Did you know: In a recent study, Jupiter Media says information loss, whether via outright theft or accidental leakage, is a growing concern for many enterprises? The U.S. Department of Justice provided an assessment of information theft costs in 2004: Estimates reached a whopping $250 billion. Identity fraud costs a total of $56.2 billion annually for the industry, and two of the top three security breach concerns cited by business decision makers were the unintended forwarding of e-mails and loss of mobile devices. It is also interesting to note that many companies don’t realize that helpdesk staff spends one-third of each day resetting passwords, and each password reset costs between $57 and $147 per incident. All this leads to the need for more security and identity management.
In addition to the enhanced security features available in all editions of Windows Server 2008, Windows Server 2008 Enterprise and Windows Server 2008 Datacenter provide unique identity and access management functionality that helps increase employee productivity while enhancing security of IT operations.
Windows Server 2008 allows businesses to closely collaborate with trusted partners, including external third parties, other departments, or subsidiaries within the same organization. Businesses using Windows Server 2008 can also more closely control the enrollment of smart cards. The new authentication architecture helps businesses guard against malicious software attacks, and helps prevent data and confidential information from being distributed inappropriately.
Some of the exclusive features in Windows Server 2008 Enterprise and Datacenter include:
Active Directory Federation Services (AD FS) gives browser-based clients, both inside and outside the network, access to protected, Internet-facing applications, even when user accounts and applications are located in different networks or organizations. This allows businesses to closely collaborate with trusted partners, including external third parties, other departments, or subsidiaries in the same organization. Each party is able to use its own local accounts for authentication and access.
Active Directory Rights Management Services (AD RMS) is AD FS-claims-aware in Windows Server 2008 Enterprise and Windows Server 2008 Datacenter. Direct integration between AD RMS and AD FS means businesses can protect encrypted information, even as they collaborate and share it across organizational boundaries.
Active Directory Certificate Services (AD CS) in Windows Server 2008 Enterprise and Windows Server 2008 Datacenter provides restricted enrollment agent functionality so that businesses can constrain enrollment agents (users authorized to enroll smart card certificates) to enroll only users in a particular organizational unit or security group.
Better Together Scenarios
Microsoft Office SharePoint Server 2007 provides the platform for collaboration which is a key enabler for better response or speed to market. The AD FS-based Identity Management features are critical for making collaboration highly secure across employees, vendors, and partners.
For additional resources, see:
Microsoft Identity & Access Solutions