/pcq/media/agency_attachments/L8pkS8gpnodJThOdAfv1.jpg)
Follow UsThe Indian economy is going through a drastic upward reform. With increased pressure to streamline processes and reduce costs comes increased regulatory compliance and security threats. Companies have started sharing confidential information increasingly outside their physical boundaries to vendors and customers. Technologies which provide security by controlling the flow of information within a specific computer / network / location are rendered useless in the context of outsourced processes and a mobile workforce.
/pcq/media/post_attachments/76e6c4922cd7d18992651932132e500d97a30d136529d0fccd232ff368fb1a32.jpg)
Need for persistent and ubiquitous protection
In today's business age, confidential information in an organization is scattered around on desktops, laptops, removable media (CD, storage devices), file-servers and even outside the organization with business partners like vendors and customers. Managing such unstructured information and preventing it from going into wrong hands is a daunting task as has been proved by the recent Wikileaks episodes. Enterprises require advanced security measures to cut off risks of potential threats of information leakage which prove to be detrimental to any business organization. Hence the need arises for implementing a suitable security technology that can prevent the loss of important data and thereby ensure the safety of an enterprise. Therefore the need arises for a security solution that can provide protection to information during creation, transit and use. Other important aspects of the technology are affordability and time saving security measures with multiple features to keep track on the data that is being processed.
Salient features of IRM
Information Rights Management (IRM) technology is one such innovation that brings tremendous security and benefits to the organization by preventing information loss and provides complete and persistent usage control on information throughout its lifecycle of creation-distribution-use and destruction.
IRM & remotely controlling information
IRM enables the sender of information to designate which person can have access to the information, what actions (view, edit, print, etc) the person can do, at what date and time of the year and also from which location. One of the most salient features of the IRM technology is that senders can 'remotely-control' information even after it has been sent to the receiver. The sender at any point in time, in real time, can change controls of the receiver on the information sent to him earlier. Information can also be programmed for self destruction based on time!
IRM & monitoring
One of the major benefits of IRM is its audit trailing mechanism that can audit trail the usage of information from the time it is protected. All authorized actions as well as unauthorized attempts are logged, tracked and reported. Granular details of Who did What with information from Where and When was the attempt performed can be tracked and reported. It also helps in forensics to detect suspicious activities that are going on with any information. For example, the system can be setup to send an alert if there are 3 print requests on a document within a time span of 5 minutes from a particular location. The audit-trailing feature also helps organizations to adhere to regulatory and compliance frameworks like ISO 27000, Sarbanes-Oxley and HIPPA, for 'unstructured' data control.
With IRM, the enterprise can place controls on every aspect of information that is remitted including who can view it, the number of times it can be viewed or printed, when it can be deleted, etc. These controls allow the enterprise to dictate the terms of use of its data at any point irrespective of where the data is sitting.
Benefits of IRM
IRM enables an enterprise to limit actions on information. IRM protects information and restricts access to specific users and programs, thereby limiting rights of users who can access files. Unlike other systems (like firewalls, VPN, etc) which create a security wall around the organization, IRM secures the content itself. With IRM, when the file is circulated (internally and externally), the file has the intelligence to undergo authentication prior to a user accessing it. This authentication helps prevent unauthorized access to the information even after it has left the sender's computer.
IRM can also significantly lower costs and process delays associated with version control and document retention policies. With IRM, information can be shared with employees and business partners with no large additional investment in security systems. It increases revenues by preventing misuse, theft and leakage of content. It supports hundreds of file formats, including the most dominant enterprise document formats, reduces management overhead and allows enterprises to have consistent infrastructure.
/pcq/media/post_attachments/530ccc9f7561863ebfceb6bf045fdd6c68241a6d348145eb3dd65b23a1252e40.jpg)
Thus, IRM solutions take information protection well beyond other security technologies by ensuring that usage rights are propagated during normal information use. Unlike other technologies which protect information only while at rest, IRM offers protection while at rest, when in motion and when in use. Information is protected throughout the entire lifecycle of creation-distribution-use and destruction. Thus with granular control in information, even post distribution IRM puts control on information over and beyond what any other security technology can provide.
IRM and Microsoft SharePoint
SharePoint is a powerful tool for enterprise collaboration. Microsoft SharePoint is an integrated server platform that aims to provide web content management, enterprise content services, and enterprise search, as well as shared business processes and business intelligence dash boarding to the small and medium enterprise. It provides a centralized repository for documents and ensures security controls are implemented on them.
As the usage of SharePoint grows within the organization, the value of information stored within it also grows. Overtime it starts representing a single source of 'truth' and at the same time a single point of failure too! Employees with super user permissions or even those without them can simply bulk download information from within SharePoint system and misuse it. From a security perspective, SharePoint only focuses on securing the copy of information lying within the system, ie even though SharePoint allows for very granular definition of access permissions, these access permissions are only applied to copies of the document lying within the system. So if the document is downloaded, then all security permissions associated with the document with SharePoint become void immediately. In other words, SharePoint only provides 'access-control' to information within it. No enforcement of control is possible or permissible after the information leaves the system by way of download. Access control therefore does not protect the information but just provides a 'gate' through which information can leave. More technically, SharePoint does not implement 'usage control' for downloaded content.
/pcq/media/post_attachments/0dc86d22b56485f565d18144ae5bf71aafb9759f57dfcd2a3dc09638ebb106ae.jpg)
Because of all the above facts and by the very perimeter-centric nature, information in SharePoint frequently gets breached intentionally or unintentionally.
Protecting information
While IRM technology provides persistent security to information that is scattered around on desktops, laptops, and removable media, it also provides consistent protection to information in content repositories like Microsoft SharePoint.
IRM's integration with SharePoint protects information contents shared through SharePoint and can restrict usage to only specific users or groups by availing the information to only specific computers and IP addresses. IRM thus provides an additional layer of control when providing access to information downloaded from SharePoint. Additionally, it also restricts usage, including who can view and access it, print it, delete it or make changes to information residing outside the SharePoint perimeters. Additionally, IRM also provides complete assessment of downloaded content providing history and tracking of usage of information once it leaves the SharePoint system. Authorized actions as well as unauthorized attempts can be tracked for all downloaded documents with brief details. Thus, integration of IRM solution with SharePoint provides an extended security that benefits both small and large business. Some IRM technologies also integrate with other dominant enterprise content management (ECM) systems similar to SharePoint like IBM FileNet, Newgen Omnidocs and IBM Quickr.
The integration of IRM with SharePoint makes information-centric security for all confidential, sensitive and IP related information downloaded from SharePoint, an achievable aim. The minimal cost and effort of having such a necessary and must-have feature outweighs the risks of losing sensitive information to a competitor.