PETs and ID Management PETs and ID Management Privacy & Security Workshop Privacy & Security Workshop JC Cannon JC Cannon Privacy Strategist Privacy Strategist Corporate Privacy Group Corporate Privacy Group Microsoft Corporation Microsoft Corporation
15
Embed
PETs and ID Management Privacy & Security Workshop
PETs and ID Management Privacy & Security Workshop. JC Cannon Privacy Strategist Corporate Privacy Group Microsoft Corporation. Put users in charge of their information Address needs of enterprises and parents Comply with corporate policies. Collect only data that is required - PowerPoint PPT Presentation
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Analyst reviews and white papersAnalyst reviews and white papersContent on MS.com, MSN.com privacy Content on MS.com, MSN.com privacy sitessitesParticipation in privacy & tech Participation in privacy & tech conferencesconferences
Put users in charge of their informationPut users in charge of their informationAddress needs of enterprises and Address needs of enterprises and parentsparentsComply with corporate policiesComply with corporate policiesCollect only data that is requiredCollect only data that is requiredGet appropriate consentGet appropriate consentProtect the storage and transfer of dataProtect the storage and transfer of data
Privacy deployment guidelines for usersOffer comprehensive privacy optionsPrivacy response team for all products
PDPD33 + Communications + Communications
Privacy Privacy in Designin Design
PrivacyPrivacy by Defaultby Default
PrivacyPrivacy in in DeploymentDeployment
CommunicationsCommunications
Privacy SettingsPrivacy Settings
•Provides customers Provides customers the ability to check the ability to check the status of the status of security security functionalities such functionalities such as;as;
• Antivirus through your Antivirus through your Internet Option Internet Option settingssettings
• FirewallsFirewalls
• Automatic UpdateAutomatic Update
• Inform users if Inform users if additional actions are additional actions are necessary to make necessary to make them more secure.them more secure.
Data Protection TechnologiesData Protection Technologies
Encrypted File SystemEncrypted File System
Crypto API Component (CAPICOM)Crypto API Component (CAPICOM)
Windows Rights Management ServicesWindows Rights Management Services
RMS WorkflowRMS Workflow
Information Information AuthorAuthor
The RecipientThe Recipient
RMS ServerRMS Server
SQL Server Active Directory
2 3
4
5
2.2. Author defines a set of usage Author defines a set of usage rights and rules for their file; rights and rules for their file; Application creates a “publishing Application creates a “publishing license” and encrypts the file.license” and encrypts the file.
4.4. Recipient clicks file to open, the Recipient clicks file to open, the application calls to the RMS server application calls to the RMS server which validates the user and which validates the user and issues a “use license.”issues a “use license.”
5.5. Application renders file and Application renders file and enforces rights.enforces rights.
1.1. Author receives a client licensor Author receives a client licensor certificate the “first time” they certificate the “first time” they rights-protect information. rights-protect information.
1
Identity ManagementIdentity Management
Active Directory AuthenticationActive Directory Authentication
MIISMIISMicrosoft Identity Integration ServerMicrosoft Identity Integration Server
Active Directory
UnixUnix
iMaciMac
MainframeMainframe
JohnSJohnS
JohnnyJohnny
JSm
ith
JSm
ith
John
_Sm
ith
John
_Sm
ithMIISMIIS
John SmithJohn Smith
John SmithJohn Smith
11 JohnSJohnS
22 JohnnyJohnny
33 JSmithJSmith
44 John_SmithJohn_Smith
Authorization ManagerAuthorization Manager
Administrators Administrators define roles for define roles for
a companya company
Active Directory
Accountant
Accountant
AdministratorAdministrator
LawyerLawyer
Developer
Developer
ExcelExcel
WordWord
PowerPoin
t
PowerPoin
t
Update payroll
Update payroll
Create contracts
Create contracts
LawyerLawyerCreate contractsCreate contracts
AuthorizationAuthorizationManagerManager
LOB AdministratorLOB Administrator
Applications Applications register during register during
their installtheir install
LOBs have LOBs have their tasks their tasks
defineddefined
AzMan AzMan stores this stores this data in ADdata in AD
Users are Users are assigned roles, assigned roles, tasks and apps tasks and apps
at loginat login
WordWord
Employee
SummarySummary
Microsoft is committed to privacyMicrosoft is committed to privacy– Email practices respect customer preferencesEmail practices respect customer preferences– Privacy process in place for product Privacy process in place for product
developmentdevelopment
Microsoft is building technology to protect Microsoft is building technology to protect an individuals privacy and dataan individuals privacy and data
Identity management is key to data Identity management is key to data governance. governance.