> > > > > > > Security HSM Backup Replication Archive Encryption Expiration Need per-project file share Ensure business secret files do not leak out Back up files with personal information to encrypted store Expire low.
Download ReportTranscript > > > > > > > Security HSM Backup Replication Archive Encryption Expiration Need per-project file share Ensure business secret files do not leak out Back up files with personal information to encrypted store Expire low.
> > > > > > > Security HSM Backup Replication Archive Encryption Expiration Need per-project file share Ensure business secret files do not leak out Back up files with personal information to encrypted store Expire low business impact files created over three years ago and not touched in the past year Mitigate costs and risks Manage data based on business value Classify data Apply policy File Classification Infrastructure demo Available in Windows Extend through IT or ISV solutions Classification Pipeline > > > Get/Set Property API for external applications Discover Data Extract Existing Classification Properties Classify Data File Classification Extensibility Points Store Classification Properties Apply Policies Based on Classification > > > > > > Using PowerShell # Get an instance of the Classification Manager $cm Fsrm.FsrmClassificationManager # Enumerate and display all properties associated with a file $props $cm EnumFileProperties $prop $props $prop Name $prop Value # Get and display the value of the "Secrecy" property $secrecyProp $cm GetFileProperty $secrecyProp Value # Set the value of the "Secrecy" property to "High" $cm SetFileProperty Using native C++ // Get an instance of the Classification Manager IFsrmClassificationManager spClassMgr CoCreateInstance CLSID_FsrmClassificationManager IFsrmClassificationManager spClassMgr // Get the "PII" property bstrFilename bstrPropName IFsrmProperty spPIIProp spClassMgr GetFileProperty bstrFilename bstrPropName spPIIProp > > > > > > > > > > > > > > > > Each module passes streams of property bags to the next one Streams can cross processes • Security checks are performed on cross-process data transfers Classification Runtime Process Scanner Office Storage [Load] Folder Classifier Content Classifier Office Storage [Save] Reporting Engine Gets basic file properties Loads embedded properties Classifies based on location Classifies based on content Saves embedded properties Adds files to report Hosting Process Hosting Process Hosting Process Discover Data Extract Properties Classify Data Store Properties Apply Policies Most modules are hosted within a separate process > > > IFsrmClassifierModuleImplementation IFsrmStorageModuleImplementation > OnLoad > > > Models for classification > > > > > NeedsExplicitValue Classification session call sequence > UseRulesAndDefinitions > > > OnBeginFile > > DoesPropertyValueApply > > GetPropertyValueToApply > > > OnEndFile > > InFile > Cache > Capabilities > > LoadProperties SetFileProperty > SaveProperties Database > > > GetFileStreamInterface > > > > > ILockBytes IStream > > > > > > http://blogs.technet.com/filecab/archive/2009/08/ 14/using-windows-powershell-scripts-for-fileclassification.aspx demo Call to action > > > > > > > > > http://microsoft.com/fci/ > http://technet.microsoft.com/enus/library/dd758765%28WS.10%29.aspx > http://technet.microsoft.com/enus/library/dd758756%28WS.10%29.aspx > > > > http://msdn.microsoft.com/en-us/windows/bb980924.aspx > http://msdn.microsoft.com/en-us/library/bb972746%28VS.85%29.aspx > http://code.msdn.microsoft.com/fci/ > > > > http://blogs.technet.com/filecab/default.aspx > > > [email protected] > [email protected] > [email protected] > > > > channel9.msdn.com/learn Built by Developers for Developers…. © 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION. Property aggregation and conflict resolution [Default] Apply only if there is no value stored in the file [Ignore Existing] Apply and ignore (replace) values from Storage and Default rules [Consider Existing] Apply but aggregate with values from Storage and Default rules > > > > > > Property bags > > > Property Bag Property File System Info Relative Path, Creation Time, etc. Name Type Properties Assigned Values and Sources From Storage Modules Messages Read Stream From Default and CE Rules Write Stream Aggregated Value Current Context From IE Rules Module Type, Rule, etc. Aggregated Sources Connecting a module to the pipeline IFsrmPipelineModuleDefinition IFsrmPipelineModuleConnector pDefinition ppModuleConnector ...perform module initialization... // Create the connector IFsrmPipelineModuleConnector spConnector CoCreateInstance CLSID_FsrmPipelineModuleConnector IFsrmPipelineModuleConnector spConnector ...handle any errors... IFsrmPipelineModuleImplementation spModuleImpl ...handle error... spModuleImpl // Bind the connector to the module spConnector Bind pDefinition spModuleImpl ...handle any errors... // Return the connector ppModuleConnector spConnector Detach GetControllingUnknown