#AIIM14  #AIIM14  

#AIIM14  

Extending  informa/on  controls  beyond  ECM    

Vishal  Gupta  CEO,  Seclore  @secloretech  

#AIIM14  

The  balancing  act  :  Security  and  Collabora/on  

#AIIM14  

BYOD  …  Even  Chuck  Norris  cannot  stop  it  

#AIIM14  

Collabora/on  Is  a    Differen/ator    of  any    value  chain  

#AIIM14  

Data  on  the  cloud  …    

Is  making  informaCon  ubiquitously  available    

#AIIM14  

ECM  context  –  Cloud,  Mobile  and  external  users  

www.aiim.org/infochaos�  

Do  YOU  understand  the  business    challenge  of  the  next  10  years?  

This  ebook  from  AIIM  President  John  Mancini  explains.  

#AIIM14  

Client  scenarios  §  240,000  employee  European  bank    

§  Extensive  usage  of  ECM  §  Worried  about  security  and  compliance  of  content  when  FileNet  use  is  

extended  to  external  agencies  

§  One  of  the  five  largest  telecom  companies  in  the  world  §  Centralized  use  of  ECM  across  operaCons  §  Worried  about  regulatory  compliance  around  customer  and  employee  data  

§  One  of  the  five  largest  paints  and  coa/ngs  company  in  the  world  §  Usage  of  ECM  across  group  R&D  funcCons  §  Worried  about  “opening  up”  FileNet  for  mobile  access  due  to  security  

reasons  

#AIIM14  

ECM  security  -­‐  stand  alone  ECM User

Edited

Copied

Printed

Shared

Un-protected File

Authorized  access  

Unauthorized  use  

#AIIM14  

The  dream  …  WHO can use People & groups within and outside of the organization can be

defined as rightful users of the information

WHAT can (s)he do Individual actions like reading, editing, printing, distributing,

copy-pasting, screen grabbing etc. can be controlled

WHEN can (s)he use it Information usage can be time based e.g. can only be used by

Mr. A till 28th Sept OR only for the 2 days

WHERE can (s)he use it from Information can be linked to locations e.g. only 3rd floor

office by private/public IP addresses

#AIIM14  

The  dream  …  

#AIIM14  

•  WHO can use the information

People & groups within and outside of the organization can be defined as rightful users of the information

•  WHAT can each person do

Individual actions like reading, editing, printing, distributing, copy-pasting, screen grabbing etc. can be controlled

•  WHEN can he use it

Information usage can be time based e.g. can only be used by Mr. A till 28th Sept OR only for the 2 days

•  WHERE can he use it from

Information can be linked to locations e.g. only 3rd floor office by private/public IP addresses

IRM allow enterprises to define, implement & audit information usage “policies”. A “policy” defines :

Informa/on  Rights  Management  -­‐  defined  

#AIIM14  

ECM  and  IRM  combined  User

Authorized  access  

ECM + Seclore FileSecure

Authorized  use  only  

Edited

Copied

Printed

Viewed Protected File

Distributed

#AIIM14  

FileNet  +  FileSecure  –  What  and  Why  ?  

#AIIM14  

FileNet  +  FileSecure  –  What  and  Why  ?  

#AIIM14  

Policy  defini/on  

§  ECM  +  Seclore  FileSecure    A  walkthrough  

#AIIM14  

Policy  defini/on  

#AIIM14  

Policy  defini/on  

#AIIM14  

Applying  policies  to  IBM  FileNet  Folders  

#AIIM14  

Applying  policies  to  IBM  FileNet  Folders  

#AIIM14  

Policy  implementa/on  

#AIIM14  

Policy  implementa/on  

#AIIM14  

Policy  implementa/on  

#AIIM14  

Adding  content  to  the  protected  folder  

#AIIM14  

Adding  content  to  the  protected  folder  

#AIIM14  

Document  uploaded  

#AIIM14  

Document  download  from  IBM  FileNet  

#AIIM14  

Extending  IBM  FileNet’s  control  outside  

Downloaded  document    from  FileNet.  

NoCce  the  red  lock!  

#AIIM14  

Explicit  display  of  rights  :  Privacy  compliance  

#AIIM14  

AWempt  to  perform  unauthorized  ac/on  

#AIIM14  

AWempt  to  perform  unauthorized  ac/on  

#AIIM14  

AWempt  to  perform  unauthorized  ac/on  

#AIIM14  

AWempt  to  perform  unauthorized  ac/on  

#AIIM14  

AWempt  to  perform  unauthorized  ac/on  

#AIIM14  

AWempt  to  perform  unauthorized  ac/on  

#AIIM14  

AWempt  to  perform  unauthorized  ac/on  

#AIIM14  

Informa/on  audit  

#AIIM14  

Other  IRM  possibili/es  

IRM  

DLP  ECM  Desktops   File  servers  

Messaging   ERP   Custom  apps  

#AIIM14  

Ques/ons  ?  

§  hXp://www.seclore.com/ibm_filenet.html    §  www.ibm.com/so]ware/products/en/filecontmana  

§  Email  :  info@seclore.com      

www.aiim.org/infochaos�  

Do  YOU  understand  the  business    challenge  of  the  next  10  years?  

This  ebook  from  AIIM  President  John  Mancini  explains.