Abhijit Tannu writes about how Policy Federation is helping to make automated enterprise digital rights management a priority.
Corporations have rightly prioritised perimeter defence as a key focus area for ICT investment. It’s the oldest security paradigm of all: if intruders can’t get in, they can’t steal sensitive information.
However, not much thought is given to insider threats (such as data theft or the misuse or loss of ‘own devices’ in the enterprise) and all the information that these same corporations willingly share with third parties. Collaboration, both internal and external, is the norm for today’s organisations.
We routinely share information on personnel, customers, products and more with a range of internal and external actors, including vendors, suppliers and business partners.
Data sharing is a key part of outsourcing and supply chain dynamics. The chance of data accidentally ‘leaking’ via such interactions, whether intentionally or otherwise, is extremely high.
According to research, sensitive information is sent outside the organisation every 49 minutes, every day (Checkpoint), and business partners are implicated in 32 per cent of all data breaches (Verizon).
This form of collaboration is not just some tactical project-based data sharing – but a strategic business initiative that directly affects the bottom line. Thus, not sharing critical business information is simply not an option.
Research recently conducted by Enterprise Strategy Group (ESG), shows just how widespread, and vital, external collaboration is to today’s enterprises.
In its survey of 200 ICT and cybersecurity professionals in North America conducted in 2016, 18 per cent of respondents said that more than half of employees share files externally. A further 34 per cent of respondents said that between a quarter and half of employees regularly do so.
EDRM to the Rescue?
Enterprise Digital Rights Management (EDRM) solutions have helped alleviate the problems associated with collaboration by allowing enterprises to finely control the privileges associated with shared files.
We can control how long a file can be viewed, on which devices you can open it and exactly what you can do with it. A real-time audit trail tracks who is doing what with a file, at all times.
Traditionally EDRM was effective when individual employees were able to precisely define the granular rights associated with each shared file. This was time consuming and easily overlooked.
Moreover, individual inertia, the time consuming change management efforts, end user mobilisation, and process changes required for this exercise are immense.
New age removes the traditional flaws by making the EDRM tightly integrated with key enterprise systems, including Enterprise Content Management (ECM), Data-Loss Prevention (DLP), Enterprise Resource Planning (ERP) and Enterprise File Synch and Share (EFSS).
Seclore has developed robust pre-built connectors for dozens of today’s critical business applications, allowing EDRM to be added seamlessly to existing business systems.
Rights are automatically assigned to any file that is shared from an enterprise system thereby removing the ‘human effort’ of manually protecting each file.
Integration with enterprise systems is just one part of a complete ‘automated’ EDRM strategy however. Usage policies and rights need to be carefully defined and subsequently kept updated, a process that can be hugely challenging if you are applying it across a number of enterprise systems.
Policy Federation, a feature of the Seclore EDRM platform, has been developed to help with the process of defining the usage policies for automated rights management.
Policy Federation
Policy Federation makes automated Enterprise Digital Rights Management a reality. It leverages access policies defined and managed in your DLP, ECM, ERP, EFSS and other enterprise systems and maps these access policies to the finely-detailed policies controlled by the EDRM solution.
Taking established access policies and extending them across the different enterprise systems considerably reduces the time and effort needed to manage policies and increases the consistency of company’s file-centric policies.
The combination of pre-built connectors and Policy Federation helps smooth the adoption of Enterprise Digital Rights Management. It also helps reduce administrative overheads – which can be crucial in today’s era of pressured IT security budgets and overworked admins.
When customers make full use of these key features, they are able to automatically protect up to 60 per cent of the sensitive documents being shared inside their organisation and with third parties. Automation provides a huge boost in the adoption rates and overall success of an EDRM deployment. Make sure you choose an ERM solution that offers a library of pre-built Connectors, flexible APIs and robust Policy Federation capabilities.