Striking the Balance Between Information Security and Usability
With growing business concerns around data security, privacy and compliance, here's how organizations can strike the balance between security and usability.
20 August 2015
Whether your organization is sharing files for strategic mergers and acquisitions, sending sensitive HR files to outside counsel, or collaborating on new brand messaging with internal teams, everyone in business today has the need to share something — and that something needs to have security around it to keep it protected, controlled, and in your organization’s hands.
In our last interview podcast with Risky Business, we talked about the growing business concerns around data security, privacy and compliance in the cloud and how enterprises can protect their data from risk. Recently, I had the chance to sit down with Patrick Gray of Risky Business to discuss how organizations can strike the balance between information security and usability for their clients. Listen to the podcast below to find out how.
Most IT and information security teams have started to realize that they need to provide their employees with secure and compliant tools to share business information so that their employees don’t seek unsanctioned free tools elsewhere to get their jobs done. We know a lot about this at Intralinks. Intralinks got its start in storing and securing information around loan syndication, and from there moved to mergers and acquisitions data which is a segment that we're now very well known for. Now, with the additions of our other solutions, such as Intralinks VIA®, we can facilitate information sharing and collaboration for any organization, of any size, across any vertical space.
Research conducted by the Ponemon Institute confirmed that malware, physical theft, and other external threats aren’t the only types to cause data leakage. Ungoverned file sharing by employees, or the threat of Shadow IT, is just as severe of a threat. Sixty percent of IT security professionals surveyed have often or frequently either used personal file sharing applications at work, sent unencrypted emails, failed to delete confidential documents as required, or accidentally forwarded files to unauthorized individuals.
Two Endpoints: Ease of Use and Security
I like to look at the content sharing market as having two endpoints. On one end, there are solutions developed with strategy in mind of ease of use, to make sharing simple. And on the other end of the spectrum are solutions that put security first. Both ease of use from an adoption standpoint and security from a protection standpoint are important capabilities when it comes to secure online file sharing solutions. Some solutions try to find a happy medium between the two endpoints, but sometimes you can have the best of both worlds.
For Intralinks, what we've done is look for ways to take what we believe are the most important or crucial security technologies and remove the friction from them where possible. For example, probably one of the most popular information security features right now on the market is rights management over documents which we refer to as information rights management (IRM). It’s not a new way of thinking, but when it came to enterprise content in particular, it was cumbersome. IRM is needed to keep content controlled wherever it goes, especially after it leaves the organization. But in some cases, IRM can make it more difficult or inefficient for people to get work done considering users have to install software on a desktop and the likes. So at Intralinks what we decided to do was take our secure rights management capability and look for ways to be able to remove the usability friction. We start as secure as we can, and then we move towards ease of use. As a result, we implemented plugin-free rights management to bridge that gap.
Organizations can have the unbreakable confidence to get work done and keep their work secure and controlled, wherever it goes. They just need to have the right tools and process in place to do so.
To learn how your company can strike the balance between information security and usability, listen to my podcast with Risky Business above. Hope you enjoy it. If you have any questions or want to let us know what you think, just drop a note in the comments below.
Todd Partridge is Vice President, Product Marketing at Intralinks. He has broad industry experience in the enterprise information management (EIM) space, with deep expertise in all trends and technologies related to information governance, enterprise content management, document management, web content management, business intelligence, team collaboration, e-mail management, and enterprise records management practices. In his previous role at OpenText, Todd held several global positions ranging from sales, marketing, product management, positioning and strategy.