In Windows Server 2012, you are able to apply data governance across your file servers to control who can access information and to audit who has accessed information. Dynamic Access Control provides:
- Identify data – Automatic and manual classification of files can be applied to tag data in file servers across the organization
- Control access to files - Central access policies enable organizations to apply safety net policies. For example, you could define who can access health information within the organization.
- Audit access to files - Central audit policies for compliance reporting and forensic analysis. For example, you could identify who accessed highly sensitive information.
- Apply RMS protection - Automatic Rights Management Services (RMS) encryption for sensitive Office documents. For example, you could configure RMS to encrypt all documents containing HIPAA information.
This feature set is based on infrastructure investments that can be further leveraged by partners and line-of-business applications and provide great value for organizations that use Active Directory. This infrastructure includes:
- A new Windows authorization and audit engine that can process conditional expressions and central policies.
- Kerberos authentication support for user claims and device claims.
- Improvements to the File Classification Infrastructure.
- RMS extensibility support so that partners can provide solutions that encrypt non-Office files.
If you want to learn more about DAC, check the following links :
http://blogs.technet.com/b/windowsserver/archive/2012/05/22/introduction-to-windows-server-2012-dynamic-access-control.aspx
http://blogs.technet.com/b/wincat/archive/2012/07/20/diving-deeper-into-windows-server-2012-dynamic-access-control.aspx
Aucun commentaire:
Enregistrer un commentaire