 Amil baba in Pakistan amil baba in Lahore amil baba in Karachi
No.1 Amil baba in Pakistan amil baba in Lahore amil baba in Karachi
 
Study of the Psalms Chapter 1 verse 1 - wanderean
Study of the Psalms Chapter 1 verse 1 - wandereanStudy of the Psalms Chapter 1 verse 1 - wanderean
Study of the Psalms Chapter 1 verse 1 - wanderean
 
young Call girls in Dwarka sector 3🔝 9953056974 🔝 Delhi escort Service
young Call girls in Dwarka sector 3🔝 9953056974 🔝 Delhi escort Serviceyoung Call girls in Dwarka sector 3🔝 9953056974 🔝 Delhi escort Service
young Call girls in Dwarka sector 3🔝 9953056974 🔝 Delhi escort Service
 
Sawwaf Calendar, 2024
Sawwaf Calendar, 2024Sawwaf Calendar, 2024
Sawwaf Calendar, 2024
 
No.1 Amil baba in Pakistan amil baba in Lahore amil baba in Karachi
No.1 Amil baba in Pakistan amil baba in Lahore amil baba in KarachiNo.1 Amil baba in Pakistan amil baba in Lahore amil baba in Karachi
No.1 Amil baba in Pakistan amil baba in Lahore amil baba in Karachi
 
🔝9953056974🔝!!-YOUNG BOOK model Call Girls In Pushp vihar Delhi Escort service
🔝9953056974🔝!!-YOUNG BOOK model Call Girls In Pushp vihar Delhi Escort service🔝9953056974🔝!!-YOUNG BOOK model Call Girls In Pushp vihar Delhi Escort service
🔝9953056974🔝!!-YOUNG BOOK model Call Girls In Pushp vihar Delhi Escort service
 
No.1 Amil baba in Pakistan amil baba in Lahore amil baba in Karachi
No.1 Amil baba in Pakistan amil baba in Lahore amil baba in KarachiNo.1 Amil baba in Pakistan amil baba in Lahore amil baba in Karachi
No.1 Amil baba in Pakistan amil baba in Lahore amil baba in Karachi
 
The Chronological Life of Christ part 097 (Reality Check Luke 13 1-9).pptx
The Chronological Life of Christ part 097 (Reality Check Luke 13 1-9).pptxThe Chronological Life of Christ part 097 (Reality Check Luke 13 1-9).pptx
The Chronological Life of Christ part 097 (Reality Check Luke 13 1-9).pptx
 
black magic specialist amil baba pakistan no 1 Black magic contact number rea...
black magic specialist amil baba pakistan no 1 Black magic contact number rea...black magic specialist amil baba pakistan no 1 Black magic contact number rea...
black magic specialist amil baba pakistan no 1 Black magic contact number rea...
 
Understanding Jainism Beliefs and Information.pptx
Understanding Jainism Beliefs and Information.pptxUnderstanding Jainism Beliefs and Information.pptx
Understanding Jainism Beliefs and Information.pptx
 
原版1:1复刻莫纳什大学毕业证Monash毕业证留信学历认证
原版1:1复刻莫纳什大学毕业证Monash毕业证留信学历认证原版1:1复刻莫纳什大学毕业证Monash毕业证留信学历认证
原版1:1复刻莫纳什大学毕业证Monash毕业证留信学历认证
 
No.1 Amil baba in Pakistan amil baba in Lahore amil baba in Karachi
No.1 Amil baba in Pakistan amil baba in Lahore amil baba in KarachiNo.1 Amil baba in Pakistan amil baba in Lahore amil baba in Karachi
No.1 Amil baba in Pakistan amil baba in Lahore amil baba in Karachi
 
🔝9953056974 🔝young Delhi Escort service Vinay Nagar
🔝9953056974 🔝young Delhi Escort service Vinay Nagar🔝9953056974 🔝young Delhi Escort service Vinay Nagar
🔝9953056974 🔝young Delhi Escort service Vinay Nagar
 
Culture Clash_Bioethical Concerns_Slideshare Version.pptx
Culture Clash_Bioethical Concerns_Slideshare Version.pptxCulture Clash_Bioethical Concerns_Slideshare Version.pptx
Culture Clash_Bioethical Concerns_Slideshare Version.pptx
 
No.1 Amil baba in Pakistan amil baba in Lahore amil baba in Karachi
No.1 Amil baba in Pakistan amil baba in Lahore amil baba in KarachiNo.1 Amil baba in Pakistan amil baba in Lahore amil baba in Karachi
No.1 Amil baba in Pakistan amil baba in Lahore amil baba in Karachi
 

Microsoft (Data Protection Solutions)

  • 1. A Critical Analysis of Microsoft Data Protection Solutions
  • 2.
  • 3.
  • 4.
  • 5.
  • 6.
  • 7. BDE is an option
  • 8.
  • 9.
  • 10.
  • 11.
  • 12. BDE architecture Static root of trust measurement of early boot components
  • 13.
  • 14.
  • 15.
  • 16.
  • 17. But...there’s more than Technology... “ 54321 TO SILENCE ALARM” “ REPEAT CODE TO RESET”
  • 18.
  • 19.
  • 20.
  • 21. EFS with remote files Client side encryption Local EFS encryption [Keys and certificates live on the client] Client connects to remote server share SMB protocol No need to enable Trust For Delegation Encrypted file sent to server File Share
  • 22. EFS Group policy enhancements
  • 23.
  • 24.
  • 25.
  • 26.
  • 27.
  • 28.
  • 29.
  • 30.
  • 31.
  • 32.
  • 33. But...there’s more than Technology... All must enter through electronic mantrap Fence ends here Sign says, “road is for cars only”
  • 34.
  • 35. Technology comparison BDE EFS RMS Encryption AES 128 (RSA32.LIB) AES 128 (Crypt32.DLL) AES 128 (Crypt32.DLL) Data Awareness Blocks Files App defined; docs/email Master Key TPM + SW Identity, Dongle, File SW, Smart-card Obfuscated SW (lockbox) Content Key Same as root key Same as root key Server Protects What? Windows and Data Directories and Files Documents (including use) Protects Who? Machine Owner, User Users Document Owners Protection Local, removable media Local, removable media, remote Remote, removable media Who is god? Local admin, net admin Local admin, net admin Document owner, RMS admin Supports other security systems? Yes Yes (ISV’s only) No (RMS is a security platform for applications) Data Recovery Mechanism Dongle, File, Network; Manual Key Entry Local or AD based policy RMS server policy Killer Client Scenario Lost or Stolen laptop Multi-user PC Protected Document Sharing Killer Server Scenario Branch-Office Server Protect Documents on File Shares from Admin RMS support in Sharepoint and Exchange Killer Admin Scenario Just switch it on. (also Force Recovery) My Documents encrypted by default Establish corporate information policy
  • 36.
  • 37.
  • 39.
  • 40.
  • 41.