Compliance storyboard:“Classifying & controlling content at the input device”

Application Areas:

Companies wishing to:• Prevent redistribution of valuable information including Intellectual

Property (IP), Patent, Financial and Personnel information • Achieving ISO 27001 Accreditation • Merger & Acquisition activity • Knowledge Management• Records Management & Archiving using the ISO 19005 (PDF/A)

archive-compliant standard.• Secure Collaboration Projects • Risk Management related to company information • Enforcing Quality Assurance procedures, such as ISO 9000 and Six

Sigma

Target Audience

• Head of Compliance• Head of Information Security• Chief Information Officer• Company Secretary/COO• Head of Internal Audit• CEO• CFO

Application Scenario

• This storyboard is based around Classifying, at the input device, key business documents.

• Based upon the ISO 27001 Information Classification selected, the scanned document will be stamped and the appropriate internal controls will be applied, as per the corporate document classification policy.

• An end user is presented with the Classification options that are mapped to their role, and authority, within a company. For example, the CFO may have access to a wider range of classification options than those presented to the Office Clerk.

• This has a five-tier classification model.

AuthenticatingThe user is required to authenticate to the network, using Windows or biometric authentication. This action is recorded and logged.

The user is presented with the options applicable to their Role and level of authority within the company.

Main Screen

The selected classification “Top Secret” is embedded in the document, and the appropriate business controls enforced.

Preview

Intelligent document routing will initiate the selected business process, generating an audit trail.

Destination

You can enforce your corporate security policies at the input device. In this example, the end-user MUST select a policy.

Apply security

Classification of “Top Secret” requires encryption and routes a second archive copy to the Records Management System.

“Top Secret” Classification

Controlled functionality

When a document is classified as “Top Secret”, the User cannot print or edit the controlled document..

Information can also be protected before it’s distributed externally

Destination options

Destination options eCopy can interface with corporate e-mail systems

From the device, an e-mail can be created and sent; a copy can also be sent to the Head of Compliance.

Delivery options

Audit trail

• A detailed Audit Trail is recorded and can be integrated with existing management and reporting tools, such as Business Objects, SAS, and Actuate. The Audit Trail can also be stored within the Records Management system, with the archived documents.

eCopy summary

• eCopy can help companies achieve audited compliance through enforcing ISO 27001 classification for their key paper based information.

• As the information is classified at the point of entry, eCopy minimizes possible failures to follow the business process.

• eCopy can generate an ISO 19005 (PDF/A) archive-compliant copy of a document, together with a detailed audit trail, including authentication details, to prove compliance and to guarantee the integrity of the information through its lifecycle.

• eCopy enables Intelligent Document Routing, based upon the business process, to protect and control the distribution of business information.

• eCopy provides an intuitive user interface that displays the classification options mapped to the end user profile. – For example, “Highly Confidential”, selected by R&D staff, may

generate an ISO 19005 archive copy. “Highly Confidential”, selected by Sales staff, may require different intelligent document routing and controls.