Successfully reported this slideshow.

IRM and E-discovery

1,931 views

Published on

Introduction into Content Security, how it is different from traditional IT approaches to security, with a delve into the component technology of IRM. Some examples of how the technology works in a legal setting, including e-discovery.

Published in: Business, Technology
  • Be the first to comment

  • Be the first to like this

IRM and E-discovery

  1. 1. Information Rights Management Redefining Information Security
  2. 2. The Traditional View to Information Security <ul><li>Perimeter: &quot;Traditional&quot; Network Security </li></ul><ul><li>Core: Desktops, Servers, Machines, OSes, Applications </li></ul><ul><li>Content: Content in all forms, whether at rest or in motion </li></ul>Perimeter Core Content
  3. 3. Perimeter Thinking <ul><li>Traditional Security is about securing the edge, primarily from outsiders </li></ul><ul><li>Standard policy is: OUTSIDE = UNTRUSTED INSIDE = (COMPLETELY) TRUSTED </li></ul><ul><li>Traditional Security is generic and does lowest common denominator levels of protection to secure the network, apps, desktops, but not content specifically </li></ul>Trusted
  4. 4. “ Modern-Traditional” Security <ul><li>Due to VPNs, WiFi, HTTP (web) traffic freely passing corporate firewalls </li></ul><ul><li>Perimeter shrinks down to the device/person, regardless of where you are, how you're connected, what you’re doing </li></ul><ul><li>This provides a new level of CONTEXT to security, only allowing trust to exist in very specific instances, although still typically a generic defense - securing the machine itself, but not the content on it, or sending to/from it. </li></ul>Semi-Trusted
  5. 5. Application-Level Security <ul><li>Document/Content Management provides access into repositories with document/user level controls - a mini perimeter </li></ul><ul><li>Records Management provides lifecycle management for Archive and Destruction </li></ul><ul><li>Content is free to go where it will once it is out of those systems </li></ul>
  6. 6. Information Rights Management <ul><li>Policy-based </li></ul><ul><li>Imposed at the document/user/application level (context) </li></ul><ul><li>Omni-present </li></ul><ul><li>Auto-auditing </li></ul><ul><li>Content Authentication </li></ul><ul><li>User Authentication </li></ul><ul><li>Encryption </li></ul>POLICY
  7. 7. “Traditional” Security Strategy Which of the following definitions of Digital Information Access Control most closely aligns with your definition?
  8. 8. IRM Security Strategy Which of the following definitions of Digital Information Access Control most closely aligns with your definition? Risk vs. Benefit
  9. 9. Why IRM? <ul><li>Conflict of interest </li></ul><ul><ul><li>Self-regulating secure access </li></ul></ul><ul><li>M&A </li></ul><ul><ul><li>Bi-directional sharing files in a controlled space </li></ul></ul><ul><ul><li>No extended sharing </li></ul></ul><ul><ul><li>Project timeline </li></ul></ul>
  10. 10. Why IRM? <ul><li>E-Discovery </li></ul><ul><ul><li>The “Ultimate” Secure Collaboration Platform </li></ul></ul><ul><ul><li>No extended sharing - In Context </li></ul></ul><ul><ul><li>Automated Clawbacks </li></ul></ul><ul><ul><li>Dynamic enabling/disabling </li></ul></ul><ul><ul><li>Automated & Complete End of Trial Expiration </li></ul></ul><ul><ul><li>Policy-based / repeatable </li></ul></ul>
  11. 11. Market Reality Within the past 2 years, has content been accesses by an unauthorized individual either deliberately or accidentally? Is Your Organization’s Content Security Strategy Driven More by a Desire to Lock Down Content or to Enable Secure Collaboration?
  12. 12. Market Reality Within the past 2 years, has content been accesses by an unauthorized individual either deliberately or accidentally? How Well is Content Security Understood in Your Organization?
  13. 13. Market Reality Within the past 2 years, has content been accesses by an unauthorized individual either deliberately or accidentally? What is Your Organization’s Current Involvement With Content Security?
  14. 14. Developing a Strategy Assuming budget is available, identify the primary obstacles to implementing Digital Information Access Control?
  15. 15. Why Care? <ul><li>Security is a major issue for CxOs </li></ul><ul><li>Future-proofing your business requires addressing this as competitive advantage </li></ul><ul><li>IRM is critical but requires positioning and education </li></ul><ul><li>Strategic deployment and alignment with business provides competitive advantage, holistic benefit </li></ul>
  16. 16. <ul><li>Carl Frappaolo </li></ul><ul><li>[email_address] </li></ul><ul><li>617 933 2584 </li></ul>Q & A

×