Microsoft System Center 2025 is now generally available
Microsoft System Center 2025 is now available, offering enhanced security, infrastructure management, and cloud capabilities for efficient IT operations.
Today I want to discuss the importance of information classification and how it can be used to prevent data breaches and help organizations with compliance requirements such as PCI, HIIPA, ISO 27001, the Massachusetts Data Protection Law 201 and other similar legislation.
Information classification is the critical first step in managing data based on its business value. When the information’s value is understood, organizations can apply security policies to reduce the risk of information leakage. The new File Classification Infrastructure (FCI) in Microsoft Windows 2008 R2 enables organizations to protect data by automatically classifying files and applying policy. FCI includes the ability to define classification properties, automatically classify files based on location and content, and invoke file management tasks such as file expiration and custom commands based on classification.
Once the files have been classified, appropriate security can be applied based on the business value of the information. For example, in a PCI environment, FCI-based classification can be used to identify files that contain sensitive credit card information, and in a health care environment, FCI based classification can identify files with private health information. Once the files have been classified file management tasks can be used to segment sensitive files onto more secure storage devices, to protect files with encryption, and to assign more restrictive permissions to the files. This helps ensure that information stored on file servers is well secured.
Another concern is email. Email messages or email attachments are a security risk as email cannot easily be controlled. One of our FCI partners, Titus Labs has extended classification and information protection to the Microsoft Outlook environment. Titus Labs Message Classification can recognize file attachments that have been classified using FCI.
The Titus Labs solution can examine the FCI classifications of Microsoft Office attachments, and can apply policy that can restrict the distribution of sensitive information. Titus Labs’ Safe Recipient policies can be used to:
This is an example of the power of FCI to protect your sensitive information. Click here for more information on FCI.