fasoo secure document for filenet 2014-2q
DESCRIPTION
FileNet can increase efficiency, improve control of information and reduce overall cost of information management of organizations, but cannot provide sufficient security at all times. Fasoo’s data-centric security solution (enterprise digital rights management - DRM, information rights management - IRM) safeguards and prevents unauthorized use of FileNet documents and provides persistent and reliable protection of data at rest, in transit or in use.TRANSCRIPT
Copyright © 2014 Fasoo
Fasoo protects, controls and tracks FileNet documents persistently no matter where they are
Your Data at Rest, in Transit or in Use Must be Encrypted Continuously!
Data-Centric Security Solution for FileNet
Copyright © 2014 Fasoo
Lifecycle Management
Workflow & Routing
Library Services
Archive
Search
Security & Access Management
T housands of organizations use FileNet to increase efficiency, improve control of information and reduce overall cost of information management.
o organizations still maintain control of FileNet documents that have left protective confines of repository?
fter documents are downloaded, FileNet’s perimeter security is no longer effective, and organizations lose control of their digital assets.
DContent
Create Reuse
Control AccessA
Copyright © 2014 Fasoo
• Millions of confidential files are exposed by current and former employees each year
• 80% increase in insider theft in 2013 from 2012 (idtheftcenter.org)
• 58% of information security incidents attributed to insider threats (infosecurity-magazine.com)
• 29% of total thefts are employees stealing business ideas (universalshredding.com)
After FileNet documents are downloaded by users, the documents can be read, saved and printed by any user without restrictions, thus risk of data loss increases dramatically.
Competitors
Viewed, Distributed
FileNet
Documents are stored, shared and managed within FileNet
After legitimately downloading a FileNet document, a user can use and share the document without any restriction
Copied, Edited and Printed
Authentication
Partners/Contractors
Prospects
Viewed, Distributed
Copyright © 2014 Fasoo
• FileNet alone cannot provide persistent protection throughout the document lifecycle
• There is no way to track user/file activities of FileNet documents after files are downloaded
• Legitimately downloaded FileNet documents can easily be copied and printed by or shared with unauthorized users
• Local copies of FileNet documents should be protected from unauthorized screen capture attempts
• Derivatives of FileNet documents created at a PC should also be protected
FileNet can increase efficiency, improve control of information and reduce overall cost of information management of organizations, but cannot provide sufficient security at all times.
• Protecting and tracing FileNet documents beyond controlled boundaries at all times
• Ensuring FileNet documents are only accessed by the intended audience with appropriate access privileges
• Leveraging existing FileNet security permissions (e.g., View Content, Modify Content) for data security
• Applying automatic encryption policy based on FileNet security classification (e.g., Confidential, Strictly Confidential)
• Revoke access of FileNet documents that have been distributed when required
Fasoo’s data-centric security solution safeguards and prevents unauthorized use of FileNet documents and provides persistent and reliable protection of data at rest, in transit or in use.
Copyright © 2014 Fasoo
• Automatically encrypting (encapsulating) a classified FileNet document at download• Applying granular access controls (permission) to FileNet documents at all times
‐ Who can access, ‐ What actions can be done to the file (e.g. edit, print, screen capture, etc.)
• Providing audit trails of protected FileNet documents, including files that have already been distributed• No need to setup additional DRM policies for FileNet object store folders
Fasoo Enterprise DRM persistently protects, controls and tracks FileNet documents no matter where they are
FileNet
Based on the security classification of the FileNet document, it is automatically encrypted upon download
A user can access a document without any restriction
A user without proper credentials cannot access
the document
A user can access a document with limited permissions
FSD Server
Revoked – Disconnected access to the document
Unclassified Document
Confidential Document
Copyright © 2014 Fasoo
FSD for FileNet | Defining Target FileNet Object Store Folders for Encryption• To set a target object store folder to encrypt FileNet documents at download, administrators can specify the object store folder path in the FSD
administration console as shown below• All classified FileNet documents under the target directory will be automatically encrypted at download without user intervention• Once the protection is applied, the policy travels with the documents, whether the documents are at rest, in transit, or even in use
Copyright © 2014 Fasoo
FSD for FileNet | Defining Auto Encryption Policy based on Security Classification• FSD allows an administrator to set an encryption policy based on FileNet security classification• For example, if users select “Confidential” or “Strictly Confidential” security classification, the file will be encrypted at download • If the document is classified as “Unclassified”, the file will not be encrypted
Not Encrypted
at Download
Encrypted at
Download
Copyright © 2014 Fasoo
FSD for FileNet | Setting up DRM Policy for FileNet Documents• Instead of setting up a separate DRM policy to FileNet object store folders or files, administrators can map any combination of DRM permissions
(e.g., View, Edit, Print…) on the existing FileNet permissions (security level), such as View Content, Modify Content or Owner Control• As a result, FileNet users will have different access privileges to the protected documents depending on their FileNet credentials
*FileNet Security Level: Owner Control, Promote Version, Modify Content, View Content, etc.
FileNet Security Level
Fasoo DRM Permission
Copyright © 2014 Fasoo
FSD for FileNet | Protecting FileNet Documents Continuously• When a classified FileNet document is downloaded from a Fasoo-protected object store folder, the document will be encrypted automatically,
and a Fasoo lock icon is displayed on the file as shown below• The local copy of a protected document will retain the security control of FileNet at all times, thus only authorized FileNet users can access the
document based on their FileNet credentials
Copyright © 2014 Fasoo
FSD for FileNet | Protecting Derivative Files of FileNet Documents• In general, FileNet users with Modify Content permission will have View and Edit rights to the protected documents, and will be restricted from
printing, screen capturing or decrypting the files• When the users attempt to save a protected Excel file as a PDF file, the converted PDF file will maintain the DRM policy of the Excel file, and
users will have the same limited access to the PDF file
Save As
Copyright © 2014 Fasoo
FSD for FileNet | Preventing Unauthorized Content Extract of FileNet Documents• FileNet users with Modify Content permission can view and edit protected documents, but unauthorized copy and paste actions are disallowed• A user with Modify Content permission may copy content from a protected document, but cannot paste it to a unprotected document• Copy and paste actions are only allowed between protected documents unless the users have Decrypt permission to the protected documents
Copyright © 2014 Fasoo
FSD for FileNet | Preventing Unauthorized Screen Capture of FileNet Documents• Unauthorized screen capture attempts should not be allowed while accessing protected documents• To prevent unauthorized screen capture, Fasoo adds a masking layer to captured images of protected documents• When users are accessing protected documents, some capture tools may be restricted from use• Accessing protected documents in virtual machines and web conferencing tools may be restricted depending on users’ credentials
Copyright © 2014 Fasoo
FSD for FileNet | Allowing Offline Access to FileNet Documents• Although it is not recommended, offline access may be granted to specific users and groups• Users with offline access may access protected documents with given permissions without connecting to the policy server• User/file activities are collected by the DRM Client while users are offline, and sent to the policy server when users are back online
Copyright © 2014 Fasoo
FSD for FileNet | Tracking User Activities of FileNet Documents• Every usage log of protected FileNet documents is sent to the policy server, even when the document has been used offline, the usage log will
be sent to the server when the device is re-connected• The FSD administration console offers suitable tools for the document owner or administrator to review and audit activities of users and
documents including user ID, file name, accessed rights, IP address, time & date, etc.
Copyright © 2014 Fasoo
FSD for FileNet | Accessing Protected FileNet Documents on Mobile Devices• Protected FileNet documents can be securely accessed on iOS or Android mobile devices using Fasoo Mobile Solution• Fasoo Mobile Solution consists of a gateway that normally sits in the DMZ and relays permission requests to the policy server, and mobile app
which can be installed on mobile devices via App Store and Android Market• After proper user authentication and permission validation processes, mobile users can access the protected documents with screen watermark
(e.g., company logo, file name, user ID, time & date, etc.), and mobile access logs are collected and managed at the server
Copyright © 2014 Fasoo
• Organizations that need to have employees share sensitive files internally according to set security polices for users, groups, departments, etc.
• Organizations that have employees who frequently work outside of the office or often go on business trips
• Organizations with high employee turnover that work with valuable intellectual property
Who needs this solution?
Customer Benefits
Raising Competitive AdvantageOptimizing Productivity |
Building reputation & gaining customer trust
Complying w/ regulations
Protecting sensitive information to prevent data breach events
Simplifying secure inter-organizational collaboration
Encrypting automatically based on security classifications without user intervention
Offering flexibilities to users to improve productivity
Enabling better managed workflows via data-centric security
Copyright © 2014 Fasoo
Business Area
Sharing and Collaborating Internally Printing and Displaying Your Files
Collaborating with Partners & Customers
Sharing and Syncing Files in the Cloud Sharing Files to Your Mobile Device
Monitor with Pattern Based Strategy
Fasoo Secure Node (FSN)Secure all files created and saved on any PC
Fasoo Secure Document (FSD)Securely share sensitive files downloaded from repositories. Integrate easily with Microsoft SharePoint, IBM FileNet, etc.
Fasoo Secure Exchange (FSE)Share sensitive files securely through email, FTP, USB, the cloud and more
Fasoo Mobile Solution (FMS)Prevents data breaches with Mobile Data and Access Management (MDAM)
Fasoo Usage Tracer (FUT)Monitor and manage user/file activities through usage log analysis
Fasoo Secure Print (FSP)Trace printing activities and help deter leaks of printouts by mandating the use of watermarks
Fasoo ePrintManage and control all printouts for a secure and efficient printing environment
Fasoo Secure Screen (FSS)Safeguard the content on your screen from capture tools and cameras
DigitalQuickSecurely sync, store, and share files in the cloud, desktop and mobile device
Copyright © 2014 Fasoo
Fasoo has been successfully building its worldwide reputation as an EDRM (enterprise digital rights management a.k.a. information rights management, IRM) solution provider with industry leading solutions and services. Fasoo solutions allow organizations to prevent unintended information disclosure or exposure, ensure a secure information-sharing environment, better manage workflows and simplify secure collaboration internally and externally. Fasoo Enterprise DRM, a data-centric security solution safeguards and prevents unauthorized use of digital files and provides persistent and reliable protection of the documents with effective file encryption, permission control and audit trail technologies. Fasoo has successfully retained its leadership in the EDRM market by deploying solutions for more than 1,200 organizations in enterprise-wide level, securing more than 2 million users.
About Fasoo
US Headquarters197 State Route 18 South, East Brunswick, NJ 08817, USA
Global Headquarters396 WorldCupbuk-ro, Mapo-gu, Seoul 121-795, South Korea
Web: www.fasoo.com
Email: [email protected]
Phone: (408) 389-3097 (US HQ) | +82-2-300-9000 (Global HQ)