Sounds like a bad title for a movie, but unfortunately it seems to be business as usual for companies and the US government. A recent Inspector General audit came out showing that some Department of Defense (DoD) groups didn’t scrub data from computers before disposing of them. Sensitive information might get into the wild and either compromise DoD security or result in identity theft.
A lot of security problems are attributed to insider threats. A lot of it may be due to the oops factor; we do it accidentally. Most of us don’t willingly comprise our company or personal security, but sometimes it happens because of a lack of knowledge.
Sounds like an oxymoron, but this debate has been raging since the words social media popped into the ether. “Don’t tell people anything or someone will get you” sounds like the old story of the boogeyman in your closet. There of course is a legitimate concern about giving details of your private life away so people can steal things or harm you. But how about in the business world?
I was listening to a podcast on Why the Internet will NOT tear apart colleges and I started thinking about using SaaS in Higher Education. The podcast said people are worried that using Internet technologies will make going to college obsolete. If I can do e-learning over the web, why bother going to some buildings to get an education? They pointed out that there is a lot more to going to college than ingesting information. Living away from home, maturing as a person, doing research in a lab, collaborating on projects, attending sports games and socializing are just a few of the benefits of actually being at a college.
In Phil Wainewright’s recent column Survival of the fit-most he talks about sharing and collaboration on the Web versus keeping things private. The essence and value of the internet is to make it easy to share information and collaborate. People and businesses benefit most when we collaborate. Many cloud and SaaS providers are providing a private cloud solution for customers who are skittish about moving applications to the cloud. This seems to be a reversal of the benefits of cloud computing and SaaS. If I create a private cloud in my data center using virtualization, is it really a cloud?
I was reading an article in Information Week entitled 5 Security Lessons From Real-World Data Breaches that talks about data security and how companies can harden their external and internal defenses. There was a lot of good information about security infrastructure, including firewalls, network intrusion systems, data loss prevention tools and numerous others. Most of these tools address data at rest or data in transit. They tend to exclude data in use.
What is data in use? It’s what it sounds like. If a hacker steals a document by exploiting inadequate defenses, they now can use the data they stole. Most people focus on making sure the data doesn’t get out in the wild, but what do you do when it does. Encryption techniques help ensure that if a sensitive document gets out, it is unusable by the hacker.
Yesterday GMail went down for about 1.5 hours. If you followed this on Twitter, you thought the world had ended. It was all over CNN, MSNBC and numerous other media outlets. According to the GMail blog, the outage affected the web interface to GMail, not POP3 or IMAP clients. People accessing GMail through their iPhones or Blackberrys were also fine. The outage was because of some routine maintenance that overloaded a few of the routers.
I spent this week training on Fasoo’s Enterprise Digital Rights Management products. Each product helps protect documents at rest, in transit and in use. The last one is the most important since most organizations don’t know what happens to a document once it leaves their four walls. The class had a great time trying to come up with real world scenarios to test out; we also tried to break things.
I have been reading The Cluetrain Manifesto and noticing how relevant this book is almost 10 years after its publication. The book and the manifesto itself address how business is changing in the Internet age. Back in the dark ages, before computers and mass media, commerce was done through conversations between people. The village bazaar with its hustle and bustle is where people met, talked, gossiped, spread news and generally got things done. It was chaotic and informal. It was human. You can see the same thing at a county fair or a garage sale. It’s informal and its also fun.
ECM applications simplify the management of an organization’s unstructured information (data not in a database). ECM applications help accelerate business performance by providing easier access to an organization’s core information assets.
The circulation of documents through ECM applications results in an increased risk of information leakage. The need to secure information sharing on the ECM systems has increased as more employees gain access to these repositories.