Download
information centric security n.
Skip this Video
Loading SlideShow in 5 Seconds..
EMC Information Rights Management PowerPoint Presentation
Download Presentation
EMC Information Rights Management

EMC Information Rights Management

128 Views Download Presentation
Download Presentation

EMC Information Rights Management

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. August 2006 Information Centric Security 15 Minutes >> EMC Information Rights Management

  2. 1 2 3 4 5 Learning Objectives After completing this course, you will be able to: Describe product and strategic positioning Explain customer options and competitive offerings Define the key differentiating factors Handle customer objections and common pitfalls Describe our current pricing strategy

  3. Value Statement • Protects intellectual property by allowing secure sharing of sensitive documents with internal and external users • Control executive communication amongst a small group of “approved” readers • Help contain and control documents to span a variety of compliance requirements • Retain your customers by protecting their personal information

  4. What’s In It For EMC & You? An IRM offering proves EMC is serious about security This is another example of how we support our ILM strategy An IRM offering proves EMC is serious about security Security is a top priority for all executives, this will get you face time to up-sell and cross sell

  5. The Big Picture • Fewer than 1 in 5 companies believe their data is adequately protected. • Organizations today are under immense pressure to share intellectual property. • Recent press headlines show how profound this problem has become. • Regulations have surfaced such as Gramm-Leach-Bliley and Sarbanes-Oxley Act that affect all corporations.

  6. The Big Picture - EMC Security and Rights Management Big Picture Content Security • Repository Encryption • Electronic Signatures • Information Rights Management • Mandatory Access Control • Digital Shredding Auditing Encryption Authentication Electronic signatures Information rights Digital shredding Singlesign-on

  7. Current Challenges - The Threat Profile has Channged Current Challenges • Most information security products don’t actually secure information • Information is in constant motion throughout its lifecycle – making it difficult to lock down • Perimeters and resources are constantly being traversed • Gartner states that 84% of high cost security incidents are a result of insiders sending confidential material outside of their company

  8. Target Profile Target Profile • Target Profile: • Large corporations, publicly held companies, government agencies that have a need to communicate externally and share proprietary or confidential information. • Target Audience: • Chief Info Security Officer • VP Engineering, Sales, Marketing, HR • Project Managers • Compliance Officer • Corporate Counsel • Chief Info Security Officer • CIO/CTO/CISO • Chief Financial Officer

  9. EMC Information Rights Management Platform Architecture • Persistently protect and control rights on documents and emails through their entire lifecycle • Dynamically control access to material wherever it resides • Maintain continuous audit record of Who, What, Where and When documents and emails were viewed and used

  10. Key Features IRM Overview Protect native business information (E-mail, PDF, HTML, Microsoft Office) Leverages existing authentication security infrastructure Dynamic watermarking Dynamic policy control Continuous audit trail Automatic expiration control

  11. Protected content distributed through normal workflow; e-mail, file share, CD, content management, etc. 1 Content created, user or system selects policy and protection applied. 3 Policy and encryption key stored on server 4 5 Recipient is authenticated. Enterprise directories referenced for authentication and authorization. Content is opened with policy enforced. Recipient is authenticated. Enterprise directories referenced for authentication and authorization. Content is opened with policy enforced. 2 Content activity viewed and policy dynmaically changed Content activity viewed and policy dynamically changed Standard IRM Workflow IRM Server

  12. IRM for Documentum Overview Key Features • Seamless IRM integration: • Folder based protection • Single Sign On • Uses Documentum Policies and ACL’s • Automatic protection of imported documents: • Adobe PDF • Microsoft Word, Excel and PowerPoint Can change access rights and privileges even after the document leaves Documentum Automatic document updates when a new version is available

  13. IRM for eRoom Overview Key Features • Seamless IRM integration: • Folder based protection • Single Sign On • Uses IRM Policy Templates • Automatic protection of imported documents: • Adobe PDF • Microsoft Word, Excel and PowerPoint Can change access rights and privileges even after the document leaves eRoom Automatic document updates when a new version is available

  14. Pricing • IRM Services for Documentum CPU $ 50,000 • IRM Services for eRoom CPU $ 25,000 • IRM Client for Documents Bundle ST $ 200

  15. Value Proposition for Manufacturing Value Proposition Sharing product specifications and design information with OEM partners Protecting Intellectual Property contained in RFPs Outsourcing design data, sensitive price lists, and proposals to prospective suppliers

  16. Share product specifications, design information, pricelists and proposals with OEM partners and prospective suppliers Data can be viewed only by the intended recipients within the partner Information cannot be copied or forwarded to competitors Dynamically recall or change permissions when the relationship changes Protect intellectual property contained within RFP’s Information can be expired after the RFP process is complete Protect internal R&D data Prevent R&D data from being accessed outside the organization and only accessible to authorized users When an employee leaves the organization, revoke their access to stored material Executive communications: Centrally enforce policies that restrict access to sensitive information and communications Protects, manages, and tracks access to sensitive information right from the desktop Manufacturing – Common use cases

  17. Value Proposition for Financial Services Value Proposition Securing non-public information Distribution of high-value research Protecting online deal rooms Securing internal executive communications

  18. Distribution of high value research information Allow information to be shared, but only by users who have paid for the content Dynamic watermarks can deter forwarding the information. Online Deal Rooms, share sensitive company data with acquisition prospects Allow data to be shared faster, electronically rather than hard copy Central and continuous audit and activity trail for material Expire all distributed information once process is complete Securing non-public information to process transactions Management and protection of information throughout the entire lifecycle of the transaction Embargo and final expiration of all distributed material Compliance, such as Sarbanes-Oxley, CA1386, GLB Continuous audit trail for material throughout its life When encryption is used, the company is no longer obliged to notify customers Financial Services – Common use cases

  19. Value Proposition for Healthcare and Pharma Value Proposition Safeguarding patient records and communications Protecting confidential organizational information Executive communication with external advisors

  20. Clinical development processes and test results Results and reports protected with a persistent policy - only authorized users have access, wherever it is located Version control to expire outdated test results and procedures Preventing premature public disclosure Premature disclosure of patent information Disclaimers and NDA’s are insufficient, difficult to enforce Pharmaceutical – Common use cases

  21. Securing internal Human Resource information Centrally enforce policies that restrict access to sensitive HR information Content owner protects, manages, and tracks access to sensitive information right from their desktop Central and continuous audit and activity trail Compliance, such as HIPAA E-mail can be automatically scanned for personal healthcare information (PHI), then encrypted and securely delivered to the intended recipient‘ Enables healthcare provides to freely collaborate electronically on patient records and other sensitive information. Centers for Medicare & Medicaid Services (CMS) rules. Comprehensive and persistent security required for CMS business. Healthcare – Common use cases

  22. Secure information dissemination Faster dissemination to more people without compromising security, replaces secure faxes and couriers Higher security and greater accountability The right people get the required information at the right time Inter-agency information sharing Enables different agencies to do cross-domain sharing and maintain ORCON Replaces the issue of “trust” that inhibits information sharing. Supports Communities of Interest (COI) Government – Common use cases

  23. Value Positioning Business and/or Financial and/or Operational Value + The primary source of value for IRM is the protection of your intellectual property, trade secrets, customer information, confidential communications, and employee records. Key Measurements + Failure to comply with regulations may result in corporate fines in excess $1 million and a potential jail sentence for the responsible executives in excess of 20 years The financial impact of having a competitor steal your IP or a new product plan could cost your company $ millions of dollars.

  24. Customer Problem This type of occurrence will often be reported in the press. Do a Google search to see if there are occurrences you can reference. Losing IP contained in RFPs • • Intellectual property contained in RFPs is often shared with external users and contractors in the same environment where competitor information is held. • • If data is lost, new business may suffer • Protecting IP contained in RFPs • • Allows data to be shared, but only by authorized users. • • Ensures data is not forwarded to competitors • • Information can be made to expire after the RFP process is complete This is a very common customer problem with organizations that design and manufacture complex products or technology overseas. • Outsourcing design data, sensitive price lists, and proposals to prospective suppliers: • • Working partners (semiconductor foundries, sales agents, etc) who are external and may be working with competitive companies put information at risk • • Sensitive data must not leaked to the competition • • Difficult to enforce NDA and MOA with partners • Sharing product specifications and design information with OEM partners • • Allows data to be shared faster electronically, because of higher security • • Information is persistently protected no matter where is resides • • Central and continuous audit of activity • • Ability to dynamically recall or change permissions when the partnership changes • • Replace tedious paper processes that gave a false e sense of security

  25. Customer Problem This is very important for publicly traded companies and companies that may be getting acquired. Leakage of Internal executive communications to the press or general public. • Need to prevent unintended disclosures of sensitive documents relating to organizational restructuring, financial reporting, and mergers and acquisitions. • Need to protect audit information and preliminary financial results • Actively contronl and securing all Internal executive communications • • Helps companies apply internal controls over sensitive content and high risk communications • • Centrally enforce data policies that restrict access to sensitive information. • • Content owners protect, manage, and track access to sensitive information right from their desktop. • • Centralized auditing helps organizations continuously track information access throughout its lifecycle.

  26. Competitor Overview Microsoft Adobe Overview • Product is Rights Management Services (RMS) • Only supports Office 2003+ (no PDF) • Store encryption keys on the client • No support for external user requirements like Active Directory Overview • Product is Lifecycle Policy Server • Only support PDF • Supports Adobe Acrobat 7.0+ • Very small number of know installations Liquid Machines Sealed Media Overview • Partner and integrate with Microsoft RMS • No integrated platform for email and documents • No document management system integrations • Less than 20 customers • No ability to track or modify the policy within the app Overview • EMC Business Partner • Recently acquired by …… • “Seal” the application vs. natively integrate • Do not integrate with LDAO • Focus on publishing model

  27. Key Differentiators • We support more file formats than all our competitors combined • Tightly integrated with eRoom and Documentum • Largest install base • Broader deployment options • Ease of deployment and policy management • Well tested and proven technology

  28. Topics To Help You Qualify Qualifiers • Looking for more security and control of your most sensitive information? • In what areas of your business do you share your most sensitive information? • How do you currently enforce security policies to protect your most sensitive information? • What formats are your most sensitive information in (pdf, Word, Excel, ppt, email, etc)? • What would the impact be to your business if this information got into the wrong hands? • Any projects on either compliance or information security? • Are you considering any software purchases to support compliance initiatives such as records management, SOX, litigation or eDiscovery support. • Does your organization store any employee, customer or member information that could be used in identity theft is the information were exposed, stolen or lost? • Does your organization have tools to control the use and distribution of confidential information? Information such as Business Development activities, Board of Director discussions, HR matters… • Is the organization experiencing a massive accumulation of digital, stored, content or information? And if so, is anyone in Senior Mgmt or IT concerned with the litigation expense and risks associated with that content build-up?

  29. How do I access content if I am not connected to a network of any type? What if the server crashes and we lose all our encryption keys? Is your encryption compatible with Microsoft and Adobe? Why do I have to install a client plug-in? Customer Objection Handling

  30. IRM Service for eRoom Protect and maintain control of documents shared via eRoom Content from ‘tagged’ folders is automatically protected User privileges (open, print, edit, copy/paste) to downloaded documents can be modified at any time eRoom managers can ensure ‘latest versions only’ are available for use outside of the eRoom, previous copies expire Generates a complete audit trail of who has accessed documents and what they have done with them outside of the eRoom Secure Collaboration

  31. IRM Service for Documentum IRM-enable cabinets, folders or files IRM policy inherited when a document is imported Use DCTM acl’s for internal users and Authentica policy templates for external users Automated, distributed version control and redirection for update Delete distributed documents when versioned or when deleted from docbase Optionally set auto protection of primary rendition Maintain central audit for all activity associated with a managed document Workflow and lifecycle methods Ability to apply protection and manipulate policy as part of a workflow or lifecycle Secure Publishing

  32. Network Corporate VPN Partner Network Partner A Reader Internet Connection Consolidated Storage IRM Publishing workflow EMC Information Rights Management (Authentica) Saves & Assigns Access Rights Creates a Document Author Reviewer Hacker Policy Manager

  33. IRM for Documentum Features Key Features • Seamless IRM integration: • Cabinet, Folder and File based protection • Single Sign On with Webtop/DA • Uses Documentum Policies and ACL’s • Automatic protection of imported documents: • Adobe PDF, Microsoft Word, Excel and PowerPoint Control access rights and privileges even after the document leaves Documentum Automatic document updates when a new version is available Allows externally defined users

  34. Using IRM with Documentum • Natively integrated with the Documentum user experience • A natural extension, assigning IRM Profiles for the use of Folders and files • Worked example: Look at the Administration options Create a new IRM Profile Create a new folder and assign an IRM Profile to it Import a Word document See how the protection is applied