1. N o r t h A m e r i c a
I R M S e c u r e
2 8 0 0 S k y m a r k A v e n u e , # 4
M i s s i s s a u g a , O n t a r i o , L 4 W 5 A 6
C A N A D A
Te l : +1 . 9 0 5 . 3 6 6 . 4 4 4 4 / F a x : +1 . 9 0 5 . 3 61 . 0 7 8 9
Europe
SecuLogica /IRM Secure
Werdener Strasse 8
40277Duesseldorf
GERMANY
Tel:+49.211.1780.7778
WWW.IRMSECURE.COMi n f o @ i r m s e c u r e . c o m
IRMSECURE
Protect What You Share
IRM
Information Rights Management
A White Paper
Author: Bill Hube
Date: January 13 2015
Location: Mississauga, Canada
2. Index
Protecting what you Share 2
Data Loss 2
The Security vs. Collaboration Conundrum 3
Information Rights Management (IRM) Defined 5
IRM by SecuLogica 6
Key Elements 6
• Functional 7
• Encryption 7
• Scalable 7
• Simple 8
• Secure 8
• Flexible 8
• Restricted Enviroments 9
• Customizable 9
Conclusion 9
About IRMSecure 10
3. Information Rights Management
Protecting what you Share
A common assertion that many (if not all) businesses make is that their
“people are the most important asset.”
While this may be true, a very close second in terms of importance, is a company’s data. Imagine a
company losing all of its data (proprietary information, financial data, confidential files etc.) – could
they survive?
Many companies have survived fire, stock-market crashes, loss of key personnel but statistics say that
60% of companies that lose their data shut down within six months of the loss.*
Data Loss
The common perception is that Data Loss means being hacked.
While this is, obviously, a major source of concern and a major source of data loss, much of the time,
this very important company asset is lost in a much less hostile or overt manner.
Consider the ways: an unhappy employee printing sensitive financial data and removing it from a
protected environment; information emailed to one trusted collaborator but then forwarded to
someone never intended to see it or a confidential file meant to be distributed amongst those
dwelling in the C-Suite sent accidentally to the shop-floor instead, where those that receive it don’t
have the benefit of context.
*statistic from:www.boston computing.net/consulltation/databackup/statistics
2
4. This passive, less obvious loss of data is one that most companies don’t address – usually
for one of two reasons: First, because they either don’t know it exists or don’t understand
the extent of the damage and second, because they don’t believe it can be stopped. This
belief is rooted in what can be described as the Security vs. Collaboration Conundrum.
The Security vs. Collaboration Conundrum
It seems an unsolvable problem. To advance its
business, a company must collaborate with those
outside of its enterprise – customers, sub-contractors,
consultants, auditors – the list is endless.
Secondly, businesses must give employees access to sensitive data and simply trust that
those employees will use that data only for the companies business purposes.
3
5. The Security vs. Collaboration Conundrum continued
However collaborating means sharing data, which
means risking data loss. The alternative is to protect
data by building a virtual wall around it and giving no
“outsiders” access to it; but by limiting this valuable
and essential collaboration, a company shackles its
ability to do business and risks failure.
When considering this conundrum it seems companies have two options – neither being ideal:
Collaboration and risk loss of data or Security and risk loss of customers and innovation.
What if there were a third choice? One that would balance collaboration and security?
4
6. Information Rights Management (IRM) Defined
An IRM solution essentially gives a user the ability to control his or her data even after it has
been shared outside of the company’s traditional storage solution, or its secure perimeter.
There are several existing ways to control documents (emails, documents, multi-media files,
webpages etc.) while they reside inside a company’s secure perimeter – an IRM solution
extends that control outside this perimeter regardless of where they are stored, be it on anoth-
er PC, laptop or server.
This function is completed by assigning security (rights) to the specific information as opposed
to assigning security to where it is stored.
IRM works by granting a user the ability to encrypt any file over which he or she has control and
then having that user selectively grant access to that file.
That access control can come in several forms
• by specific user
• by specific group of users
• by a specific time-frame
• by location
• ....
5
7. Information Rights Management (IRM) Defined cont,
The file controller also has the ability to control what is done with this data:
• viewing
• printing
• editing
• managing.
This access is granted by the exchange of meta-data and encryption keys only – one of the
cornerstones of IRM is that the solution provider manages only these things – the company’s
actual data never resides on the provider’s servers.
IRM by SecuLogica
It’s a fact that the only truly secure computer is one that is turned off, disconnected from any
network and in a place that is inaccessible.
That computer is also, for all intents and purposes, of no use.
The goal of SecuLogica is to make it safe for that computer to be put into a network by
equipping it with software that will make its data as secure as possible while at the same time
simple and easy to use.
At the top of the “must-have” list when developing our solution was simplicity of
implementation coupled with ease of use.
Without these, the solution ran the risk of not being used, obviously nullifying its effectiveness.
The overseeing vision of the developers was to become a standard for protecting the
information that is shared and stored - whether inside or outside the protected perimeter of a
company or individual.
The key elements of this vision are: Interoperability – so that any SecuLogica user can exchange
information with anyone securely, no matter whether it is a corporate or private user;
Ease of Use – so that the technology can be used by anyone, anywhere on any device and a
groundbreaking Business Model.
6
8. Each of the following features of SecuLogica has been designed with these key elements in mind:
• Functional – a solution is not much of a solution if
it doesn’t serve a company’s specific purposes. With that
in mind SecuLogica supports virtually every relevant file
format including all Microsoft Office formats. Additionally
all text, .pdf, AutoCAD and virtually all image and video
formats are supported.
SecuLogica is unique in the current IRM marketplace in that it supports close to 100 different
multi-media formats over most platforms – including Windows, Android, iOS and Blackberry apps.
This feature even enables users the ability to protect and share photographs captured by mobile
devices. Social media consoles and its users (Facebook, Twitter, Instagram) can all benefit from the
use of SecuLogica.
• Encryption – files protected with SecuLogica are encrypted using one of the
AES algorithm. The encryption key is generated randomly on a server with a variable length that the
user can easily configure locally – either 128 or 256 bits
( 256 is the default).
It is important to repeat that SecuLogica does NOT store a user’s files – it manages only Meta-data
and encryption keys. The file stays in the control of the file’s owner at all times. Also, the database
holding the encryption keys are themselves encrypted adding another layer of protection.
• Scalable – SecuLogica installations are done through licenses purchased through the vendor
meaning an increase or decrease in the number of users is easily handled through the addition of
additional licensees. There is no limit to the number of licenses on an account and new users are
simply and easily added to the user group by a named administrator.
7
9. • Simple – at the user level, SecuLogica was designed to be simple and quick to use. In the
majority of cases, protection by encryption is done by two mouse clicks.
The assignment of permissions is done through a straightforward, easy-to-use online console.
At the receiver’s end, a file is opened up exactly the same way the user would open any file.
Once the open command for the encrypted file has been initiated, a command to compare the
meta-data and encryption key is sent to the key server.
If the keys match, the file opens in exactly the same way it would were it not encrypted.
If they don’t match, a message will be displayed
on the user’s monitor telling him or her that the
file has been protected and can’t be opened
without proper permissions. This sequence of
opening a file takes place with very little or
no latency.
• Secure – The security of a company’s data is defined by how secure access to
SecuLogica is. The administrator of the SecuLogica Corporate Service can decide which authenti-
cation method the users of the organization must use.
SecuLogica supports basic username and password authentication, along with authentication
against external providers that are compliant with OpenID or OAuth protocols and it can be fully
integrated with LDAP or Active Directory.
• Flexible – SecuLogica was designed for simple installation and deployment in virtually any
business or personal setting. If Cloud services are required, SecuLogica provides its users with
servers housed in professional data centres with the highest level of security available. Alternatively,
SecuLogica is available as an On-Premise solution that can be installed at the customer’s facilities
with full installation and training services provided on-site.
8
10. • Restricted Environments – For those users that cannot install the application due to being
in a closed environment or public point of access, SecuLogica offers as an independent service -
SecuLogica Drag’n Drop.
This is a website application where a user can upload a protected file that can be viewed in a web
viewer by a user he or she has authenticated.
Additionally, a user can protect a file using Drag’n Drop if they require it but are not in an
environment where they are permitted to do so.
• Customizable – While the protection of single files is the cornerstone of SecuLogica, we
also recognize the need for large scale protection.
This can be easily achieved with the installation and use of a “Protected Folder.”
This is a repository for any files within a company’s domain that they need to protect.
This is completed by simply dropping a file into the protected folder. This will protect the file and
subsequent to that, permissions for that file are applied.
Customers using SharePoint 2010 or 2013 can use SecuLogica to protect document libraries.
SharePoint access rights are applied as the equivalent SecuLogica permissions automatically.
Conclusion
With the implementation of an IRM solution for its data, any business can establish a comfort level
by striking a balance between the need for Collaboration and the need for Security.
Choosing the right IRM solution extends that comfort level to a place of
• simplicity
• ease of use
• cost effectiveness
• flexibility
SecuLogica will allow users to safely secure vitally important corporate assets.
“PROTECT WHAT YOU SHARE”
9
11. About IRM Secure
IRM Secure is a high growth security software product company, providing security solutions in the
areas of information usage control, Information Rights Management (IRM) and secure outsourcing.
We are the exclusive Integrator in North America for SecuLogica.
Our expertise lies in the control of information post distribution, irrespective of its location and
mode of transfer.
With this the receiver is able / not-able to distribute, edit, print, copy-paste, screen-grab
information from a secured document.
It is also possible to remotely destruct the documents at the receiver’s end at any time.
Along with our Fortune 500 clients, some of the largest companies in banking, financial services,
insurance, engineering services, and educational institutes use our technology to secure unstruc-
tured data that is used internally or provided to a vendor for outsourced processes.
To contact IRMSecure please email us at info (at) irmsecure.com
North America
IRM Secure
2800 Skymark Avenue, #4
Mississauga, Ontario, L4W5A6
CANADA
Tel: 905.366.4444 / Fax: 905.361.0789
Europe
SecuLogica /IRM Secure
Werdener Strasse 8
40277Duesseldorf
GERMANY
Tel:+49.(0).211.1780.7778
WWW.IRMSECURE.COMi n f o @ i r m s e c u r e . c o m 10
IRMSECURE
Protect What You Share