aiim webinar content security at the fulcrum of innovation and risk

Thank You to Our Underwriters

Content Security StrategyContent Security Strategy

Control& Secure

Collaborate& Innovate

Risk vs.Benefit

The Traditional View to The Traditional View to Information SecurityInformation Security

• Perimeter: "Traditional" Network Security

• Core: Desktops, Servers, Machines, OSes, Applications

• Standard policy is:OUTSIDE = UNTRUSTEDINSIDE = (COMPLETELY) TRUSTED

• Content: Content in all forms, whether at rest or in motion

Perimeter

Content

Application-Level SecurityApplication-Level Security• Document/Content

Management provides access into repositories with document/user level controls - a mini perimeter

• Records Management provides lifecycle management for Archive and Destruction

• Content is free to go where it will once it is out of those systems

Content SecurityContent Security

• Policy-based

• Imposed at the document/user/application level (context)

• Omni-present

• Auto-auditing

• Content Authentication

• User Authentication

• Encryption

POLICY

Content Security Component Content Security Component TechnologiesTechnologies

• Records Management

• Document Management

• Web Content Management

• Workflow/BPM

• E-mail Management

• Enterprise Rights Management/Digital Rights Management

• Identity Management/User Authentication

• Content Authentication

• Content Addressed Storage

• Trusted Time Stamps

• Data Loss/Leak Prevention

• Public Key Infrastructure (PKI)

• Digital Signatures

• Hierarchical Storage Management

Developing a StrategyDeveloping a Strategy

Control& Secure

Collaborate& Innovate

Enterprise Content Security Enterprise Content Security StrategyStrategy

• Aligned to/Foundation of Corporate Governance• Lifecycle• Policy Driven

– Less is More • File Type Agnostic• Automated to the Degree Practical

Market RealityMarket Reality

Source: AIIM Content Security Market IQ, 2007

Is Your Organization’s Content Security Strategy Driven More by a Desire to Lock Is Your Organization’s Content Security Strategy Driven More by a Desire to Lock Down Content or to Enable Secure Collaboration?Down Content or to Enable Secure Collaboration?

0% 7.5% 15.0% 22.5% 30.0%

Well Aware and areExpressly Addressing It

Vaguely Familiar and Understandits Relationship to the BroaderTopic of Security

Not Sure How This is DifferentForm Security in General

No Clear How Understanding

How Well is Content Security Understood in Your Organization?How Well is Content Security Understood in Your Organization?

Well aware and are expressly addressing it.

Vaguely familiar and understand its relationship to the broader topic of security.

Not sure how this is different from security in general.

No clear how understanding.

Within the Last 2 Years Has Content Been Within the Last 2 Years Has Content Been Updated/Deleted by an Unauthorized Individual Updated/Deleted by an Unauthorized Individual Either Deliberately or Accidentally?Either Deliberately or Accidentally?

Within the Last 2 Years Has Content Within the Last 2 Years Has Content Been Inappropriately Accessed by an Been Inappropriately Accessed by an Unauthorized Individual Either Unauthorized Individual Either Deliberately or Accidentally?Deliberately or Accidentally?

Is There an Is There an Appreciation for Appreciation for the Potential Cost the Potential Cost Associated with Associated with the Risk of the Risk of Unsecured Unsecured Content in Your Content in Your Organization?Organization?

There is No Appreciation

$0 - $5,000 Annually

$5,000 - $25,000 Annually

$25,000 - $100,000 Annually

$100,000 - $500,000 Annually

$500,000 - $1,000,000 Annually

$1,000,000 + Annually

0% 17.5% 35.0% 52.5% 70.0%

Who Owns The Content Security Initiative in Your Organization?Who Owns The Content Security Initiative in Your Organization?

What is Your Organization’s Current What is Your Organization’s Current Involvement With Content Security?Involvement With Content Security?

Do You Have a Specific Do You Have a Specific Group Within Your Group Within Your Organization to Address Organization to Address Content Security?Content Security?

Assuming Budget is Available, What are the Primary Obstacles to Assuming Budget is Available, What are the Primary Obstacles to Implementing Content Security?Implementing Content Security?

Lack of Understanding/Appreciation

Complexity of Solution

User Resistance

Lack of Business Interest

Lack of IT Support for the Initiative

Lack of a Business Case

Management Resistance

0% 10% 20% 30% 40%

Why Care?Why Care?• Security is a major issue for CxOs

– Flexible, Comprehensive Enterprise Governance• Knowledge Management, Innovation Management, Collaborative

Teams, Enterprise 2.0• M&A, e-Discovery, Conflict of Interest, Minimizing Mistakes &

Embarrassment• Strategic deployment and alignment with business provides

competitive advantage, holistic benefit – Responsiveness– Reduced Costs– Increased Access

• Content Security is critical but requires positioning and education

Market EducationMarket Education

Q & ACarl Frappaolo

Vice President, Market Intelligencecfrappaolo@aiim.org

Thank You

aiim webinar content security at the fulcrum of innovation and risk

Business

aiim social business roadmap

aiim 2007 0517

fulcrum - eurofarma.com.gt

creating tomorrow’s nation buildersim)_2018.../aiim...

a little bpm with your sharepoint: aiim webinar preview

industry watch - aiim

aiim market iq on findability webinar public version

aiim africa

fulcrum way webinar top 10 advanced control to improve...

fulcrum brochure

aiim +`++ 0-° 0 +++++++

fulcrum celaneseipo

aiim webinar - e-signatures in europe - understanding the...

aiim + alfresco infographic

aiim standards

aiim conference 2012

aiim webinar integrating and auditing content across the...

fulcrum 091108

fulcrum 031209

fulcrum utility services limited annual report and...