If you are like most organizations, you have dozens of solutions involved in producing, storing, and sharing documents and data. While these systems are all great for their specific task, none of them are able control information once it is arrives on the desktop or device of the end user. Protecting ‘data-at-work’ is the remaining security gap…and it’s a big one, compounded by the fact that external collaboration is growing at incredible rates.
Enterprise Rights Management (ERM), with its persistent, data-centric security is the answer – not only for data-at-work, but for data-at-rest and in-transit as well. The best way to implement Enterprise Rights Management and make it readily adoptable is to seamlessly integrate the file protection process with your existing systems. When you connect ERM with existing systems, you will be able to automatically protect files as they ‘exit’ these systems. In fact, with the right ERM solution, you can even leverage and augment the access policies you’ve already established in existing systems, something we call Policy Federation.
Here are some examples of where ERM can be added to existing systems:
Enterprise Content Management (ECM): As files are downloaded from the ECM system, persistent, granular controls are automatically added to the content.
Enterprise File Sync & Share (EFSS) and Managed File Transfer (MFT): While EFSS and MFT systems can control who can ‘receive’ files…once those files are downloaded, you have lost control over how and where they are used. By connecting ERM to the process, persistent, granular usage controls travel with the file.
Enterprise Resource Planning (ERP): As spreadsheets and reports are downloaded, persistent rights are automatically added to the data, protecting that information wherever it travels.
Data Loss Prevention (DLP): DLP is great at detecting sensitive information…but then what? By adding ERM to DLP, you can automatically wrap a sensitive file with persistent security.
Seclore Rights Management is the most integration-friendly Enterprise Digital Rights Management system in the world. In fact, Seclore offers over a dozen pre-built connectors for existing systems and robust, easy-to-use APIs. The more you integrate, the more you can automate protection, and the faster you will close your security gap.
Many EDRM offerings were developed (or acquired and bolted on) as an ‘extension’ to another system. Some rights management capabilities were bolted on to existing Enterprise Content Management (ECM) systems, others as extensions to Enterprise File Synch and Share (EFSS) solutions.
In the case where EDRM was developed as an ‘adjunct’ to the primary offering, or acquired and bolted on, it is typically devoted to that particular ECM or EFSS solution. In both cases, the R & D required to evolve and innovate the rights management capabilities is often limited, since it is a secondary offering.
The big challenge is that most organizations have multiple ECM solutions in the organization. Organizations are also often using multiple EFSS systems, or work with partners who want to use a different EFSS method. And when M & A occurs, the organization will often inherit additional brands of ECM and EFSS. Having an EDRM that is ‘locked down’ to a particular offering places limits on how many sensitive files can be protected, hindering adoption and reducing the ability to stop data leaks.
The organization will benefit more by having a pure-play EDRM system that easily plugs-in to many different enterprise solutions, not just ECM and EFSS systems, but DLP, ERP, Legacy Applications, and SIEM offerings as well. The ability to connect EDRM with multiple enterprise solutions will enable the organization to ‘automatically’ add rights to files as they are downloaded, shared or discovered. As well, when EDRM is the focus for the vendor, they are applying all of their R & D and expertise to file-centric security innovation.
Our prediction is that as persistent file-centric security becomes a mainstream security requirement in 2016, organizations will look for open, agnostic, pure-play EDRM solutions to ensure on-going innovation and flexibility in integration with other enterprise systems.