IT Infrastructure will keep growing exponentially with devices becoming smaller, increasingly mobile and capable of carrying large data loads. Add to this, previously unidentified data sources like hard drives on photocopiers and it is obvious that the cup of risks handled by the CISO runneth over.

Information Security controls were applied at the infrastructure level to secure supporting hardware / software and communication paths. Later, risks were identified at user level and the industry was faced with the need to plug data distribution (leakage) points like external drives, CD/DVD writers, WiFi, USB drives etc – so they started using End-point security solutions. The end-point stopped the leak of but this affected legitimate traffic too creating a bottleneck for business. Specialist solutions for Data Leak Prevention / Data Loss Prevention (DLP) were developed to distinguish between authorized and unauthorized data traffic and the end-point solution became part of the larger suite.

The DLP solution safeguards data on the network but is inadequate in providing continued safety beyond the corporate network. This missing and crucial link in the security chain must be in place to ensure control on the data and this functionality is provided by Information Rights Management (IRM) solutions, as the FileSecure solution from Seclore Technology.

Data assets (files, information, etc) must be protected throughout the lifecycle from creation to archiving or destruction and this requirement is a bigger challenge when data is in transit or moves outside the organization perimeter. Since DLP cannot (dynamically) distinguish between authorized and unauthorized users or assign or de-assign user rights it misses on addressing a big risk in the lifecycle. IRM will, effectively and dynamically, manage and control user rights and actions. New-age IRM solutions allow organizations in securing data assets like documents and emails and to exercise control on the distribution, availability and access rights. Seclore FileSecure is a solution leader in the IRM space and provides rights management of over 100 document formats with strong controls on data access and availability.

Complete control on data is enabled once it has been protected by the IRM system. The data creator can specify who will be able to access the data, what actions can be performed, when can these actions be performed and where.

For example anyone who creates a document can specify particular persons or groups from within the organization or outside that are authorized to have access to the same [who]. Further security is enabled by restricting or allowing printing, copying, editing [what]; specifying a time and date window for data access [when] and the network location from where access will be allowed [where]. These attributes and their additional features provide granular security controls on data providing a greater level of control over DLP technology.

Organizations face the risk of data loss when an employee moves to a competitor and, if IRM protection is enabled, this risk is effectively contained. The departing employee will be denied access automatically when the user ID is disabled in the corporate directory.

The Seclore IRM solutions, FileSecure and InfoSource, provide effective safeguards for over 140 data file formats including .doc, .xls, .ppt, AutoCAD among others. Data security can be enforced by individual users or can be applied at the enterprise level by implanting organization-wide policies.

IRM implementation helps in meeting compliance requirements set forth by various industry standards, frameworks and guidelines and by regulatory bodies. A number of standards like ISO27001, PCI-DSS, SAS70, among others, mandate the necessity to continuously maintain the security of data at rest and when shared or in transit using encryption technologies. Seclore solutions use military grade encryption algorithms to secure the access rights to valuable data. In addition, the IRM solution helps meet other requirements like data labelling, data classification, user identity management.

Inclusion of the Seclore FileSecure IRM solution thus addresses the incomplete security status provided by a DLP system. The Seclore solution integrates seamlessly with the popular DLP products and is designed to provide user friendly secure rights management.

So if you have implemented a DLP solution, or you are considering one – make sure you check if you will be able to [a] assign (or deassign) access rights for the data/document; [b] be able to classify documents at time of creation; [c] control the availability of the data/document by time or date or restrict it’s access to a particular machine; [d] automatically restrict access by personnel who have left the organization. .. and more. Then assess the risk of not being able to do all this and it will be obvious that an IRM solution is needed giving many reasons to build the business case for the essential inclusion of IRM to complete the promise of DLP.

Vishal Gupta , Founder and CEO of Seclore