prevent data leakage using windows information protection (wip)
TRANSCRIPT
![Page 1: Prevent Data Leakage Using Windows Information Protection (WIP)](https://reader031.vdocuments.us/reader031/viewer/2022021923/58ed3c181a28ab09328b4575/html5/thumbnails/1.jpg)
Prevent Data Leakage Using
Windows Information Protection
(WIP)
Presenter:
Russell Smith
![Page 2: Prevent Data Leakage Using Windows Information Protection (WIP)](https://reader031.vdocuments.us/reader031/viewer/2022021923/58ed3c181a28ab09328b4575/html5/thumbnails/2.jpg)
@smithrussell
Russell Smith
![Page 3: Prevent Data Leakage Using Windows Information Protection (WIP)](https://reader031.vdocuments.us/reader031/viewer/2022021923/58ed3c181a28ab09328b4575/html5/thumbnails/3.jpg)
Russell Smith
packtpub.com
![Page 4: Prevent Data Leakage Using Windows Information Protection (WIP)](https://reader031.vdocuments.us/reader031/viewer/2022021923/58ed3c181a28ab09328b4575/html5/thumbnails/4.jpg)
Do you prevent users accessing personal
email and cloud storage
![Page 5: Prevent Data Leakage Using Windows Information Protection (WIP)](https://reader031.vdocuments.us/reader031/viewer/2022021923/58ed3c181a28ab09328b4575/html5/thumbnails/5.jpg)
Image Credit: Microsoft
![Page 6: Prevent Data Leakage Using Windows Information Protection (WIP)](https://reader031.vdocuments.us/reader031/viewer/2022021923/58ed3c181a28ab09328b4575/html5/thumbnails/6.jpg)
Windows Information Protection
versus Data Leakage Protection
• DLP solutions not integrated into the OS
• WIP provides a seamless experience
• No requirement to switch ‘modes’ or use
dedicated apps
• WIP is easy to deploy and manage
![Page 7: Prevent Data Leakage Using Windows Information Protection (WIP)](https://reader031.vdocuments.us/reader031/viewer/2022021923/58ed3c181a28ab09328b4575/html5/thumbnails/7.jpg)
Image Credit: Microsoft
![Page 8: Prevent Data Leakage Using Windows Information Protection (WIP)](https://reader031.vdocuments.us/reader031/viewer/2022021923/58ed3c181a28ab09328b4575/html5/thumbnails/8.jpg)
Azure Information Protection
• Based on Azure RMS
• Classify, label, and protect data
• Persistent protection
• B2B sharing
![Page 9: Prevent Data Leakage Using Windows Information Protection (WIP)](https://reader031.vdocuments.us/reader031/viewer/2022021923/58ed3c181a28ab09328b4575/html5/thumbnails/9.jpg)
Windows Information Protection –
Data Lifecycle
• Provision policy to devices
• Data from corporate resources automatically encrypted
• Enlightened apps can automatically protect, or users can be allowed to define as business or personal
• Protection retained across devices. Azure Rights Management can be used for B2B sharing
• Wipe business data on demand or when device is unenrolled
![Page 10: Prevent Data Leakage Using Windows Information Protection (WIP)](https://reader031.vdocuments.us/reader031/viewer/2022021923/58ed3c181a28ab09328b4575/html5/thumbnails/10.jpg)
Windows Information Protection –
Enlightened vs. Unenlightened Apps
• Microsoft Edge
• Internet Explorer 11
• Microsoft People
• Mobile Office apps
• Microsoft Photos
• Groove Music
• Notepad
• Microsoft Paint
• Microsoft Movies & TV
• Microsoft Messaging
• Microsoft Remote
Desktop
![Page 11: Prevent Data Leakage Using Windows Information Protection (WIP)](https://reader031.vdocuments.us/reader031/viewer/2022021923/58ed3c181a28ab09328b4575/html5/thumbnails/11.jpg)
Windows Information Protection –
Technology
• Encrypting File System (EFS)
• Mobile Device Management (MDM)
• Microsoft Intune
• System Center Configuration Manager (SCCM)
• 3rd-party MDM solution
![Page 12: Prevent Data Leakage Using Windows Information Protection (WIP)](https://reader031.vdocuments.us/reader031/viewer/2022021923/58ed3c181a28ab09328b4575/html5/thumbnails/12.jpg)
Windows Information Protection –
DEMO
• Intune WIP Policy
• Data Recovery Agent (DRA)
certificate
• WIP in action
![Page 13: Prevent Data Leakage Using Windows Information Protection (WIP)](https://reader031.vdocuments.us/reader031/viewer/2022021923/58ed3c181a28ab09328b4575/html5/thumbnails/13.jpg)
Windows Information Protection –
Limitations
• Direct Access
• Data-in-transit not protected
• Shared workstations
• Redirected folders
• External storage
![Page 14: Prevent Data Leakage Using Windows Information Protection (WIP)](https://reader031.vdocuments.us/reader031/viewer/2022021923/58ed3c181a28ab09328b4575/html5/thumbnails/14.jpg)
PowerBroker for
Windows
Least Privilege and Application Control
for Windows Servers and Desktops
![Page 15: Prevent Data Leakage Using Windows Information Protection (WIP)](https://reader031.vdocuments.us/reader031/viewer/2022021923/58ed3c181a28ab09328b4575/html5/thumbnails/15.jpg)
Summary: Why PowerBroker for Windows?
• Asset discovery, application control, risk compliance, Windows event log monitoring included
• Optional: Session monitoring, file integrity monitoringDeep capability
• U.S. Patent (No. 8,850,549) for the methods and systems employed for controlling access to resources and privileges per process
Mature, patented leader
• Tightly integrated with vulnerability management
• Deep reporting and analytics insights for compliance and operations
Centralized reporting, analytics and management
• Privilege and session management on Unix, Linux and Windows
• Privileged password and session management
• Integrate Linux, Unix, and Mac OS X with Microsoft AD
• Real-time auditing of AD, File System, Exchange & SQL
Part of a broad solution family
Va
lida
ted
by c
usto
me
rs a
nd
an
aly
sts
alik
e
![Page 16: Prevent Data Leakage Using Windows Information Protection (WIP)](https://reader031.vdocuments.us/reader031/viewer/2022021923/58ed3c181a28ab09328b4575/html5/thumbnails/16.jpg)
Your solution should:
• Elevate privileges to applications, not users, on an as-needed basis without
exposing passwords
• Enforce least-privilege access based on an application’s known vulnerabilities
• Track and control applications with known vulnerabilities or malware to further
protect endpoints
• Monitor event logs and file integrity for unauthorized changes to key files and
directories
• Capture keystrokes and screens when rules are triggered with searchable
playback
![Page 17: Prevent Data Leakage Using Windows Information Protection (WIP)](https://reader031.vdocuments.us/reader031/viewer/2022021923/58ed3c181a28ab09328b4575/html5/thumbnails/17.jpg)
Product Demonstration
![Page 18: Prevent Data Leakage Using Windows Information Protection (WIP)](https://reader031.vdocuments.us/reader031/viewer/2022021923/58ed3c181a28ab09328b4575/html5/thumbnails/18.jpg)
Poll
![Page 19: Prevent Data Leakage Using Windows Information Protection (WIP)](https://reader031.vdocuments.us/reader031/viewer/2022021923/58ed3c181a28ab09328b4575/html5/thumbnails/19.jpg)
Thank you for attending
today’s webinar!