Ensuring Privacy and protection of digital files and information is a difficult ongoing task. Traditional solutions in NHS organisations protect initial access using a combination of perimeter-based security technologies to protect sensitive data: network access is protected by firewalls, servers hosting sensitive files can be restricted by Access Control Lists (ACLs), and confidential e-mail messages can be encrypted in transit to assure no tampering. However, this may result in information leaks and unauthorised users gaining access to information.
These forms of information protection, while immensely valuable, share a common limitation: after the intended (or unintended) recipient gains access to the information, he or she is free to use it in whatever manner they wish. For example, he or she can forward e-mail messages around the world in a single click, sometimes to unintended recipients, or save it to a mobile computer or USB drive.
Windows Server 2008 Active Directory Rights Management Services protects access to an NHS organisation’s digital files. It is a security technology that works with applications to help safeguard digital content—no matter where it goes—for people who need to protect sensitive Web content,
Windows Rights Management Service
With RMS content owners can define exactly how a recipient can use the information, such as who can open, modify, print, forward, or take other actions with the information. NHS organisations can create custom usage rights templates such as "NHS Confidential—Read only" that can be applied directly to information such as financial reports, product specifications, customer data, and e-mail messages.
From a user perspective the rights management service is surfaced in user applications such as Microsoft Office and Microsoft Office Sharepoint server.
This gives the ability to:
Microsoft Office SharePoint Server is a collaboration and content management server that allows you to have one integrated platform to support the portal and document management needs of your organisation. SharePoint’s content management supports the creation of workflows and policies to govern information[i]. SharePoint Server 2007 is integrated with RMS, so that access control policies can be enforced on all copies of content downloaded from SharePoint.
Microsoft Office Sharepoint Server 2007
Microsoft Forefront Security for SharePoint integrates multiple scan engines from industry-leading vendors and content controls to help businesses protect their Microsoft SharePoint collaboration environments by eliminating documents containing malicious code, confidential information, and inappropriate content. The new Forefront Security for SharePoint provides an improved user experience with file uploads, manual scanning, keyword filtering, and program administration.
Forefront Security for SharePoint is an on-premise solution that provides comprehensive protection for SharePoint document libraries
Microsoft Forefront Security for Exchange Server helps protect your e-mail infrastructure from infection and downtime through an approach that emphasises layered defences, optimisation of Exchange Server performance and availability, and simplified management control.
Comprehensive Protection: Microsoft Forefront Security for Exchange Server includes multiple scan engines from industry-leading security firms integrated in a single solution to help businesses protect their Exchange messaging environments from viruses, worms, and spam.
Optimised Performance: Through deep integration with Exchange Server, scanning innovations and performance controls, Forefront Security for Exchange Server helps protect messaging environments while maintaining uptime and optimising server performance.
Simplified Management: Forefront Security for Exchange Server also enables administrators to easily manage configuration and operation, automated scan engine signature updates and reporting at the server and enterprise level.
Microsoft Exchange Hosted Services for messaging security and management is composed of four distinct services that help organisations protect themselves from e-mail-borne malware, satisfy retention requirements for compliance, encrypt data to preserve confidentiality, and preserve access to e-mail during and after emergency situations. The services are deployed over the Internet using a “Software as a Service” model which helps minimize additional capital investment, free up IT resources to focus on other value-producing initiatives, and mitigate messaging risks before they reach the corporate firewall.
[i] The Information Worker stream of the Common User Interface Programme has published custom workflows for use in the NHS.