Enterprise Document Protection and Security: The “How To”

Unfortunately, you can never take the security of your business for granted. No matter how big or small it is. There’s always a risk of one of your competitors getting hold of important information or a large-scale cyber-attack. The thought of these events occurring not something any of us like to think about. Yet, it’s just good business sense to do whatever it takes to protect your company. One of the most important areas is enterprise documents. This is a term that covers sensitive information that, if mishandled, can have a damaging effect on your business. There are several samples of documents that needs be accessible internally but also must be restricted to selected individuals. Essentially, these documents are not meant for general distribution outside your selected group(s). They include:

• Account details
• Investor documents
• Contracts
• Client proposals
• Standard operating procedures (SOPs)
• Private data
• Client personal details
• Price lists
• Technical plans
• Plans for future growth

And any kind of information that is sensitive to your business and that you do not want your competitors to see. You may assume that normal computer security systems addressed this issue long ago. Yet, there are still significant gaps in document protection. Controls normally provided with operating systems are based on  ‘access’, which focus on who is able to access documents. To take your security to the next level, you need to control what people can do with and to them. For example, with standard computer security, you can permit who can read a document, but that may not stop a user from printing or screen grabbing it.  There are some more extreme controls you can put in place to prevent unauthorized distribution, such as forbidding access to the printer. However, this would stop the individual from printing anything, which is a little over the top. Additionally, an individual could save a document anywhere, or only in permitted folders.  But, even then users could distribute the documents externally as email attachments or upload them to an FTP server

Challenges of Protecting Enterprise Documents

(Source: Stock.adobe.com) The principal challenge to enterprise document protection is the internet. As the world becomes increasingly reliant on the web to communicate and work, businesses need to strike the balance between convenience and security. As data leaks continue to emerge, the issue of protecting sensitive documents have become paramount. This includes email, instant messaging, and any other form of digital communications - which theoretically can distribute documents around the globe in an instant. Restricting document access and allowing only certain users to view documents can give you a measure of control. However, this is only one part of the challenge businesses face. There’s also the danger of people simply copying or taking a screen grab of such documents and distributing it beyond your control. Yet, a blanket ban on internet use would have a severely negative impact on the running of your business. It would prevent employees from communicating with one another and a whole host of missed opportunities.

Possible Security Solutions

As a result a number of enterprise document security products and services have been developed to focus on these problems. Companies have developed programs that prevent the use of USB or ‘flash’ drives even if installed on the hardware.  Email service providers (ESPs) use scanning techniques to try and detect documents that should not go out, unless encrypted for a specific recipient. The drawback to this solution is that a valid document in a format the scanner fails to recognize could be blocked. As a result, email scanning programs should be used with care. Forbidding the use of personal devices is another option. However, this can be an expensive undertaking and staff tend to use phones or tablets for convenience. So what can be done about it?

Digital Rights Management Program

(Source: Stock.adobe.com) Digital Rights Management (DRM) refers to the ever-evolving technologies and tools that are used to control access to any digital media file. You can use DRM mechanisms to limit the use, duplication, modification, and/or distribution of enterprise documents. This could be referred to eDRM or Information Rights Management (IRM). DRM isn’t restricted to the functionality that prevents access, duplication, and distribution, but also technologies that are effective at deterring these behaviors, either by creating a platform for legal recourse, or by providing an incentive for an alternative, legal consumption of the document. The owners of such documents have several options, many of which can be used in combination with one another, when it comes to implementing DRM. In some cases, these DRM options are media-specific, meaning that a particular DRM mechanism that can apply to a document cannot be used for an audio file and vice-versa. Here’s some examples of the functions DRM can offer:

• Limit number of printed copies
• Restrict the number of IP addresses that can access the document - which ensures confidential documents can only be viewed in one location
• Authorize individuals to use information subject to your limitation
• Prevent distribution of restricted documents
• Impose time limitations on use of documents
• Suspend or cancel document use in real time if necessary
• Distribution of electronic communications - i.e. email, instant messaging

As you can see DRM does much more than standard security programs you find in your computers. With EditionGuard, you can integrate these tools with your existing systems.

How to Integrate DRM

(Source: Stock.adobe.com) Businesses can create their own bespoke DRM systems to fit their needs. There’s a number of measures you can take to add another of security including:

• Fully automated document protection system - protect documents as soon as they’re published
• Single sign-on (SSO) processes for multiple users
• Automation of secure distribution to selected individuals
• Make documents available offline

In order to fully utilize the security DRM can offer, you need to consider the requirements for your business. Each team operate in their own way, and the management of your sensitive documents should reflect this. For example, the automation of secure distribution to selected individuals may be more suitable for one company than the other. The point here is to integrate DRM in a way that works for your business. You may have less, or more, requirements than those above. The key is to consider what works best for your team and act accordingly, while never compromising the security of your documents.

A Final Thought

Given the recent Cambridge Analytica scandal, it’s not surprising data security is at the forefront of our minds. For businesses, enterprise document security can be damaging in two ways:

1. Loss of sensitive data: This covers information that could be beneficial to your competitors. It would mean you would lose your advantage and allow your rivals to get ahead. Inevitably, this would have a negative effect on your profits and business. It could also include confidential details on investment, which if leaked, would lead to a loss of potential growth.
2. Loss of client details: The public are increasingly aware of the dangers posed by data leaks, particularly if it’s their own personal details. They are also aware of their rights, and since the protection of such data is your responsibility, you will be leaving your business open to court action. We don’t need to tell you the potential ramifications of this.

So, a properly managed and maintained DRM for enterprise documents is pivotal to the health of your business. With EditionGuard, we can provide this invaluable support and ensure your company’s most sensitive documents are fully protected.