what is irm
Post on 28-May-2015
1.126 Views
Preview:
TRANSCRIPT
What is IRMSecurity and Compliance for unstructured information
Vishal GuptaCEO
Seclorewww.seclore.com
TELEMARKETER
Information exchange in the collaborative world
Information is exchanged between Employees of the organisation
Enterprise
CUSTOMERS
VENDORS
Information is exchanged between employees & vendors & employees & customers
Competitors
VPN
SSL
UTM
Firewall
…
Firewalls
TELEMARKETER
Information exchange in the collaborative world
Enterprise
CUSTOMERS
VENDORS
Competitors
What happens if an employee with privileged access leaves to join a competitor ?
What happens if information shared with a vendor is lost by the vendor ?
VPN
SSL
UTM
Firewall
…
Firewalls
Underlying Issues
Share it = It becomes his (also)Ownership and usage cannot be separated
Shared once = Shared foreverImpossible to “recall” information
Out of the enterprise = Free for allTechnology & processes are only applicable within
The ResultInformation lands up in public websites !
Create Store Transmit & collaborate Use Archive & Backup Delete
DLP Anti-virus Anti-…
Hard disk encryption
SSL UTM
Application security
IDM DLP Vaults Digital shredders
Desktops
Laptops
Heterogeneous policies … Heterogeneous infrastructure
Mobile devices
Removable media
Content Management
Online workspaces
Remote desktops
Information lifecycle …
Shared folders Removable
media
Instant Messaging
Desktops
Laptops
Mobile devices
Archive
Backup
Document retention
Security
Options for securing unstructured information
Option 1 : Control Distribution
. . .
Security Collaboration
Options for securing unstructured information
Option 2 : Control Usage
. . .
Security Collaboration
RightLocation
RightTime
RightAction
RightPerson
• WHO can use the information
People & groups within and outside of the organization can be defined as rightful users of the information
• WHAT can each person doIndividual actions like reading, editing, printing,
distributing, copy-pasting, screen grabbing etc. can be controlled
• WHEN can he use itInformation usage can be time based e.g. can
only be used by Mr. A till 28th Sept OR only for the 2 days
• WHERE can he use it fromInformation can be linked to locations e.g. only
3rd floor office by private/public IP addresses
IRM allow enterprises to define, implement & track information usage “policies”. A “policy” defines :
Information Rights Management
Policy AdminComputer
Policy definition …
… Policy definition
Policy AdminComputer
Owners’sComputer
Policy application by end users …
Owners’sComputer
Information Classification
Protected document
Owners’sComputer
Receiver’sComputer
Disclaimer on document access
Unauthorized attempt to print
Receiver’sComputer
Unauthorized attempt to print
Receiver’sComputer
Unauthorized attempt to copy
Receiver’sComputer
Unauthorized attempt to copy
Receiver’sComputer
“Screen Print” of a protected
document
Unauthorized attempt to print screen
Receiver’sComputer
Audit trails capture authorized activities
ANDunauthorized attempts
Audit trail for compliance
Owners’sComputer
Audit trail for compliance
Owners’sComputer
About …About …
Seclore is a high growth information security product company focussed on providing Security without compromising collaboration
Seclore’s flagship product Seclore FileSecure is used by More than 1 million users & some of the largest enterprises
. . .
Thank You
Vishal Guptainfo [at] seclore dot com
+91-22-4015-5252
www.seclore.com
Scenario: Research reports & drawings
WHO WHAT WHEN WHERE
Read Edit Print Distribute
Sanjiv Yes Yes No No Till the time of employment
Within office network
Rahul Yes No No No 30th November 2009 Within office network
organization
Rahul
Sanjiv
top related