extending information controls beyond ecm
DESCRIPTION
In the "new new" world of consumerization, cloud, and mobile, controlling information usage as it flows within and outside the enterprise requires new approaches. Traditional access control and governance frameworks break down when devices, applications and networks are "unmanaged". Information centric view of security, privacy, & compliance controls then becomes the only option. This session introduces IRM as a technology & how it can be used along with enterprise content management (ECM) systems to extend ECM security controls.TRANSCRIPT
#AIIM14 #AIIM14
#AIIM14
Extending informa/on controls beyond ECM
Vishal Gupta CEO, Seclore @secloretech
#AIIM14
The balancing act : Security and Collabora/on
#AIIM14
BYOD … Even Chuck Norris cannot stop it
#AIIM14
Collabora/on Is a Differen/ator of any value chain
#AIIM14
Data on the cloud …
Is making informaCon ubiquitously available
#AIIM14
ECM context – Cloud, Mobile and external users
www.aiim.org/infochaos�
Do YOU understand the business challenge of the next 10 years?
This ebook from AIIM President John Mancini explains.
#AIIM14
Client scenarios § 240,000 employee European bank
§ Extensive usage of ECM § Worried about security and compliance of content when FileNet use is
extended to external agencies
§ One of the five largest telecom companies in the world § Centralized use of ECM across operaCons § Worried about regulatory compliance around customer and employee data
§ One of the five largest paints and coa/ngs company in the world § Usage of ECM across group R&D funcCons § Worried about “opening up” FileNet for mobile access due to security
reasons
#AIIM14
ECM security -‐ stand alone ECM User
Edited
Copied
Printed
Shared
Un-protected File
Authorized access
Unauthorized use
#AIIM14
The dream … WHO can use People & groups within and outside of the organization can be
defined as rightful users of the information
WHAT can (s)he do Individual actions like reading, editing, printing, distributing,
copy-pasting, screen grabbing etc. can be controlled
WHEN can (s)he use it Information usage can be time based e.g. can only be used by
Mr. A till 28th Sept OR only for the 2 days
WHERE can (s)he use it from Information can be linked to locations e.g. only 3rd floor
office by private/public IP addresses
#AIIM14
The dream …
#AIIM14
• WHO can use the information
People & groups within and outside of the organization can be defined as rightful users of the information
• WHAT can each person do
Individual actions like reading, editing, printing, distributing, copy-pasting, screen grabbing etc. can be controlled
• WHEN can he use it
Information usage can be time based e.g. can only be used by Mr. A till 28th Sept OR only for the 2 days
• WHERE can he use it from
Information can be linked to locations e.g. only 3rd floor office by private/public IP addresses
IRM allow enterprises to define, implement & audit information usage “policies”. A “policy” defines :
Informa/on Rights Management -‐ defined
#AIIM14
ECM and IRM combined User
Authorized access
ECM + Seclore FileSecure
Authorized use only
Edited
Copied
Printed
Viewed Protected File
Distributed
#AIIM14
FileNet + FileSecure – What and Why ?
#AIIM14
FileNet + FileSecure – What and Why ?
#AIIM14
Policy defini/on
§ ECM + Seclore FileSecure A walkthrough
#AIIM14
Policy defini/on
#AIIM14
Policy defini/on
#AIIM14
Applying policies to IBM FileNet Folders
#AIIM14
Applying policies to IBM FileNet Folders
#AIIM14
Policy implementa/on
#AIIM14
Policy implementa/on
#AIIM14
Policy implementa/on
#AIIM14
Adding content to the protected folder
#AIIM14
Adding content to the protected folder
#AIIM14
Document uploaded
#AIIM14
Document download from IBM FileNet
#AIIM14
Extending IBM FileNet’s control outside
Downloaded document from FileNet.
NoCce the red lock!
#AIIM14
Explicit display of rights : Privacy compliance
#AIIM14
AWempt to perform unauthorized ac/on
#AIIM14
AWempt to perform unauthorized ac/on
#AIIM14
AWempt to perform unauthorized ac/on
#AIIM14
AWempt to perform unauthorized ac/on
#AIIM14
AWempt to perform unauthorized ac/on
#AIIM14
AWempt to perform unauthorized ac/on
#AIIM14
AWempt to perform unauthorized ac/on
#AIIM14
Informa/on audit
#AIIM14
Other IRM possibili/es
IRM
DLP ECM Desktops File servers
Messaging ERP Custom apps
#AIIM14
Ques/ons ?
§ hXp://www.seclore.com/ibm_filenet.html § www.ibm.com/so]ware/products/en/filecontmana
§ Email : [email protected]
www.aiim.org/infochaos�
Do YOU understand the business challenge of the next 10 years?
This ebook from AIIM President John Mancini explains.