Tip of the Day: VPN and Enterprise Data Protection

Today’s Tip…

EDP is new for Windows 10 and provides an array of capabilities aimed and assuring the integrity of data wherever it may rest in the enterprise. 

What’s new in Windows 10 | Enterprise Data Protection overview

But how can VPN administrators leverage an EDP policy to extend data protection to remote devices?

Windows 10 VPN integrates fully with the Enterprise Data Protection platform, leveraging an existing EDP policy to protect both incoming and outgoing data. 

Consider the following:

How EDP Works

EDP policies protect enterprise data residing on the corporate network or in the cloud

Enterprise networks are identified in an EDP policy by

  • a DNS suffix,
  • by online service, and/or
  • by IP ranges

Data accessed from these networks is always encrypted when stored on a local device

How VPN Uses EDP

In the EDP Policy

  • An EDP Identifier tags (administratively defined) Enterprise Applications

In the VPN Policy

  • The EDP Identifier is inserted into the VPN Profile

The network stack can use this information in the following ways:

  • EDP protected apps can be used to trigger VPN
  • EDP can also be used to restrict the VPN interface so that only Enterprise Apps can communicate across a tunnel