How to Approach Content Protection in the Enterprise

By Todd Partridge, Director of Platform Product Marketing at Intralinks, Inc.®

In the online business world of today’s bank, fund, or trading desk, information is always flowing. Unlike it was 15 years ago, data today flows at a much higher velocity, and has the potential to reach an indeterminate number of destinations online simultaneously.

A Look Back and Forward: Protecting Information

As different channels and methods of information transmittal were introduced over the last several decades, the enterprise has continuously sought to protect that information in various ways. For example, first it was the corporate firewall, where IT looked to contain the information in order to protect it from bad actors. Then, validating and managing a specific user’s identity became the fulcrum balancing information security and the productivity needs of the business. However, in today’s world, that security perimeter should be extended to each individual piece of content; protecting content on the channels it is coming from.

Cloud solutions have placed the notion of information security under a microscope of increased scrutiny — and rightly so — as they facilitate the dissemination of highly valuable data. Most financial organizations may feel ill-equipped to manage external collaboration of sensitive information. The reasons why will vary from one institution to the next, but most of the concerns come down to ownership and control. “Is my content safe? Is it stored in a compliant way? Could I get my data out if I need to?” These are just a few of the questions a cloud service provider may hear from prospective customers on any given day.

The topics of data sovereignty and data ownership will also come into play. Even though a SaaS service may naturally provide increased security and efficiency benefits, a bank will still need to know that they have the final say in where their data is stored geographically and, ultimately, who is able to distribute that data to a third party.

Applying Security Measures

Many times what the information security question boils down to is, “Where, when, and why to apply certain security measures.” If you think about the very simple scenario of trying to share just one confidential document, we can illustrate the multiple layers of protection that a customer should consider.

First, there is the traditional enterprise firewall, or network-level security. This is a very mature discipline, but remains very important nonetheless. Intrusion detection, denial-of-service (DOS) attack prevention, and spam and virus filters should all play a role at the edge of your business networks. In terms of sharing the document, you need to consider whether you are sharing the content securely, or using insecure means such as unprotected email. Further, you need to consider how you are letting users see the document, whether via guest accounts, VPN, or DMZ.

Secondly, maintaining security at the firewall level alone can often generate a lot of overhead and work for a network security team as they wrestle to provide the agility that a particular department or line of business requires. This is why most organizations today have shifted to deploying collaboration technologies. By having a secure collaboration platform in place, IT and the CISO can implement the controls they require both from an information governance/compliance perspective in addition to a technical infrastructure point of view. More often, the modern enterprise is turning to cloud service providers for these solutions as the subject matter experts of information sharing across the enterprise boundary.

The third answer to our question of where to apply security is at the document-level itself. Since data can be considered the lifeblood of an organization, it is incumbent on the owners of that information to take the necessary steps to ensure that their content is secure wherever it resides in the world. Just because you are sharing information does not mean that you need to relinquish control of it. Push your ‘security perimeter’ out to the document itself with innovative information rights management (IRM) to give yourself the ability to know when and where your document is being accessed at any time. Even after that information has been shared and downloaded, with IRM, you can always “unshare” it via your collaboration system.

In order to truly protect information in the enterprise today, financial institutions must implement the proper security procedures, processes and technologies. Remember: A company’s intellectual property is the foundation of the organization. It’s up to all of us to protect it.

Contact: Todd Partridge, Director of Platform Product Marketing at Intralinks, Inc.® Email: tpartridge@intralinks.com

 

About Intralinks

Intralinks Holdings, Inc. (NYSE: IL) is a leading, global technology provider of secure enterprise content collaboration solutions. Through innovative Software-as-a-Service solutions, Intralinks software is designed to enable the exchange and control of information between organizations securely and compliantly when working through the firewall. More than 3.1 million professionals at 99% of the Fortune 1000 companies have depended on Intralinks’ experience. With a track record of enabling high-stakes transactions and business collaborations valued at more than $28.1 trillion, Intralinks is a trusted provider of easy-to-use, enterprise strength, cloud-based collaboration solutions. For more information, visit www.Intralinks.com.

Forward Looking Statements

The forward-looking statements contained in this article are made pursuant to the safe harbor provisions of the Private Securities Litigation Reform Act of 1995.  Forward-looking statements are express or implied statements that are not based on historical information and include, among other things, statements concerning Intralinks’ plans, intentions, expectations, projections, hopes, beliefs, objectives, goals and strategies.  These statements are neither promises nor guarantees, but are subject to a variety of risks and uncertainties, many of which are beyond our control and could cause actual results to differ materially from those contemplated in these forward-looking statements. Accordingly, there can be no assurance that the results or commitments expressed, projected or implied by any forward-looking statements will be achieved, and readers are cautioned not to place undue reliance on any forward-looking statements. The forward-looking statements in this article speak only as of the date hereof.  As such, Intralinks undertakes no obligation to update or revise the information contained in this press release, whether as a result of new information, future events or circumstances or otherwise. For a detailed list of the factors and risks that could affect Intralinks’ financial results, please refer to Intralinks public filings with the Securities and Exchange Commission from time to time, including its Annual Report on Form 10-K for the year-ended December 31, 2014 and subsequent quarterly reports.

Trademarks and Copyright

“Intralinks” and Intralinks’ stylized logo are the registered trademarks of Intralinks, Inc. This article may also refer to trade names and trademarks of other organizations without reference to their status as registered trademarks. © 2015 Intralinks, Inc. All rights reserved.

Advertisement

Follow Us:

Sitemap | Privacy | Copyright © © 2017, WSTA®, All Rights Reserved.