Microsoft Dynamic Access Control for IT and Compliance: An Example Use Case
Microsoft Server 2012 Dynamic Access Control (DAC) is a new authorization model that greatly simplifies management of access to information resources. With DAC, Microsoft has introduced Attributebased Access Control (ABAC) natively in the operating system, which gives companies the ability to define policies that control access to files based on their business value and risk, by considering the classification of the data and the properties of users and devices. The business benefit DAC can deliver is that access control can more easily align with core business objectives articulated at the CIO and Compliance Officer level. While DAC introduces several new capabilities, it is also the result of strategic enhancement of pre-existing NTFS utilities, services, and infrastructure. Perhaps the best news (at least from the perspective of IT Administrators), is that, even as DAC expands the scope of what access management means, new features automate and optimize the administrative work it requires. In other words, DAC provides benefits to IT Administrators and Information and Compliance Officers alike.