Access Management and
Information Protection

Was WikiLeaks a wakeup call for your organization?

Would you know if an unauthorized person is accessing or publishing sensitive documents or emails?

Are your access and protection policies enforced on all devices?

Knowledge is the lifeblood of any organization.Your intellectual property and sensitive data is migrating across your enterprise (and the Internet) on a wide range of devices that are not always owned or managed by your organization. When a mobile device, tablet, or PC is lost or stolen, the value of its data is more valuable than the device itself! Cloud initiatives and the globalization of enterprise services are adding increasing pressure to secure digital assets. Certain regulatory standards and laws such as: SOX, PCI, FISMA, and HIPAA require companies to have oversight into who has access to sensitive financial or corporate information. Some industries and states require disclosure when customer data breaches occur. Given these industry and regulatory requirements, it is more important than ever to protect your digital assets.

Know where your digital assets are going and who is accessing them

Microsoft® Active Directory® Rights Management Services (AD RMS) helps IT organizations ensure that corporate assets are protected at the data level. The goal of any AD RMS deployment is to be able to apply data protection polices to digital assets and protect those assets, no matter where they go. Once AD RMS protection is added to a digital asset, the protection stays with the asset and can only be removed by the asset’s owner or designated individuals within the organization. The owner can apply a data protection policy to an asset which grants rights to other users to perform actions such as the ability to print, view, or copy the asset. The classification and protection process can also be automated when files are uploaded to a file server, sent via email, or uploaded to a Microsoft® SharePoint® site.
Orcas Consulting will work with your teams to understand the full asset/document lifecycle in your enterprise. We will use our firm’s Information Protection Framework (Creation, Distribution, Storage, Archival, and Destruction) to assess where your sensitive documents flow throughout the company and track on what devices these documents get accessed. Our analysis will help your IT and Security organizations develop use cases and data usage statistics so that you understand where best to focus their resources.

Implement Access Management & Information Protection with Confidence

Orcas Consulting’s project experience, technical expertise, and engagement methodology ensure successful delivery of our solutions. All Orcas engagements follow a straightforward engagement methodology that should be familiar to our enterprise customers. A typical Access Management and Information Protection engagement would include the following phases and tasks:
Plan & Analyze – Your goals and objectives are clearly defined. Project scope and technical approach are agreed. Roles and responsibilities are assigned. Interviews of key business stakeholders/owners are performed. A robust use case and requirements document is created. A project schedule is developed.
Design – Key business use cases and the full life cycle of your digital assets are analyzed using the Orcas Information Protection Framework. A functional specification is created.
Build – The proposed solution is built in a pre-production environment. A detailed implementation plan and deployment schedule is created along with deployment checklists and sample scripts.
Test – The solution is tested for functionality and performance. Configurations are adjusted to meet goals.
Deploy – Technology is released in production. Deployment issues are resolved.
Stabilize – Operational guidelines and documentation are tweaked. Solution is turned over to customer.