If you are in San Francisco at the RSA Conference, be sure to visit the Microsoft booth (#1517) for these 20 minute theatre presentations:
Better Together: Exchange Server 2010 and the MS Forefront Secure Messaging solution: 12:40 pm
Securely Collaborate with Partners and Employees Using SharePoint and Business Ready Security from MS Forefront: 1:40 pm
Protecting Endpoint from Advanced Threats with MSFT's Secure Endpoint Solution: 4:10 pm
Microsoft Identity and Access Management Solution: 11:40
On TechNet Edge, Brjann Brekkan, Microsoft product manager for the Identity and Access Management (IAM) solution and related products, describes the capabilities and business drivers behind the solution. Beginning at [6:08], he gives us a screencast demo of parts of the solution. The demo includes automated AD group management and access through Forefront Identity Manager (FIM), FIM password reset, and managing group membership via Outlook.
This week the RSA 2010 conference is happening in San Francisco and, as usual, Microsoft is an active participant at the event. Today Scott Charney, vice president of Trustworthy Computing, keynoted about Microsoft’s continued efforts to create a safer, more trusted Internet. He spoke about cloud security, highlighting the importance of identity technologies and Microsoft’s broad investments in identity and access to address the needs of businesses, governments and individuals. Microsoft made two announcements in this area.
Release of Forefront Identity Manager 2010 (FIM)
FIM is an important deliverable of the Business Ready Security strategy to help companies manage risk and empower their people. It is a core part of our identity & access management solution, which aims to enable more secure access to both on-site and cloud applications, from virtually any location or device.
Overall, FIM takes a great deal of cost and inefficiency out of identity management and helps companies boost employee productivity.
The successor to Identity Lifecycle Manager 2007, FIM dramatically simplifies enterprise identity management through end-user self service capabilities and IT administrator tools to automate tasks. It helps companies manage user accounts and access, password and certificate-based credentials, and identity policies across Windows and heterogeneous environments. In addition, FIM provides the foundation for custom solutions.
First American Title Insurance Company is using FIM now to automate provisioning and access to business systems for its 14,000 employees. As a result, the company is helping employees more easily get to the information and applications they need, is improving its internal auditing and Sarbanes-Oxley compliance, and is also reducing help desk calls – for an anticipated annual savings of $66,000.
More information about FIM and how to evaluate it is here. You can watch TechNet webcasts about it here and a TechNet Edge video about our identity and access management solution here.
Also at RSA, Microsoft announced the Community Technology Preview of U-Prove. U-Prove is advanced cryptographic software that helps protect people’s identity and privacy as they use online services. It is especially relevant to e-government initiatives and national ID programs.
Using “minimal disclosure tokens,” U-Prove allows individuals to disclose just the information needed by online applications and services, but nothing more – helping protect privacy and prevent cyber-crime.
Microsoft is working with The Fraunhofer Institute for Open Communication Systems FOKUS in Berlin, Germany. Fraunhofer-FOKUS is a competency center for e-Government and Secure e-Identity, and hosts the German electronic identity system, which will roll out in 2010.
In his keynote Scott Charney played a video about a Microsoft and Fraunhofer-FOKUS proof-of-concept illustrating minimal disclosure with U-Prove and other Microsoft identity technologies. You can view the video here.
Look for more posts about FIM and U-Prove, as well as updates from RSA.
Important information for Active Directory Rights Management Services (AD RMS) customers!
Today Microsoft is releasing an update to AD RMS to completely remove the “application manifest expiry” feature. This update is particularly important for AD RMS customers using Internet Explorer, because the certificate for the RMA add-in for Internet Explorer will expire on February 22nd. The RMA add-in for Internet Explorer allows users to view content with restricted permission in Internet Explorer. It is critical that these customers install the update before then, in order to avoid any issues accessing or protecting web-based content.
If AD RMS customers using IE do not install the update before February 22nd, they will not be able to create or access protected content when using the following applications:
All customers with client or server apps that use AD RMS will need to install the update as soon as possible. This update is available on Windows Update and here for Windows 7, Windows XP, Windows Server 2003, Windows Server 2008 R2. The update for Windows Vista and Windows Server 2008 is available for download here and will be available via Windows Update by Feb 23.
Once this update is applied and the manifest expiry feature is removed, the AD RMS aware applications (including Internet Explorer) will no longer need to renew their manifests. This will eliminate the possibility of manifest expiration. The change will be effective for both new as well as existing RMS products. Applications will still need to have a manifest and RMS Partner ISVs will still need to have a Microsoft issued production certificate for creating that manifest.
Application manifest expiry was a legacy feature in the original product that was intended to allow for more granular control of the applications that can access RMS protected content. The functionality this feature provided has since been subsumed by other features in AD RMS, such as Application Exclusion as well as Windows Software Restrictions Policies, which allow for controlling what applications can run in your enterprise. This approach puts the control in the hands of our customers and is therefore preferable to the original design. As a result of this update to the software, the application manifest expiry feature will no longer be required.
With the new 10.1 version of Forefront Online Protection for Exchange (FOPE) customers can submit technical support requests directly from the FOPE Admin Center site.
Support requests are typically responded to in less than 24 hours, depending on severity level. For details, see the New Features Guide and the 10.1 Admin Center Guide.
Customers have three ways of contacting support:
1. A “Get Help Now” link to the Microsoft Support request site now appears in the Administration Center on both the “Resources” page and the shortcut menu underneath authorized users’ logon names.
· This link will lead to the Microsoft Support home page. Here, authorized users can complete and submit support requests.
· Customers can also track the progress of all submitted support requests through “View Incidents” Link.
2. Telephone: For emergency or urgent support requests requiring faster turnaround. In the United States and Canada, call toll-free (866) 291-7726 or dial direct (204) 927-2299. Outside the United States, call the Universal International Free phone Number 800-0000-0060. Additional international support phone numbers are listed in the Resources tab of the administrative console.
3. Microsoft Premier Support: This service is for Microsoft Premier Support subscribers only and the process remains unchanged for premier customers. For more information about accessing Premier Support, go to the Microsoft https://premier.microsoft.com .”