SlideShare une entreprise Scribd logo

IRMSecure on SecuLogica White Paper 12 02 2015

J
Jim Kitchen
1  sur  11
Télécharger pour lire hors ligne
N o r t h A m e r i c a I R M S e c u r e 2 8 0 0 S k y m a r k A v e n u e , # 4 M i s s i s s a u g a , O n t a r i o , L 4 W 5 A 6 C A N A D A Te l : +1 . 9 0 5 . 3 6 6 . 4 4 4 4 / F a x : +1 . 9 0 5 . 3 61 . 0 7 8 9 Europe SecuLogica /IRM Secure Werdener Strasse 8 40277Duesseldorf GERMANY Tel:+49.211.1780.7778 WWW.IRMSECURE.COMi n f o @ i r m s e c u r e . c o m IRMSECURE Protect What You Share IRM Information Rights Management A White Paper Author: Bill Hube Date: January 13 2015 Location: Mississauga, Canada
Index Protecting what you Share 2 Data Loss 2 The Security vs. Collaboration Conundrum 3 Information Rights Management (IRM) Defined 5 IRM by SecuLogica 6 Key Elements 6 • Functional 7 • Encryption 7 • Scalable 7 • Simple 8 • Secure 8 • Flexible 8 • Restricted Enviroments 9 • Customizable 9 Conclusion 9 About IRMSecure 10
Information Rights Management Protecting what you Share A common assertion that many (if not all) businesses make is that their “people are the most important asset.” While this may be true, a very close second in terms of importance, is a company’s data. Imagine a company losing all of its data (proprietary information, financial data, confidential files etc.) – could they survive? Many companies have survived fire, stock-market crashes, loss of key personnel but statistics say that 60% of companies that lose their data shut down within six months of the loss.* Data Loss The common perception is that Data Loss means being hacked. While this is, obviously, a major source of concern and a major source of data loss, much of the time, this very important company asset is lost in a much less hostile or overt manner. Consider the ways: an unhappy employee printing sensitive financial data and removing it from a protected environment; information emailed to one trusted collaborator but then forwarded to someone never intended to see it or a confidential file meant to be distributed amongst those dwelling in the C-Suite sent accidentally to the shop-floor instead, where those that receive it don’t have the benefit of context. *statistic from:www.boston computing.net/consulltation/databackup/statistics 2
This passive, less obvious loss of data is one that most companies don’t address – usually for one of two reasons: First, because they either don’t know it exists or don’t understand the extent of the damage and second, because they don’t believe it can be stopped. This belief is rooted in what can be described as the Security vs. Collaboration Conundrum. The Security vs. Collaboration Conundrum It seems an unsolvable problem. To advance its business, a company must collaborate with those outside of its enterprise – customers, sub-contractors, consultants, auditors – the list is endless. Secondly, businesses must give employees access to sensitive data and simply trust that those employees will use that data only for the companies business purposes. 3
The Security vs. Collaboration Conundrum continued However collaborating means sharing data, which means risking data loss. The alternative is to protect data by building a virtual wall around it and giving no “outsiders” access to it; but by limiting this valuable and essential collaboration, a company shackles its ability to do business and risks failure. When considering this conundrum it seems companies have two options – neither being ideal: Collaboration and risk loss of data or Security and risk loss of customers and innovation. What if there were a third choice? One that would balance collaboration and security? 4
Information Rights Management (IRM) Defined An IRM solution essentially gives a user the ability to control his or her data even after it has been shared outside of the company’s traditional storage solution, or its secure perimeter. There are several existing ways to control documents (emails, documents, multi-media files, webpages etc.) while they reside inside a company’s secure perimeter – an IRM solution extends that control outside this perimeter regardless of where they are stored, be it on anoth- er PC, laptop or server. This function is completed by assigning security (rights) to the specific information as opposed to assigning security to where it is stored. IRM works by granting a user the ability to encrypt any file over which he or she has control and then having that user selectively grant access to that file. That access control can come in several forms • by specific user • by specific group of users • by a specific time-frame • by location • .... 5
Information Rights Management (IRM) Defined cont, The file controller also has the ability to control what is done with this data: • viewing • printing • editing • managing. This access is granted by the exchange of meta-data and encryption keys only – one of the cornerstones of IRM is that the solution provider manages only these things – the company’s actual data never resides on the provider’s servers. IRM by SecuLogica It’s a fact that the only truly secure computer is one that is turned off, disconnected from any network and in a place that is inaccessible. That computer is also, for all intents and purposes, of no use. The goal of SecuLogica is to make it safe for that computer to be put into a network by equipping it with software that will make its data as secure as possible while at the same time simple and easy to use. At the top of the “must-have” list when developing our solution was simplicity of implementation coupled with ease of use. Without these, the solution ran the risk of not being used, obviously nullifying its effectiveness. The overseeing vision of the developers was to become a standard for protecting the information that is shared and stored - whether inside or outside the protected perimeter of a company or individual. The key elements of this vision are: Interoperability – so that any SecuLogica user can exchange information with anyone securely, no matter whether it is a corporate or private user; Ease of Use – so that the technology can be used by anyone, anywhere on any device and a groundbreaking Business Model. 6
Each of the following features of SecuLogica has been designed with these key elements in mind: • Functional – a solution is not much of a solution if it doesn’t serve a company’s specific purposes. With that in mind SecuLogica supports virtually every relevant file format including all Microsoft Office formats. Additionally all text, .pdf, AutoCAD and virtually all image and video formats are supported. SecuLogica is unique in the current IRM marketplace in that it supports close to 100 different multi-media formats over most platforms – including Windows, Android, iOS and Blackberry apps. This feature even enables users the ability to protect and share photographs captured by mobile devices. Social media consoles and its users (Facebook, Twitter, Instagram) can all benefit from the use of SecuLogica. • Encryption – files protected with SecuLogica are encrypted using one of the AES algorithm. The encryption key is generated randomly on a server with a variable length that the user can easily configure locally – either 128 or 256 bits ( 256 is the default). It is important to repeat that SecuLogica does NOT store a user’s files – it manages only Meta-data and encryption keys. The file stays in the control of the file’s owner at all times. Also, the database holding the encryption keys are themselves encrypted adding another layer of protection. • Scalable – SecuLogica installations are done through licenses purchased through the vendor meaning an increase or decrease in the number of users is easily handled through the addition of additional licensees. There is no limit to the number of licenses on an account and new users are simply and easily added to the user group by a named administrator. 7
• Simple – at the user level, SecuLogica was designed to be simple and quick to use. In the majority of cases, protection by encryption is done by two mouse clicks. The assignment of permissions is done through a straightforward, easy-to-use online console. At the receiver’s end, a file is opened up exactly the same way the user would open any file. Once the open command for the encrypted file has been initiated, a command to compare the meta-data and encryption key is sent to the key server. If the keys match, the file opens in exactly the same way it would were it not encrypted. If they don’t match, a message will be displayed on the user’s monitor telling him or her that the file has been protected and can’t be opened without proper permissions. This sequence of opening a file takes place with very little or no latency. • Secure – The security of a company’s data is defined by how secure access to SecuLogica is. The administrator of the SecuLogica Corporate Service can decide which authenti- cation method the users of the organization must use. SecuLogica supports basic username and password authentication, along with authentication against external providers that are compliant with OpenID or OAuth protocols and it can be fully integrated with LDAP or Active Directory. • Flexible – SecuLogica was designed for simple installation and deployment in virtually any business or personal setting. If Cloud services are required, SecuLogica provides its users with servers housed in professional data centres with the highest level of security available. Alternatively, SecuLogica is available as an On-Premise solution that can be installed at the customer’s facilities with full installation and training services provided on-site. 8
• Restricted Environments – For those users that cannot install the application due to being in a closed environment or public point of access, SecuLogica offers as an independent service - SecuLogica Drag’n Drop. This is a website application where a user can upload a protected file that can be viewed in a web viewer by a user he or she has authenticated. Additionally, a user can protect a file using Drag’n Drop if they require it but are not in an environment where they are permitted to do so. • Customizable – While the protection of single files is the cornerstone of SecuLogica, we also recognize the need for large scale protection. This can be easily achieved with the installation and use of a “Protected Folder.” This is a repository for any files within a company’s domain that they need to protect. This is completed by simply dropping a file into the protected folder. This will protect the file and subsequent to that, permissions for that file are applied. Customers using SharePoint 2010 or 2013 can use SecuLogica to protect document libraries. SharePoint access rights are applied as the equivalent SecuLogica permissions automatically. Conclusion With the implementation of an IRM solution for its data, any business can establish a comfort level by striking a balance between the need for Collaboration and the need for Security. Choosing the right IRM solution extends that comfort level to a place of • simplicity • ease of use • cost effectiveness • flexibility SecuLogica will allow users to safely secure vitally important corporate assets. “PROTECT WHAT YOU SHARE” 9
About IRM Secure IRM Secure is a high growth security software product company, providing security solutions in the areas of information usage control, Information Rights Management (IRM) and secure outsourcing. We are the exclusive Integrator in North America for SecuLogica. Our expertise lies in the control of information post distribution, irrespective of its location and mode of transfer. With this the receiver is able / not-able to distribute, edit, print, copy-paste, screen-grab information from a secured document. It is also possible to remotely destruct the documents at the receiver’s end at any time. Along with our Fortune 500 clients, some of the largest companies in banking, financial services, insurance, engineering services, and educational institutes use our technology to secure unstruc- tured data that is used internally or provided to a vendor for outsourced processes. To contact IRMSecure please email us at info (at) irmsecure.com North America IRM Secure 2800 Skymark Avenue, #4 Mississauga, Ontario, L4W5A6 CANADA Tel: 905.366.4444 / Fax: 905.361.0789 Europe SecuLogica /IRM Secure Werdener Strasse 8 40277Duesseldorf GERMANY Tel:+49.(0).211.1780.7778 WWW.IRMSECURE.COMi n f o @ i r m s e c u r e . c o m 10 IRMSECURE Protect What You Share

Recommandé

Libro el collar del budha
Libro el collar del budhaLibro el collar del budha
Libro el collar del budhaCuración Esotérica
 
Estudio Canudas carpeta institucional 2015
Estudio Canudas carpeta institucional 2015Estudio Canudas carpeta institucional 2015
Estudio Canudas carpeta institucional 2015ESTUDIO CANUDAS
 
Foxton Email 15
Foxton Email 15Foxton Email 15
Foxton Email 15Justin Hing
 
Fichas jm
Fichas jmFichas jm
Fichas jmJuan CR
 
What's The Difference?
What's The Difference?What's The Difference?
What's The Difference?ABrytneyReaves
 
Adidas world cup look book 2010
Adidas world cup look book 2010Adidas world cup look book 2010
Adidas world cup look book 2010adidasfootball10
 
Reportaje Carretera Central Honduras
Reportaje Carretera Central HondurasReportaje Carretera Central Honduras
Reportaje Carretera Central HondurasComejamo Internacional
 
Cuando pasado y presente son futuro
Cuando pasado y presente son futuroCuando pasado y presente son futuro
Cuando pasado y presente son futuroClaudio Gómez
 

Recommandé

Libro el collar del budha
Libro el collar del budhaLibro el collar del budha
Libro el collar del budhaCuración Esotérica
 
Estudio Canudas carpeta institucional 2015
Estudio Canudas carpeta institucional 2015Estudio Canudas carpeta institucional 2015
Estudio Canudas carpeta institucional 2015ESTUDIO CANUDAS
 
Foxton Email 15
Foxton Email 15Foxton Email 15
Foxton Email 15Justin Hing
 
Fichas jm
Fichas jmFichas jm
Fichas jmJuan CR
 
What's The Difference?
What's The Difference?What's The Difference?
What's The Difference?ABrytneyReaves
 
Adidas world cup look book 2010
Adidas world cup look book 2010Adidas world cup look book 2010
Adidas world cup look book 2010adidasfootball10
 
Reportaje Carretera Central Honduras
Reportaje Carretera Central HondurasReportaje Carretera Central Honduras
Reportaje Carretera Central HondurasComejamo Internacional
 
Cuando pasado y presente son futuro
Cuando pasado y presente son futuroCuando pasado y presente son futuro
Cuando pasado y presente son futuroClaudio Gómez
 
King Open Math Vision Statement
King Open Math Vision StatementKing Open Math Vision Statement
King Open Math Vision Statementfernfisher
 
Posicionamiento De Marca Y Difusion De InformacióN a travez de las Redes Soci...
Posicionamiento De Marca Y Difusion De InformacióN a travez de las Redes Soci...Posicionamiento De Marca Y Difusion De InformacióN a travez de las Redes Soci...
Posicionamiento De Marca Y Difusion De InformacióN a travez de las Redes Soci...Andrea Cisneros
 
medios publicitarios tradicionales
medios publicitarios tradicionales medios publicitarios tradicionales
medios publicitarios tradicionales Aimet Melean Villalobos
 
Acta pleno número 13 de 08 08-2011
Acta pleno número 13 de 08 08-2011Acta pleno número 13 de 08 08-2011
Acta pleno número 13 de 08 08-2011UPyDNovelda
 
Guia maloca y salitre magico
Guia maloca y salitre magicoGuia maloca y salitre magico
Guia maloca y salitre magicoDiego Nicolas Ricaurte Lagos
 
Steinhaus Kroatien kaufen | Insel Krk Steinhaus mit Garten und Schwimmbad
Steinhaus Kroatien kaufen | Insel Krk Steinhaus mit Garten und SchwimmbadSteinhaus Kroatien kaufen | Insel Krk Steinhaus mit Garten und Schwimmbad
Steinhaus Kroatien kaufen | Insel Krk Steinhaus mit Garten und SchwimmbadEuro Immobilien EXCLUSIVE REAL ESTATE BROKERAGE
 
여성이 새로 짜는 세상 12호 (소식지, 2002)
여성이 새로 짜는 세상 12호 (소식지, 2002)여성이 새로 짜는 세상 12호 (소식지, 2002)
여성이 새로 짜는 세상 12호 (소식지, 2002)여성환경연대
 
La Radio Educomunitaria, pensada desde la ruralidad del Sumapaz
La Radio Educomunitaria, pensada desde la ruralidad del SumapazLa Radio Educomunitaria, pensada desde la ruralidad del Sumapaz
La Radio Educomunitaria, pensada desde la ruralidad del SumapazDirección de Investigación - Universidad de Cundinamarca
 
English and american painters
English and american paintersEnglish and american painters
English and american paintersS Maillard
 
Posterscope Out-of-Home Marketplace Belgium and Luxembourg 2015
Posterscope Out-of-Home Marketplace Belgium and Luxembourg 2015Posterscope Out-of-Home Marketplace Belgium and Luxembourg 2015
Posterscope Out-of-Home Marketplace Belgium and Luxembourg 2015Posterscope Belgium
 
5º Jornadas AMUVA - Introduccion
5º Jornadas AMUVA - Introduccion 5º Jornadas AMUVA - Introduccion
5º Jornadas AMUVA - Introduccion Amuva
 
GESUNDHEIT IST LEBEN
GESUNDHEIT IST LEBENGESUNDHEIT IST LEBEN
GESUNDHEIT IST LEBENSIEGBERT TILL
 
Solicitud de inscripción Curso de Ski 2015
Solicitud de inscripción Curso de Ski 2015Solicitud de inscripción Curso de Ski 2015
Solicitud de inscripción Curso de Ski 2015Ocio Melilla Now
 
Its 1938, And Iran Is Germany - TJCI - Jan-Feb 2007
Its 1938, And Iran Is Germany - TJCI - Jan-Feb 2007 Its 1938, And Iran Is Germany - TJCI - Jan-Feb 2007
Its 1938, And Iran Is Germany - TJCI - Jan-Feb 2007 miscott57
 
Sirous Kavehercy GSM 3G CeeCom Convergence
Sirous Kavehercy GSM 3G CeeCom ConvergenceSirous Kavehercy GSM 3G CeeCom Convergence
Sirous Kavehercy GSM 3G CeeCom ConvergenceSirous Kavehercy
 
00 primera sesión del curso Alcalá 2014metodos de eficacia probada
00 primera sesión del curso Alcalá 2014metodos de eficacia probada00 primera sesión del curso Alcalá 2014metodos de eficacia probada
00 primera sesión del curso Alcalá 2014metodos de eficacia probadaAlfredo Prieto Martín
 
Heograpiyangdaigdig 140604233559-phpapp01
Heograpiyangdaigdig 140604233559-phpapp01Heograpiyangdaigdig 140604233559-phpapp01
Heograpiyangdaigdig 140604233559-phpapp01Maynchie Faronilo
 
Curvas de secado
Curvas de secadoCurvas de secado
Curvas de secadoAngel Basurto Renteria
 
Presentación Identikit
Presentación IdentikitPresentación Identikit
Presentación IdentikitAdriana Caulfield
 

Contenu connexe

En vedette

King Open Math Vision Statement
King Open Math Vision StatementKing Open Math Vision Statement
King Open Math Vision Statementfernfisher
 
Posicionamiento De Marca Y Difusion De InformacióN a travez de las Redes Soci...
Posicionamiento De Marca Y Difusion De InformacióN a travez de las Redes Soci...Posicionamiento De Marca Y Difusion De InformacióN a travez de las Redes Soci...
Posicionamiento De Marca Y Difusion De InformacióN a travez de las Redes Soci...Andrea Cisneros
 
Acta pleno número 13 de 08 08-2011
Acta pleno número 13 de 08 08-2011Acta pleno número 13 de 08 08-2011
Acta pleno número 13 de 08 08-2011UPyDNovelda
 
여성이 새로 짜는 세상 12호 (소식지, 2002)
여성이 새로 짜는 세상 12호 (소식지, 2002)여성이 새로 짜는 세상 12호 (소식지, 2002)
여성이 새로 짜는 세상 12호 (소식지, 2002)여성환경연대
 
English and american painters
English and american paintersEnglish and american painters
English and american paintersS Maillard
 
Posterscope Out-of-Home Marketplace Belgium and Luxembourg 2015
Posterscope Out-of-Home Marketplace Belgium and Luxembourg 2015Posterscope Out-of-Home Marketplace Belgium and Luxembourg 2015
Posterscope Out-of-Home Marketplace Belgium and Luxembourg 2015Posterscope Belgium
 
5º Jornadas AMUVA - Introduccion
5º Jornadas AMUVA - Introduccion 5º Jornadas AMUVA - Introduccion
5º Jornadas AMUVA - Introduccion Amuva
 
GESUNDHEIT IST LEBEN
GESUNDHEIT IST LEBENGESUNDHEIT IST LEBEN
GESUNDHEIT IST LEBENSIEGBERT TILL
 
Solicitud de inscripción Curso de Ski 2015
Solicitud de inscripción Curso de Ski 2015Solicitud de inscripción Curso de Ski 2015
Solicitud de inscripción Curso de Ski 2015Ocio Melilla Now
 
Its 1938, And Iran Is Germany - TJCI - Jan-Feb 2007
Its 1938, And Iran Is Germany - TJCI - Jan-Feb 2007 Its 1938, And Iran Is Germany - TJCI - Jan-Feb 2007
Its 1938, And Iran Is Germany - TJCI - Jan-Feb 2007 miscott57
 
Sirous Kavehercy GSM 3G CeeCom Convergence
Sirous Kavehercy GSM 3G CeeCom ConvergenceSirous Kavehercy GSM 3G CeeCom Convergence
Sirous Kavehercy GSM 3G CeeCom ConvergenceSirous Kavehercy
 
00 primera sesión del curso Alcalá 2014metodos de eficacia probada
00 primera sesión del curso Alcalá 2014metodos de eficacia probada00 primera sesión del curso Alcalá 2014metodos de eficacia probada
00 primera sesión del curso Alcalá 2014metodos de eficacia probadaAlfredo Prieto Martín
 
Heograpiyangdaigdig 140604233559-phpapp01
Heograpiyangdaigdig 140604233559-phpapp01Heograpiyangdaigdig 140604233559-phpapp01
Heograpiyangdaigdig 140604233559-phpapp01Maynchie Faronilo
 

En vedette (19)

King Open Math Vision Statement
King Open Math Vision StatementKing Open Math Vision Statement
King Open Math Vision Statement
 
Posicionamiento De Marca Y Difusion De InformacióN a travez de las Redes Soci...
Posicionamiento De Marca Y Difusion De InformacióN a travez de las Redes Soci...Posicionamiento De Marca Y Difusion De InformacióN a travez de las Redes Soci...
Posicionamiento De Marca Y Difusion De InformacióN a travez de las Redes Soci...
 
medios publicitarios tradicionales
medios publicitarios tradicionales medios publicitarios tradicionales
medios publicitarios tradicionales
 
Acta pleno número 13 de 08 08-2011
Acta pleno número 13 de 08 08-2011Acta pleno número 13 de 08 08-2011
Acta pleno número 13 de 08 08-2011
 
Guia maloca y salitre magico
Guia maloca y salitre magicoGuia maloca y salitre magico
Guia maloca y salitre magico
 
Steinhaus Kroatien kaufen | Insel Krk Steinhaus mit Garten und Schwimmbad
Steinhaus Kroatien kaufen | Insel Krk Steinhaus mit Garten und SchwimmbadSteinhaus Kroatien kaufen | Insel Krk Steinhaus mit Garten und Schwimmbad
Steinhaus Kroatien kaufen | Insel Krk Steinhaus mit Garten und Schwimmbad
 
여성이 새로 짜는 세상 12호 (소식지, 2002)
여성이 새로 짜는 세상 12호 (소식지, 2002)여성이 새로 짜는 세상 12호 (소식지, 2002)
여성이 새로 짜는 세상 12호 (소식지, 2002)
 
La Radio Educomunitaria, pensada desde la ruralidad del Sumapaz
La Radio Educomunitaria, pensada desde la ruralidad del SumapazLa Radio Educomunitaria, pensada desde la ruralidad del Sumapaz
La Radio Educomunitaria, pensada desde la ruralidad del Sumapaz
 
English and american painters
English and american paintersEnglish and american painters
English and american painters
 
Posterscope Out-of-Home Marketplace Belgium and Luxembourg 2015
Posterscope Out-of-Home Marketplace Belgium and Luxembourg 2015Posterscope Out-of-Home Marketplace Belgium and Luxembourg 2015
Posterscope Out-of-Home Marketplace Belgium and Luxembourg 2015
 
5º Jornadas AMUVA - Introduccion
5º Jornadas AMUVA - Introduccion 5º Jornadas AMUVA - Introduccion
5º Jornadas AMUVA - Introduccion
 
GESUNDHEIT IST LEBEN
GESUNDHEIT IST LEBENGESUNDHEIT IST LEBEN
GESUNDHEIT IST LEBEN
 
Solicitud de inscripción Curso de Ski 2015
Solicitud de inscripción Curso de Ski 2015Solicitud de inscripción Curso de Ski 2015
Solicitud de inscripción Curso de Ski 2015
 
Its 1938, And Iran Is Germany - TJCI - Jan-Feb 2007
Its 1938, And Iran Is Germany - TJCI - Jan-Feb 2007 Its 1938, And Iran Is Germany - TJCI - Jan-Feb 2007
Its 1938, And Iran Is Germany - TJCI - Jan-Feb 2007
 
Sirous Kavehercy GSM 3G CeeCom Convergence
Sirous Kavehercy GSM 3G CeeCom ConvergenceSirous Kavehercy GSM 3G CeeCom Convergence
Sirous Kavehercy GSM 3G CeeCom Convergence
 
00 primera sesión del curso Alcalá 2014metodos de eficacia probada
00 primera sesión del curso Alcalá 2014metodos de eficacia probada00 primera sesión del curso Alcalá 2014metodos de eficacia probada
00 primera sesión del curso Alcalá 2014metodos de eficacia probada
 
Heograpiyangdaigdig 140604233559-phpapp01
Heograpiyangdaigdig 140604233559-phpapp01Heograpiyangdaigdig 140604233559-phpapp01
Heograpiyangdaigdig 140604233559-phpapp01
 
Curvas de secado
Curvas de secadoCurvas de secado
Curvas de secado
 
Presentación Identikit
Presentación IdentikitPresentación Identikit
Presentación Identikit
 

IRMSecure on SecuLogica White Paper 12 02 2015

  • 1. N o r t h A m e r i c a I R M S e c u r e 2 8 0 0 S k y m a r k A v e n u e , # 4 M i s s i s s a u g a , O n t a r i o , L 4 W 5 A 6 C A N A D A Te l : +1 . 9 0 5 . 3 6 6 . 4 4 4 4 / F a x : +1 . 9 0 5 . 3 61 . 0 7 8 9 Europe SecuLogica /IRM Secure Werdener Strasse 8 40277Duesseldorf GERMANY Tel:+49.211.1780.7778 WWW.IRMSECURE.COMi n f o @ i r m s e c u r e . c o m IRMSECURE Protect What You Share IRM Information Rights Management A White Paper Author: Bill Hube Date: January 13 2015 Location: Mississauga, Canada
  • 2. Index Protecting what you Share 2 Data Loss 2 The Security vs. Collaboration Conundrum 3 Information Rights Management (IRM) Defined 5 IRM by SecuLogica 6 Key Elements 6 • Functional 7 • Encryption 7 • Scalable 7 • Simple 8 • Secure 8 • Flexible 8 • Restricted Enviroments 9 • Customizable 9 Conclusion 9 About IRMSecure 10
  • 3. Information Rights Management Protecting what you Share A common assertion that many (if not all) businesses make is that their “people are the most important asset.” While this may be true, a very close second in terms of importance, is a company’s data. Imagine a company losing all of its data (proprietary information, financial data, confidential files etc.) – could they survive? Many companies have survived fire, stock-market crashes, loss of key personnel but statistics say that 60% of companies that lose their data shut down within six months of the loss.* Data Loss The common perception is that Data Loss means being hacked. While this is, obviously, a major source of concern and a major source of data loss, much of the time, this very important company asset is lost in a much less hostile or overt manner. Consider the ways: an unhappy employee printing sensitive financial data and removing it from a protected environment; information emailed to one trusted collaborator but then forwarded to someone never intended to see it or a confidential file meant to be distributed amongst those dwelling in the C-Suite sent accidentally to the shop-floor instead, where those that receive it don’t have the benefit of context. *statistic from:www.boston computing.net/consulltation/databackup/statistics 2
  • 4. This passive, less obvious loss of data is one that most companies don’t address – usually for one of two reasons: First, because they either don’t know it exists or don’t understand the extent of the damage and second, because they don’t believe it can be stopped. This belief is rooted in what can be described as the Security vs. Collaboration Conundrum. The Security vs. Collaboration Conundrum It seems an unsolvable problem. To advance its business, a company must collaborate with those outside of its enterprise – customers, sub-contractors, consultants, auditors – the list is endless. Secondly, businesses must give employees access to sensitive data and simply trust that those employees will use that data only for the companies business purposes. 3
  • 5. The Security vs. Collaboration Conundrum continued However collaborating means sharing data, which means risking data loss. The alternative is to protect data by building a virtual wall around it and giving no “outsiders” access to it; but by limiting this valuable and essential collaboration, a company shackles its ability to do business and risks failure. When considering this conundrum it seems companies have two options – neither being ideal: Collaboration and risk loss of data or Security and risk loss of customers and innovation. What if there were a third choice? One that would balance collaboration and security? 4
  • 6. Information Rights Management (IRM) Defined An IRM solution essentially gives a user the ability to control his or her data even after it has been shared outside of the company’s traditional storage solution, or its secure perimeter. There are several existing ways to control documents (emails, documents, multi-media files, webpages etc.) while they reside inside a company’s secure perimeter – an IRM solution extends that control outside this perimeter regardless of where they are stored, be it on anoth- er PC, laptop or server. This function is completed by assigning security (rights) to the specific information as opposed to assigning security to where it is stored. IRM works by granting a user the ability to encrypt any file over which he or she has control and then having that user selectively grant access to that file. That access control can come in several forms • by specific user • by specific group of users • by a specific time-frame • by location • .... 5
  • 7. Information Rights Management (IRM) Defined cont, The file controller also has the ability to control what is done with this data: • viewing • printing • editing • managing. This access is granted by the exchange of meta-data and encryption keys only – one of the cornerstones of IRM is that the solution provider manages only these things – the company’s actual data never resides on the provider’s servers. IRM by SecuLogica It’s a fact that the only truly secure computer is one that is turned off, disconnected from any network and in a place that is inaccessible. That computer is also, for all intents and purposes, of no use. The goal of SecuLogica is to make it safe for that computer to be put into a network by equipping it with software that will make its data as secure as possible while at the same time simple and easy to use. At the top of the “must-have” list when developing our solution was simplicity of implementation coupled with ease of use. Without these, the solution ran the risk of not being used, obviously nullifying its effectiveness. The overseeing vision of the developers was to become a standard for protecting the information that is shared and stored - whether inside or outside the protected perimeter of a company or individual. The key elements of this vision are: Interoperability – so that any SecuLogica user can exchange information with anyone securely, no matter whether it is a corporate or private user; Ease of Use – so that the technology can be used by anyone, anywhere on any device and a groundbreaking Business Model. 6
  • 8. Each of the following features of SecuLogica has been designed with these key elements in mind: • Functional – a solution is not much of a solution if it doesn’t serve a company’s specific purposes. With that in mind SecuLogica supports virtually every relevant file format including all Microsoft Office formats. Additionally all text, .pdf, AutoCAD and virtually all image and video formats are supported. SecuLogica is unique in the current IRM marketplace in that it supports close to 100 different multi-media formats over most platforms – including Windows, Android, iOS and Blackberry apps. This feature even enables users the ability to protect and share photographs captured by mobile devices. Social media consoles and its users (Facebook, Twitter, Instagram) can all benefit from the use of SecuLogica. • Encryption – files protected with SecuLogica are encrypted using one of the AES algorithm. The encryption key is generated randomly on a server with a variable length that the user can easily configure locally – either 128 or 256 bits ( 256 is the default). It is important to repeat that SecuLogica does NOT store a user’s files – it manages only Meta-data and encryption keys. The file stays in the control of the file’s owner at all times. Also, the database holding the encryption keys are themselves encrypted adding another layer of protection. • Scalable – SecuLogica installations are done through licenses purchased through the vendor meaning an increase or decrease in the number of users is easily handled through the addition of additional licensees. There is no limit to the number of licenses on an account and new users are simply and easily added to the user group by a named administrator. 7
  • 9. • Simple – at the user level, SecuLogica was designed to be simple and quick to use. In the majority of cases, protection by encryption is done by two mouse clicks. The assignment of permissions is done through a straightforward, easy-to-use online console. At the receiver’s end, a file is opened up exactly the same way the user would open any file. Once the open command for the encrypted file has been initiated, a command to compare the meta-data and encryption key is sent to the key server. If the keys match, the file opens in exactly the same way it would were it not encrypted. If they don’t match, a message will be displayed on the user’s monitor telling him or her that the file has been protected and can’t be opened without proper permissions. This sequence of opening a file takes place with very little or no latency. • Secure – The security of a company’s data is defined by how secure access to SecuLogica is. The administrator of the SecuLogica Corporate Service can decide which authenti- cation method the users of the organization must use. SecuLogica supports basic username and password authentication, along with authentication against external providers that are compliant with OpenID or OAuth protocols and it can be fully integrated with LDAP or Active Directory. • Flexible – SecuLogica was designed for simple installation and deployment in virtually any business or personal setting. If Cloud services are required, SecuLogica provides its users with servers housed in professional data centres with the highest level of security available. Alternatively, SecuLogica is available as an On-Premise solution that can be installed at the customer’s facilities with full installation and training services provided on-site. 8
  • 10. • Restricted Environments – For those users that cannot install the application due to being in a closed environment or public point of access, SecuLogica offers as an independent service - SecuLogica Drag’n Drop. This is a website application where a user can upload a protected file that can be viewed in a web viewer by a user he or she has authenticated. Additionally, a user can protect a file using Drag’n Drop if they require it but are not in an environment where they are permitted to do so. • Customizable – While the protection of single files is the cornerstone of SecuLogica, we also recognize the need for large scale protection. This can be easily achieved with the installation and use of a “Protected Folder.” This is a repository for any files within a company’s domain that they need to protect. This is completed by simply dropping a file into the protected folder. This will protect the file and subsequent to that, permissions for that file are applied. Customers using SharePoint 2010 or 2013 can use SecuLogica to protect document libraries. SharePoint access rights are applied as the equivalent SecuLogica permissions automatically. Conclusion With the implementation of an IRM solution for its data, any business can establish a comfort level by striking a balance between the need for Collaboration and the need for Security. Choosing the right IRM solution extends that comfort level to a place of • simplicity • ease of use • cost effectiveness • flexibility SecuLogica will allow users to safely secure vitally important corporate assets. “PROTECT WHAT YOU SHARE” 9
  • 11. About IRM Secure IRM Secure is a high growth security software product company, providing security solutions in the areas of information usage control, Information Rights Management (IRM) and secure outsourcing. We are the exclusive Integrator in North America for SecuLogica. Our expertise lies in the control of information post distribution, irrespective of its location and mode of transfer. With this the receiver is able / not-able to distribute, edit, print, copy-paste, screen-grab information from a secured document. It is also possible to remotely destruct the documents at the receiver’s end at any time. Along with our Fortune 500 clients, some of the largest companies in banking, financial services, insurance, engineering services, and educational institutes use our technology to secure unstruc- tured data that is used internally or provided to a vendor for outsourced processes. To contact IRMSecure please email us at info (at) irmsecure.com North America IRM Secure 2800 Skymark Avenue, #4 Mississauga, Ontario, L4W5A6 CANADA Tel: 905.366.4444 / Fax: 905.361.0789 Europe SecuLogica /IRM Secure Werdener Strasse 8 40277Duesseldorf GERMANY Tel:+49.(0).211.1780.7778 WWW.IRMSECURE.COMi n f o @ i r m s e c u r e . c o m 10 IRMSECURE Protect What You Share