The Growing Burden of Content Control for CIOs, CISOs, and CTOs
Files containing sensitive information tend to last a long, long time. And the volume of content keeps piling up, as a recent Ovum Research report reveals.
1 November 2014
Applications, hardware, communications and other technologies come and go — think OS/2, VAX, SNA, token ring, the telegraph, among other electronics-based solutions. Not so much the data these technologies created, stored, or modified.
Files containing sensitive information tend to last a long, long time. In fact they are sort of immortal. And the volume of content keeps piling up, as a recent Ovum report reveals. Titled “Content is the New Perimeter,” it notes how chief information officers and chief technology officers face “huge challenges” managing documents over the long-term.
Companies are retaining more and more data and records, and not necessarily properly indexing or cataloguing them.
The Hidden Life of Docs
Ovum points out how files can wind up in the wrong hands — or be misused by the right hands. Let’s consider any given confidential business record stored in some database, or on a file server. Did someone share that document with a mobile user? A regulator? Perhaps someone attached the document in an email and sent it to a consultant or customer? Or did someone — without permission — store it in a consumer-grade file sharing and storage service?
Have you precisely catalogued this file and stored it until the appropriate time for its deletion (if it was to be destroyed)? Then it’s safe to assume it is probably alive somewhere, in a copy, and possibly, outside your firewall. And it just might cause a company to be in non-compliance if not tracked.
In some cases, the firms with these floating documents and data are in regulated industries, such as a finance or health care. Their records and files must be retained for a set period of time. So what is a CIO, CISO or CTO to do? Ovum discusses strategies to cope.
Using IRM to Protect File Security
One way to protect content is to manage it inside a company’s own enterprise content management (ECM) platform. However, the ECM system doesn’t necessarily manage the permissions of what end users can do with the document — such as view, print, or edit it.
To take the security further, users can apply Information Rights Management (IRM) technology to the content. IRM works at the file level, but it doesn’t interfere with the permitted sharing of the document for collaboration.
Rather, as Ovum states, “the products allow IT managers to maintain a tight control over who can access documents and what they are able to do with them. Further, it provides full auditability which helps CIOs or CSOs ensure compliance with a range of regulations.” These controls remain in force for the lifecycle of the document — even if it has left the enterprise in which it originated.
Interested in learning more about IRM? Then click here.
Marc Songini has worked in the information technology field for more than 16 years. His roles have included those of journalist, analyst, and marketing communications specialist. He admits that when he started out as a cub high tech reporter, Netscape was still rocking the industry with a wondrous new user interface called a “browser.” During his 10 years with International Data Group (IDG), Marc wrote for NetworkWorld and Computerworld, both award-winning magazines. Marc specializes in cloud, enterprise apps, and figuring out the meaning of being human in an automated world.