Data Classification Tool
The Data Classification Toolkit was released the day 08/16 for public download and many are unaware of its functionality, then let’s understand the importance of this tool available in http://www.microsoft.com/download/en/details.aspx?id=27123
Its employees create documents with credit card number, for example, a record of registration in a course or training, or a contract of sale. These documents are saved in XML which includes Office 2007 and 2010 that save in this format. These documents are open for anyone to read, copy, or delete.
Use a system able to read the contents of these documents and find information patterns -based (patterns) to discover sensitive data or legal. Additionally it is possible to implement a structure of RMS (Rigths Manager System) that encrypt sensitive documents through a classification based in the inner content of the document.
Microsoft Data Classification Toolkit
This tool is the DCT, which will work with XMLs rules-based configuration, tasks, and reports. To demonstrate I used one of XMLs examples available.
The first print shows the properties and rules available for the type of protection you want. Note that in this case the XML used to indicate files that need to be encrypted using a series of properties, involving the retention period and the level of confidentiality (or importance) of internal information.
The second print shows an example of classification in PCI-DSS, where we see the mascaras credit card Visa, Master and American Express. Note that if a document exists these numbers it will be classified as "moderate" content which could start the encryption process if it is implemented or just go for a report.
Finally, the third print shows the same XML above (PCI-DSS) in the reports section where we can see that a report has been created that will generate an XML column "Confidentiality" for the administrator to find these documents and reports for internal audit.
Implementing Microsoft Data Classification Toolkit
The tool needs to be configured on the file servers (File Server Infrastructure) and a computer that will serve as a monitor to generate reports and track the distribution of content rules.
The tool’s implementation is complex, has no GUI and based in XMLs that are controlled by PowerShell.
However, in the document that accompanies the installation you will find a document (Data Classification Toolkit for WS2008R2-User Guide.docx) with detailed information on how to assemble the structure and configure the files, and bring a cmdlets tab of the DCT.
This solution is not for everyone since it involves complex security standards such as Cobit, ISO, SOX and others. But for businesses that need this kind of international control and default Data Classification Toolkit is a free solution, integrated and functional.