Classification made easy with File Classification Infrastructure in Windows Server 2008 R2

Classification made easy with File Classification Infrastructure in Windows Server 2008 R2

  • Comments 7
  • Likes

Don’t know how to get started on classification?

Afraid of getting it wrong?

Think classification is cost prohibitive?

Don’t understand what value you can get out of classifying and applying policy?

 

If you answered yes to one of the above  – read on

 

How do I start? What if I make a mistake?

The Windows Server 2008 R2 File Classification Infrastructure makes it easy to start:

·         Crawl, Walk, Run: There is no need to determine everything up-front. You can start with one classification property (e.g.: Secrecy=High,Medium,Low) or more and then add additional properties as you see fit

·         It is very easy to set up – You can get familiar with classification in a Sandbox environment – using Hyper-V and a copy of data would be a great way to understand how classification and your actions will behave before working on the production environment

·         You can “revert” classification mistakes: If you found an issue with the way classification was defined, just run a script to clear the mis-configured property and fix the configuration (see: http://msdn.microsoft.com/en-us/library/dd392357(VS.85).aspx)

 

 

Choosing classification properties

let’s talk about how to determine which classification properties you should use

Here’s a very simple guidance that we use:

Step 1: Determine the action that you want to apply to the data (e.g.: expire stale data, protect sensitive information …)

Step 2: Choose the right classification property for that action

 

An example – Reporting sensitive information on public file servers

Here’s a universal example: Making sure sensitive information is where it belongs.  Let’s take an example where you would like to make sure you do not have any sensitive information on public file servers.

Your action would be to get a report of all the sensitive information that resides on public servers so that you can make sure to remove files that should not be there

To achieve this action you want to classify which files have sensitive information. For that, let’s choose a property name: “Secrecy” with potential values: “High”, “Medium”, “Low”

You can then set automatic classification rules to determine the classification of documents. For example – use content classification to mark all documents that contain the word “Confidential” as “High” secrecy and use folder classification to mark all the files that are placed in the engineering servers as “Medium” secrecy

Now, all you have to do is set a scheduled storage report of type: “report by property” for the “Secrecy” property so that it will be sent to your email once a week and provides the distribution of the “Secrecy” property on each of your public servers. If you see any “High” or “Medium” secrecy documents on these servers, you know that you need to take action

 

Most common actions

The three most common actions based on classification that we have seen and heard people use with FCI are:

Action

Property (option 1)

Property (option 2)

Expire stale data based on time and classification

None (just use file age and last modified)

Retention: Long, Short, Indefinite

Find and protect sensitive information on file servers

Secrecy: High, Medium, Low

 

Automated targeted upload of files from file servers to SharePoint

None (just use file age and last modified)

Project

 

 

But these are all good material for additional blog entries J

 

Good luck with your classification

Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment
  • Using File Classification Infrastructure (FCI) and AD RMS to automatically protect sensitive information

  • Using File Classification Infrastructure (FCI) and AD RMS to automatically protect sensitive information

  • Using File Classification Infrastructure (FCI) and AD RMS to automatically protect sensitive information

  • Automatically uploading files from File Server to SharePoint using the File Classification Infrastructure

  • Automatically uploading files from File Server to SharePoint using the File Classification Infrastructure

  • Automatically uploading files from File Server to SharePoint using the File Classification Infrastructure

  • Automatically uploading files from File Server to SharePoint using the File Classification Infrastructure