• Like

Extending Information Controls Beyond ECM

  • 283 views
Uploaded on

In the "new new" world of consumerization, cloud, and mobile, controlling information usage as it flows within and outside the enterprise requires new approaches. Traditional access control and …

In the "new new" world of consumerization, cloud, and mobile, controlling information usage as it flows within and outside the enterprise requires new approaches. Traditional access control and governance frameworks break down when devices, applications and networks are "unmanaged". Information centric view of security, privacy, & compliance controls then becomes the only option. This session introduces IRM as a technology & how it can be used along with enterprise content management (ECM) systems to extend ECM security controls.

More in: Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
No Downloads

Views

Total Views
283
On Slideshare
0
From Embeds
0
Number of Embeds
4

Actions

Shares
Downloads
13
Comments
1
Likes
1

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. #AIIM14  #AIIM14   #AIIM14   Extending  informa/on  controls  beyond  ECM     Vishal  Gupta   CEO,  Seclore   @secloretech  
  • 2. #AIIM14   The  balancing  act  :  Security  and  Collabora/on  
  • 3. #AIIM14   BYOD  …   Even  Chuck   Norris   cannot  stop   it  
  • 4. #AIIM14   Collabora/on   Is  a     Differen/ator     of  any     value  chain  
  • 5. #AIIM14   Data  on  the  cloud  …     Is  making  informaCon   ubiquitously  available    
  • 6. #AIIM14   ECM  context  –  Cloud,  Mobile  and  external  users  
  • 7. www.aiim.org/infochaos   Do  YOU  understand  the  business     challenge  of  the  next  10  years?   This  ebook  from  AIIM  President   John  Mancini  explains.  
  • 8. #AIIM14   Client  scenarios   §  240,000  employee  European  bank     §  Extensive  usage  of  ECM   §  Worried  about  security  and  compliance  of  content  when  FileNet  use  is   extended  to  external  agencies   §  One  of  the  five  largest  telecom  companies  in  the  world   §  Centralized  use  of  ECM  across  operaCons   §  Worried  about  regulatory  compliance  around  customer  and  employee  data   §  One  of  the  five  largest  paints  and  coa/ngs  company  in  the  world   §  Usage  of  ECM  across  group  R&D  funcCons   §  Worried  about  “opening  up”  FileNet  for  mobile  access  due  to  security   reasons  
  • 9. #AIIM14   ECM  security  -­‐  stand  alone   ECMUser Edited Copied Printed Shared Un-protected File Authorized  access   Unauthorized  use  
  • 10. #AIIM14   The  dream  …   WHO can use People & groups within and outside of the organization can be defined as rightful users of the information WHAT can (s)he do Individual actions like reading, editing, printing, distributing, copy-pasting, screen grabbing etc. can be controlled WHEN can (s)he use it Information usage can be time based e.g. can only be used by Mr. A till 28th Sept OR only for the 2 days WHERE can (s)he use it from Information can be linked to locations e.g. only 3rd floor office by private/public IP addresses
  • 11. #AIIM14   The  dream  …  
  • 12. #AIIM14   •  WHO can use the information People & groups within and outside of the organization can be defined as rightful users of the information •  WHAT can each person do Individual actions like reading, editing, printing, distributing, copy-pasting, screen grabbing etc. can be controlled •  WHEN can he use it Information usage can be time based e.g. can only be used by Mr. A till 28th Sept OR only for the 2 days •  WHERE can he use it from Information can be linked to locations e.g. only 3rd floor office by private/public IP addresses IRM allow enterprises to define, implement & audit information usage “policies”. A “policy” defines : Informa/on  Rights  Management  -­‐  defined  
  • 13. #AIIM14   ECM  and  IRM  combined   User Authorized  access   ECM + Seclore FileSecure Authorized  use  only   Edited Copied Printed Viewed Protected File Distributed
  • 14. #AIIM14   FileNet  +  FileSecure  –  What  and  Why  ?  
  • 15. #AIIM14   FileNet  +  FileSecure  –  What  and  Why  ?  
  • 16. #AIIM14   Policy  defini/on   §  ECM  +  Seclore  FileSecure    A   walkthrough  
  • 17. #AIIM14   Policy  defini/on  
  • 18. #AIIM14   Policy  defini/on  
  • 19. #AIIM14   Applying  policies  to  IBM  FileNet  Folders  
  • 20. #AIIM14   Applying  policies  to  IBM  FileNet  Folders  
  • 21. #AIIM14   Policy  implementa/on  
  • 22. #AIIM14   Policy  implementa/on  
  • 23. #AIIM14   Policy  implementa/on  
  • 24. #AIIM14   Adding  content  to  the  protected  folder  
  • 25. #AIIM14   Adding  content  to  the  protected  folder  
  • 26. #AIIM14   Document  uploaded  
  • 27. #AIIM14   Document  download  from  IBM  FileNet  
  • 28. #AIIM14   Extending  IBM  FileNet’s  control  outside   Downloaded  document     from  FileNet.   NoCce  the  red  lock!  
  • 29. #AIIM14   Explicit  display  of  rights  :  Privacy  compliance  
  • 30. #AIIM14   AWempt  to  perform  unauthorized  ac/on  
  • 31. #AIIM14   AWempt  to  perform  unauthorized  ac/on  
  • 32. #AIIM14   AWempt  to  perform  unauthorized  ac/on  
  • 33. #AIIM14   AWempt  to  perform  unauthorized  ac/on  
  • 34. #AIIM14   AWempt  to  perform  unauthorized  ac/on  
  • 35. #AIIM14   AWempt  to  perform  unauthorized  ac/on  
  • 36. #AIIM14   AWempt  to  perform  unauthorized  ac/on  
  • 37. #AIIM14   Informa/on  audit  
  • 38. #AIIM14   Other  IRM  possibili/es   IRM   DLP  ECM  Desktops   File   servers   Messaging   ERP   Custom   apps  
  • 39. #AIIM14   Ques/ons  ?   §  hXp://www.seclore.com/ibm_filenet.html     §  www.ibm.com/so]ware/products/en/filecontmana   §  Email  :  info@seclore.com      
  • 40. www.aiim.org/infochaos   Do  YOU  understand  the  business     challenge  of  the  next  10  years?   This  ebook  from  AIIM  President   John  Mancini  explains.