Information Protection

This page provides information for the IT professional about features and technologies that provide ways of securing information and technologies to allow only legitimate users access to devices, applications, and data.

Active Directory Rights Management Services

Active Directory Rights Management Services (AD RMS) is a security technology that works with applications to help protect digital content such as Web content, documents, and e-mail.

• Technical Overview of Windows Rights Management Services
  This white paper provides a technical overview of Windows Rights Management Services (RMS) with Service Pack 1 for Windows Server 2003, the reasons for implementing this information protection technology, and the processes and steps for implementation.
  For information about Active Directory Rights Management Services in Windows Server 2008, see the Active Directory Rights Management Services Overview.
• Active Directory Rights Management Services Role
  This article describes the changes in features for AD RMS as administered from Windows Server 2008.
• Active Directory Rights Management Services Client for Windows Vista
  This overview article describes considerations when working with the AD RMS client application in Windows Vista.

Backup and Restore

Backup and restore operations in Windows Vista help protect your data if your hard disk stops working or your files are accidentally erased.

• Windows Backup and Restore Center
  This article explains the Windows Backup and Restore Center features in Windows Vista.

BitLocker Drive Encryption

Windows BitLocker Drive Encryption (BitLocker) is a feature available in the Windows Server 2008 and Windows Vista operating systems. BitLocker allows you to encrypt all data stored on the Windows operating system volume and configured data volumes.

• Windows BitLocker Drive Encryption Frequently Asked Questions
  This provides answers to frequently asked questions about the system requirements, upgrade procedures, deployment issues, administration, and management of BitLocker in Windows Vista.
• BitLocker Drive Encryption Technical Overview
  This document describes BitLocker, including concepts, benefits, security considerations, implementation, requirements, architecture, and system recovery.
• Windows BitLocker Drive Encryption Step-by-Step Guide
  This step-by-step guide provides the instructions you need to use BitLocker in a test environment.
• BitLocker Drive Encryption Configuration Guide: Backing Up BitLocker and TPM Recovery Information to Active Directory
  This document describes how to configure Active Directory Domain Services (AD DS) to back up recovery information for BitLocker and the Trusted Platform Module (TPM).
• Data Encryption Toolkit for Mobile PCs
  The Data Encryption Toolkit for Mobile PCs provides guidance and tools to help you protect your organization's data.
• BitLocker Drive Encryption Glossary
  This glossary includes terms related to BitLocker.

Encrypting File System

Encrypting File System (EFS) is a core encryption technology that enables you to encrypt files stored on NTFS volumes.

• Encrypting File System
  This page provides an overview of EFS and the changes to EFS made in Windows Vista and Windows Server 2008.

Public Key Infrastructure

A public key infrastructure (PKI) enables you to secure and exchange information with strong security and easy administration across the Internet, extranets, intranets, and applications.

• Certificate-Related Changes for Windows Vista
  This overview document describes several new and updated features that support certificate-related improvements, including Web enrollment updates, credential roaming, Cryptography Next Generation support, and CryptoAPI monitoring.
• Troubleshooting PKI Problems on Windows Vista
  This document describes how to use CryptoAPI 2.0 Diagnostics to compile detailed information about certificate chain validation, certificate store operations, and signature verification, thereby simplifying the process of identifying the cause of PKI problems.

Trusted Platform Module

Trusted Platform Module (TPM) services is a new feature that is used to administer the TPM security hardware in a computer.

• Trusted Platform Module Administration Technical Overview
  This reference topic describes what the TPM chip is and the TPM services components.
• Windows Trusted Platform Module Management Step-by-Step Guide
  This step-by-step guide provides the instructions necessary to use TPM management in a test environment.