SlideShare ist ein Scribd-Unternehmen logo

18 Tips of IRM - Making IRM Work for You

Secure Islands - Data Security Policy
Secure Islands - Data Security Policy

Secure Islands provides IRM protection, and takes it to the next level by adding a simple and powerful management layer. http://www.secureislands.com/irm/

Technologie
1 von 22
Downloaden Sie, um offline zu lesen
Yuval Eldar, CTO September 2014 Making IRM Work for You
Why IRM? Never before has enterprise IT enabled such extreme productivity. In the borderless, social enterprise, more data is shared between more people in more places, resulting in a radically more creative and collaborative work environment. This open world of sharing has facilitated a revolution both in business and society. It has also created unprecedented dangers. Because the consumerization and externalization of IT have made traditional information security models obsolete. Perimeter defenses were relevant when IT environments could be segregated. Today, where information resides and from what device it is accessed is irrelevant. The only relevant question is: who can access it? As the unique dangers of the borderless enterprise became apparent, forward- thinking CISOs have turned from perimeter-centric information security paradigms like Data Leakage Prevention (DLP) to data-centric security paradigms like Information Rights Management (IRM). IRM relates to the security of data as data, wherever it is – in motion, at rest, or in use.
Tip 1: Choose Your IRM Engine Vendor Wisely Before we even talk about your IRM Enabler Solution, let’s consider what IRM Engine you choose. By definition, you will be granting the “keys to your castle” to your IRM Engine vendor. Make sure the company you choose is reliable, stable, and known. More importantly, make sure your vendor has shown a long-term, unwavering commitment to IRM. Some big players, notably Oracle, have abandoned the model, and left invested users hanging. Other smaller players have great tech and attractive business models – but can you be sure they’ll be around tomorrow? In truth, there’s only one player that can currently answer all these criteria: Microsoft.
Tip 2: Take the User Out of the Equation (When Possible) From both a security and usability point of view, IRM protection should be seamless and automatic, whenever possible. To this end, choose a classification-based IRM Enabler Solution. Classification should be intelligent, and flexible enough to deliver the full scope of classification options - from automatic classification which can identify data seamlessly through content and context attributes, via system recommendations, and including user-based classification, empowering authorized data owners to be responsible for applying their own appropriate classifications
Tip 3: Keep Security In-Line with Enterprise Policy Everything your enterprise does is driven and defined by policy. Security, and specifically your IRM solution, should be no different. To achieve the precise level of protection that your organization requires and keep security in- line with business goals, your IRM Enabler Solution should be policy-based. In addition to being driven by enterprise decisions, your solution of choice should be flexible and agile enough to align with both classification and policy standards - current and future.
Tip 4: Maximize Your Coverage There is life beyond MS Office. Your IRM Enabler Solution should cover information from all enterprise productivity tools. IRM protection should be applied to all types of sensitive information - from any source, at any stage of the data lifecycle – not just from MS Office applications. Your IRM Enabler Solution should of course protect unstructured information. Moreover, it should be able to deal with the reality that even structured information does not necessarily remain structured. For example, you may be confident that your CRM system is effectively protected, but what about reports generated by that system? Are there other enterprise-level systems whose day-to-day usage puts your sensitive information at risk?
Tip 5: How Much Integration is Acceptable? Zero! Especially for broad-scope end-user systems like IRM - integration with existing and future systems is a resource drain and productivity- killer. It is mission-critical for your IRM solution to work seamlessly and scale with any existing and future enterprise systems. Sensitive information can originate in hundreds or even thousands of applications – from ERP systems like SAP, through CRMs like Salesforce.com, to ECM repositories, on premises or off premises, and beyond. Make sure your IRM Enabler Solution is based on a model that can seamlessly integrate with any possible source, and any number of diverse sources, today and in the future.
Tip 6: Make Sure It’s Application-Agnostic Many IRM solutions are completely application- dependent, and not enough applications in use are IRM-ready. Secure content needs to be accessible, and seamlessly usable, by authorized parties even in non-IRM-enabled applications. Make sure your IRM Enabler Solution delivers transparent access to sensitive information to authorized users of any application - without clumsy workarounds like changing file extensions, and without impacting workflow.
Tip 7: Entitlement Management Integration Protect your investment in entitlement management! You may have already invested, or be considering investing, in entitlement management software. Alternately, you may be using the existing entitlements module of your Line of Business Apps. Either way, IRM can still be an excellent complement to your security toolbox, helping administer the complex world of enterprise authorizations, privileges, access rights, permissions and rules. However, you need to make sure that the same access and permissions which are used in the application/share/document library (or other entitlement sources) will propagate also to IRM-protected data assets - without replicating permission models.
Tip 8: Compliance is King, Bow Down! Everything you do needs to be compliance-ready, including IRM. When choosing an IRM Enabler Solution, make sure IRM-protected content can still be indexed and searched by journaling software like Symantec Enterprise Vault, HP Autonomy, and other compliance-focused products.
Tip 9: Don’t Hinder ECM & DMS Productivity Safeguard investments in Enterprise Content Management (ECM) and Document Management Systems (DMS), and keep workflows moving. To maintain security and compartmentalization, sensitive information should remain protected even when stored in secure ECMDMS systems like MS SharePoint, OpenText, Documentum, and more. This is especially clear in light of recent authorized super-user breaches like that of NSA sub-contractor Edward Snowden. However, to maintain peak productivity, make sure your IRM- protected content can be seamlessly indexed, searched and accessed via these systems.
Tip 10: Is Protection Dynamic? As context changes, the sensitivity of information changes. Once protected by your IRM Enabler Solution, make sure your sensitive information can be made more widely available when relevant – automatically and according to centrally-managed policy. For example, can the security classification of corporate financial statements be automatically revised enterprise- wide once a “quiet period” has passed, or does this need to be done manually? Can the protection of a document be extended transparently when a data owner sends it to a third party, who was not originally included in the permission list?
Tip 11: The Content That Was There was life before IRM. You have millions of files in your repositories, generated long before your IRM solution came online. What about them? Your IRM Enabler Solution of choice should seek out and protect content generated in the past, as well ensuring the security of newly-generated items.
Tip 12: Must Have: Powerful Reporting Tools For auditing, compliance and policy-making – powerful reporting capabilities are crucial. In today’s regulatory and security environment, keeping security policy in-line with real-world usage, quantifying exposure (internal and external) for effective risk assessment, and maintaining strict auditing, usage trend analysis and forensics capabilities are mission-critical. Make sure your IRM Enabler Solution is up to speed from a reporting point of view.
Tip 13: SIEMSOC Compatibility Ensure that your IRM Enabler Solution works with your security dashboard. To avoid multiple points of control for key security systems, you have probably invested in a SIEM or SOC solution. Treat your IRM Enabler Solution just like any other mission-critical security system, and make sure it integrates seamlessly with your SIEMSOC of choice.
Tip 14: Anti-Tampering Any security solution needs to be secure itself. To enforce any kind of policy-derived security, it’s important to eliminate the possibility of enduser tampering. Make sure your IRM Enabler Solution has solid anti-tampering mechanisms that systematically ensure continuous operation, and alert you if endusers try to disable agents – whether maliciously or accidentally.
Tip 15: Continuous Health Monitoring Policy-derived security has to run 24/7/365. Since your IRM Enabler Solution will be performing mission-critical enterprise functions, make sure that it contains health and operation monitoring components to maintain maximum control over all IRM modules from a centralized location.
Tip 16: Anti-Virus and Anti-Malware Network threats still exist, even when information is protected. Viruses and malware can exploit the use of IRM- protected data to disguise malicious actions, and targeted attacks could easily do the same. Make sure your IRM-protected content remains fully accessible to key network and host-based security utilities like anti-virus and anti-malware.
Tip 17: It’s a BYOD World Ensure seamless productivity in the Bring Your Own Device (BYOD) IT environment. In the BYOD era, you need to guarantee that IRM- protected content can be accessed on any device, including mobile. Also, to ensure maximum productivity on the go, your IRM Enabler Solution needs to work seamlessly with Mobile Device Management (MDM) solutions like Good, AirWatch, MobileIron, and others.
Tip 18: Get the Most for Your Money Like any high-end purchase, your IRM Enabler Solution should exceed expectations. In today’s budget-sensitive IT climate, flexible, multi-purpose solutions that deliver the most “bang for your buck” are the rule. Make sure the IRM Enabler Solution you choose can do more than “just” IRM. A multi-purpose IRM Enabler Solution should be able to offer hybrid, borderless DLP functionality. It should offer cloud security, secure collaboration and information sharing. And, it goes without saying, it should be organically compatible with the whole of your perimeter-free security environment.
Conclusion IRM has the potential to enable a new level of information security for your enterprise. However, mainstream IRM Engines are not sufficiently featured to smoothly integrate into existing business processes. When choosing an IRM Enabler Solution, both security and productivity should be considered. An enduser-facing security solution is only as effective as its weakest link: the enduser. And today’s endusers present a world of previously-unthinkable demands. They need to work from their device of choice, on their productivity tools of choice – and, for them, security considerations are secondary, at best. By choosing an IRM Enabler Solution that smoothly integrates into existing workflow and delivers the cutting-edge information security that your enterprise needs, you can enjoy the best of both worlds.
About Secure Islands Secure Islands develops and markets advanced Information Protection and Control (IPC) solutions for the borderless enterprise. Offering policy-driven classification and protection for unstructured data, Secure Islands lays the foundation for sensitive information security in enterprises as they shift from perimeter defense to persistent protection. Secure Islands' holistic approach literally redefines information security and assists the enterprise in regaining control by identifying, classifying and protecting sensitive information throughout its lifecycle. Founded in 2006 and headquartered in Israel, the company’s solutions are deployed in top-tier Fortune 500 firms and government agencies worldwide. For more information, please visit www.secureislands.com.

Empfohlen

Information Rights Management (IRM)
Information Rights Management (IRM)Information Rights Management (IRM)
Information Rights Management (IRM)Network Intelligence India
 
What is IRM? bright talk
What is IRM? bright talkWhat is IRM? bright talk
What is IRM? bright talkritupande
 
Seclore: Information Rights Management
Seclore: Information Rights ManagementSeclore: Information Rights Management
Seclore: Information Rights ManagementRahul Neel Mani
 
20100224 Presentation at RGIT Mumbai - Information Security Awareness
20100224 Presentation at RGIT Mumbai - Information Security Awareness20100224 Presentation at RGIT Mumbai - Information Security Awareness
20100224 Presentation at RGIT Mumbai - Information Security AwarenessDinesh O Bareja
 
Classification-HowToBoostInformationProtection
Classification-HowToBoostInformationProtectionClassification-HowToBoostInformationProtection
Classification-HowToBoostInformationProtectionGianmarco Ferri
 
An Integrated, Intelligent Approach to Security
An Integrated, Intelligent Approach to SecurityAn Integrated, Intelligent Approach to Security
An Integrated, Intelligent Approach to SecurityGerard McNamee
 
Compliance is a pit stop – your destination lies ahead
Compliance is a pit stop – your destination lies aheadCompliance is a pit stop – your destination lies ahead
Compliance is a pit stop – your destination lies aheadIBM Security
 
Information security.pptx
Information security.pptxInformation security.pptx
Information security.pptxGovt. P.G. College Sendhwa, Barwani (M.P.)
 

Empfohlen

Information Rights Management (IRM)
Information Rights Management (IRM)Information Rights Management (IRM)
Information Rights Management (IRM)Network Intelligence India
 
What is IRM? bright talk
What is IRM? bright talkWhat is IRM? bright talk
What is IRM? bright talkritupande
 
Seclore: Information Rights Management
Seclore: Information Rights ManagementSeclore: Information Rights Management
Seclore: Information Rights ManagementRahul Neel Mani
 
20100224 Presentation at RGIT Mumbai - Information Security Awareness
20100224 Presentation at RGIT Mumbai - Information Security Awareness20100224 Presentation at RGIT Mumbai - Information Security Awareness
20100224 Presentation at RGIT Mumbai - Information Security AwarenessDinesh O Bareja
 
Classification-HowToBoostInformationProtection
Classification-HowToBoostInformationProtectionClassification-HowToBoostInformationProtection
Classification-HowToBoostInformationProtectionGianmarco Ferri
 
An Integrated, Intelligent Approach to Security
An Integrated, Intelligent Approach to SecurityAn Integrated, Intelligent Approach to Security
An Integrated, Intelligent Approach to SecurityGerard McNamee
 
Compliance is a pit stop – your destination lies ahead
Compliance is a pit stop – your destination lies aheadCompliance is a pit stop – your destination lies ahead
Compliance is a pit stop – your destination lies aheadIBM Security
 
Information security.pptx
Information security.pptxInformation security.pptx
Information security.pptxGovt. P.G. College Sendhwa, Barwani (M.P.)
 
Term assignment
Term assignmentTerm assignment
Term assignmentJenny Shimbashi
 
Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Aga...
Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Aga...Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Aga...
Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Aga...Fasoo
 
Take your SOC Beyond SIEM
Take your SOC Beyond SIEMTake your SOC Beyond SIEM
Take your SOC Beyond SIEMThomas Springer
 
IBM Insight 2015 - Security Sessions Roadmap
IBM Insight 2015 - Security Sessions RoadmapIBM Insight 2015 - Security Sessions Roadmap
IBM Insight 2015 - Security Sessions RoadmapIBM Security
 
Hiring Guide to the Information Security Profession
Hiring Guide to the Information Security ProfessionHiring Guide to the Information Security Profession
Hiring Guide to the Information Security Professionamiable_indian
 
Information Security It's All About Compliance
Information Security It's All About ComplianceInformation Security It's All About Compliance
Information Security It's All About ComplianceDinesh O Bareja
 
Protect your critical business information with information security solution...
Protect your critical business information with information security solution...Protect your critical business information with information security solution...
Protect your critical business information with information security solution...IBM India Smarter Computing
 
Protect your critical business information with information security solution...
Protect your critical business information with information security solution...Protect your critical business information with information security solution...
Protect your critical business information with information security solution...IBM India Smarter Computing
 
The importance of information security
The importance of information securityThe importance of information security
The importance of information securityethanBrownusa
 
DSS ITSEC 2013 Conference 07.11.2013 - IBM Security Strategy
DSS ITSEC 2013 Conference 07.11.2013 - IBM Security StrategyDSS ITSEC 2013 Conference 07.11.2013 - IBM Security Strategy
DSS ITSEC 2013 Conference 07.11.2013 - IBM Security StrategyAndris Soroka
 
Presentation ibm info sphere guardium enterprise-wide database protection a...
Presentation ibm info sphere guardium enterprise-wide database protection a...Presentation ibm info sphere guardium enterprise-wide database protection a...
Presentation ibm info sphere guardium enterprise-wide database protection a...solarisyougood
 
Peter Allor - The New Era of Cognitive Security
Peter Allor - The New Era of Cognitive SecurityPeter Allor - The New Era of Cognitive Security
Peter Allor - The New Era of Cognitive Securityscoopnewsgroup
 
The importance of information security nowadays
The importance of information security nowadaysThe importance of information security nowadays
The importance of information security nowadaysPECB
 
IBM Security Portfolio - 2015
IBM Security Portfolio - 2015IBM Security Portfolio - 2015
IBM Security Portfolio - 2015IBM Thailand Co Ltd
 
Secure Islands Case Study - Financial Firm Implements Enhanced DLP
Secure Islands Case Study - Financial Firm Implements Enhanced DLPSecure Islands Case Study - Financial Firm Implements Enhanced DLP
Secure Islands Case Study - Financial Firm Implements Enhanced DLPSecure Islands - Data Security Policy
 
Information security
Information securityInformation security
Information securitySanjay Tiwari
 
Information Security Governance: Government Considerations for the Cloud Comp...
Information Security Governance: Government Considerations for the Cloud Comp...Information Security Governance: Government Considerations for the Cloud Comp...
Information Security Governance: Government Considerations for the Cloud Comp...Booz Allen Hamilton
 
Avoiding data breach using security intelligence and big data to stay out of ...
Avoiding data breach using security intelligence and big data to stay out of ...Avoiding data breach using security intelligence and big data to stay out of ...
Avoiding data breach using security intelligence and big data to stay out of ...IBM Security
 
DFlabs corporate profile 01-2013
DFlabs corporate profile 01-2013DFlabs corporate profile 01-2013
DFlabs corporate profile 01-2013DFLABS SRL
 
Prinya acis slide for swpark - it & information security human resource deve...
Prinya acis slide for swpark - it & information security human resource deve...Prinya acis slide for swpark - it & information security human resource deve...
Prinya acis slide for swpark - it & information security human resource deve...TISA
 
18 Tips for Data Classification - Data Sheet by Secure Islands
18 Tips for Data Classification - Data Sheet by Secure Islands18 Tips for Data Classification - Data Sheet by Secure Islands
18 Tips for Data Classification - Data Sheet by Secure IslandsSecure Islands - Data Security Policy
 
Securing a mobile oriented enterprise
Securing a mobile oriented enterpriseSecuring a mobile oriented enterprise
Securing a mobile oriented enterpriseinfra-si
 

Weitere ähnliche Inhalte

Was ist angesagt?

Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Aga...
Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Aga...Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Aga...
Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Aga...Fasoo
 
Take your SOC Beyond SIEM
Take your SOC Beyond SIEMTake your SOC Beyond SIEM
Take your SOC Beyond SIEMThomas Springer
 
IBM Insight 2015 - Security Sessions Roadmap
IBM Insight 2015 - Security Sessions RoadmapIBM Insight 2015 - Security Sessions Roadmap
IBM Insight 2015 - Security Sessions RoadmapIBM Security
 
Hiring Guide to the Information Security Profession
Hiring Guide to the Information Security ProfessionHiring Guide to the Information Security Profession
Hiring Guide to the Information Security Professionamiable_indian
 
Information Security It's All About Compliance
Information Security It's All About ComplianceInformation Security It's All About Compliance
Information Security It's All About ComplianceDinesh O Bareja
 
Protect your critical business information with information security solution...
Protect your critical business information with information security solution...Protect your critical business information with information security solution...
Protect your critical business information with information security solution...IBM India Smarter Computing
 
Protect your critical business information with information security solution...
Protect your critical business information with information security solution...Protect your critical business information with information security solution...
Protect your critical business information with information security solution...IBM India Smarter Computing
 
The importance of information security
The importance of information securityThe importance of information security
The importance of information securityethanBrownusa
 
DSS ITSEC 2013 Conference 07.11.2013 - IBM Security Strategy
DSS ITSEC 2013 Conference 07.11.2013 - IBM Security StrategyDSS ITSEC 2013 Conference 07.11.2013 - IBM Security Strategy
DSS ITSEC 2013 Conference 07.11.2013 - IBM Security StrategyAndris Soroka
 
Presentation ibm info sphere guardium enterprise-wide database protection a...
Presentation ibm info sphere guardium enterprise-wide database protection a...Presentation ibm info sphere guardium enterprise-wide database protection a...
Presentation ibm info sphere guardium enterprise-wide database protection a...solarisyougood
 
Peter Allor - The New Era of Cognitive Security
Peter Allor - The New Era of Cognitive SecurityPeter Allor - The New Era of Cognitive Security
Peter Allor - The New Era of Cognitive Securityscoopnewsgroup
 
The importance of information security nowadays
The importance of information security nowadaysThe importance of information security nowadays
The importance of information security nowadaysPECB
 
Information security
Information securityInformation security
Information securitySanjay Tiwari
 
Information Security Governance: Government Considerations for the Cloud Comp...
Information Security Governance: Government Considerations for the Cloud Comp...Information Security Governance: Government Considerations for the Cloud Comp...
Information Security Governance: Government Considerations for the Cloud Comp...Booz Allen Hamilton
 
Avoiding data breach using security intelligence and big data to stay out of ...
Avoiding data breach using security intelligence and big data to stay out of ...Avoiding data breach using security intelligence and big data to stay out of ...
Avoiding data breach using security intelligence and big data to stay out of ...IBM Security
 
DFlabs corporate profile 01-2013
DFlabs corporate profile 01-2013DFlabs corporate profile 01-2013
DFlabs corporate profile 01-2013DFLABS SRL
 
Prinya acis slide for swpark - it & information security human resource deve...
Prinya acis slide for swpark - it & information security human resource deve...Prinya acis slide for swpark - it & information security human resource deve...
Prinya acis slide for swpark - it & information security human resource deve...TISA
 

Was ist angesagt? (20)

Term assignment
Term assignmentTerm assignment
Term assignment
 
Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Aga...
Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Aga...Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Aga...
Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Aga...
 
Take your SOC Beyond SIEM
Take your SOC Beyond SIEMTake your SOC Beyond SIEM
Take your SOC Beyond SIEM
 
IBM Insight 2015 - Security Sessions Roadmap
IBM Insight 2015 - Security Sessions RoadmapIBM Insight 2015 - Security Sessions Roadmap
IBM Insight 2015 - Security Sessions Roadmap
 
Hiring Guide to the Information Security Profession
Hiring Guide to the Information Security ProfessionHiring Guide to the Information Security Profession
Hiring Guide to the Information Security Profession
 
Information Security It's All About Compliance
Information Security It's All About ComplianceInformation Security It's All About Compliance
Information Security It's All About Compliance
 
Protect your critical business information with information security solution...
Protect your critical business information with information security solution...Protect your critical business information with information security solution...
Protect your critical business information with information security solution...
 
Protect your critical business information with information security solution...
Protect your critical business information with information security solution...Protect your critical business information with information security solution...
Protect your critical business information with information security solution...
 
The importance of information security
The importance of information securityThe importance of information security
The importance of information security
 
DSS ITSEC 2013 Conference 07.11.2013 - IBM Security Strategy
DSS ITSEC 2013 Conference 07.11.2013 - IBM Security StrategyDSS ITSEC 2013 Conference 07.11.2013 - IBM Security Strategy
DSS ITSEC 2013 Conference 07.11.2013 - IBM Security Strategy
 
Presentation ibm info sphere guardium enterprise-wide database protection a...
Presentation ibm info sphere guardium enterprise-wide database protection a...Presentation ibm info sphere guardium enterprise-wide database protection a...
Presentation ibm info sphere guardium enterprise-wide database protection a...
 
Peter Allor - The New Era of Cognitive Security
Peter Allor - The New Era of Cognitive SecurityPeter Allor - The New Era of Cognitive Security
Peter Allor - The New Era of Cognitive Security
 
The importance of information security nowadays
The importance of information security nowadaysThe importance of information security nowadays
The importance of information security nowadays
 
IBM Security Portfolio - 2015
IBM Security Portfolio - 2015IBM Security Portfolio - 2015
IBM Security Portfolio - 2015
 
Secure Islands Case Study - Financial Firm Implements Enhanced DLP
Secure Islands Case Study - Financial Firm Implements Enhanced DLPSecure Islands Case Study - Financial Firm Implements Enhanced DLP
Secure Islands Case Study - Financial Firm Implements Enhanced DLP
 
Information security
Information securityInformation security
Information security
 
Information Security Governance: Government Considerations for the Cloud Comp...
Information Security Governance: Government Considerations for the Cloud Comp...Information Security Governance: Government Considerations for the Cloud Comp...
Information Security Governance: Government Considerations for the Cloud Comp...
 
Avoiding data breach using security intelligence and big data to stay out of ...
Avoiding data breach using security intelligence and big data to stay out of ...Avoiding data breach using security intelligence and big data to stay out of ...
Avoiding data breach using security intelligence and big data to stay out of ...
 
DFlabs corporate profile 01-2013
DFlabs corporate profile 01-2013DFlabs corporate profile 01-2013
DFlabs corporate profile 01-2013
 
Prinya acis slide for swpark - it & information security human resource deve...
Prinya acis slide for swpark - it & information security human resource deve...Prinya acis slide for swpark - it & information security human resource deve...
Prinya acis slide for swpark - it & information security human resource deve...
 

Ähnlich wie 18 Tips of IRM - Making IRM Work for You

Securing a mobile oriented enterprise
Securing a mobile oriented enterpriseSecuring a mobile oriented enterprise
Securing a mobile oriented enterpriseinfra-si
 
IBM MobileFirst Protect (MaaS360) : Rendre la Messagerie Mobile Gérable et Sé...
IBM MobileFirst Protect (MaaS360) : Rendre la Messagerie Mobile Gérable et Sé...IBM MobileFirst Protect (MaaS360) : Rendre la Messagerie Mobile Gérable et Sé...
IBM MobileFirst Protect (MaaS360) : Rendre la Messagerie Mobile Gérable et Sé...AGILLY
 
Kista watson summit final public version
Kista watson summit final public versionKista watson summit final public version
Kista watson summit final public versionIBM Sverige
 
Cloud backup-for-endpoint-devices
Cloud backup-for-endpoint-devicesCloud backup-for-endpoint-devices
Cloud backup-for-endpoint-devicesIcomm Technologies
 
Application security (APP) and CRM or ERP extension solutions
Application security (APP) and CRM or ERP extension solutionsApplication security (APP) and CRM or ERP extension solutions
Application security (APP) and CRM or ERP extension solutionscharly simon
 
IBM - IAM Security and Trends
IBM - IAM Security and TrendsIBM - IAM Security and Trends
IBM - IAM Security and TrendsIBM Sverige
 
PSIM: Why Should I Be Interested?
PSIM: Why Should I Be Interested?PSIM: Why Should I Be Interested?
PSIM: Why Should I Be Interested?Adlan Hussain
 
Samsung SDS IAM & EMM for Healthcare
Samsung SDS IAM & EMM for HealthcareSamsung SDS IAM & EMM for Healthcare
Samsung SDS IAM & EMM for HealthcareSamsung SDS America
 
MaaS360 - Mobile Expense Management
MaaS360 - Mobile Expense ManagementMaaS360 - Mobile Expense Management
MaaS360 - Mobile Expense ManagementDarryl Miles
 
TOP SAILPOINT INTERVIEW QUESTION
TOP SAILPOINT INTERVIEW QUESTIONTOP SAILPOINT INTERVIEW QUESTION
TOP SAILPOINT INTERVIEW QUESTIONInfosec Train
 
Computrace Laptop Security Solutions
Computrace Laptop Security SolutionsComputrace Laptop Security Solutions
Computrace Laptop Security Solutionsabe8512000
 
ISACA New York Metro, Developing, Deploying and Managing a Risk-Adjusted Data...
ISACA New York Metro, Developing, Deploying and Managing a Risk-Adjusted Data...ISACA New York Metro, Developing, Deploying and Managing a Risk-Adjusted Data...
ISACA New York Metro, Developing, Deploying and Managing a Risk-Adjusted Data...Ulf Mattsson
 
7 IAM Best Practices to Secure Your Enterprise
7 IAM Best Practices to Secure Your Enterprise7 IAM Best Practices to Secure Your Enterprise
7 IAM Best Practices to Secure Your EnterpriseVinod K
 
Enterprise Mobility Management and its Challenges - Phdassistance.com
Enterprise Mobility Management and its Challenges - Phdassistance.comEnterprise Mobility Management and its Challenges - Phdassistance.com
Enterprise Mobility Management and its Challenges - Phdassistance.comPhD Assistance
 
report on Mobile security
report on Mobile securityreport on Mobile security
report on Mobile securityJAYANT RAJURKAR
 

Ähnlich wie 18 Tips of IRM - Making IRM Work for You (20)

18 Tips for Data Classification - Data Sheet by Secure Islands
18 Tips for Data Classification - Data Sheet by Secure Islands18 Tips for Data Classification - Data Sheet by Secure Islands
18 Tips for Data Classification - Data Sheet by Secure Islands
 
Securing a mobile oriented enterprise
Securing a mobile oriented enterpriseSecuring a mobile oriented enterprise
Securing a mobile oriented enterprise
 
IBM MobileFirst Protect (MaaS360) : Rendre la Messagerie Mobile Gérable et Sé...
IBM MobileFirst Protect (MaaS360) : Rendre la Messagerie Mobile Gérable et Sé...IBM MobileFirst Protect (MaaS360) : Rendre la Messagerie Mobile Gérable et Sé...
IBM MobileFirst Protect (MaaS360) : Rendre la Messagerie Mobile Gérable et Sé...
 
Kista watson summit final public version
Kista watson summit final public versionKista watson summit final public version
Kista watson summit final public version
 
Aensis Advanced Cybersecurity Solutions
Aensis Advanced Cybersecurity SolutionsAensis Advanced Cybersecurity Solutions
Aensis Advanced Cybersecurity Solutions
 
Cloud backup-for-endpoint-devices
Cloud backup-for-endpoint-devicesCloud backup-for-endpoint-devices
Cloud backup-for-endpoint-devices
 
CISO-Fundamentals
CISO-FundamentalsCISO-Fundamentals
CISO-Fundamentals
 
Application security (APP) and CRM or ERP extension solutions
Application security (APP) and CRM or ERP extension solutionsApplication security (APP) and CRM or ERP extension solutions
Application security (APP) and CRM or ERP extension solutions
 
IBM - IAM Security and Trends
IBM - IAM Security and TrendsIBM - IAM Security and Trends
IBM - IAM Security and Trends
 
PSIM: Why Should I Be Interested?
PSIM: Why Should I Be Interested?PSIM: Why Should I Be Interested?
PSIM: Why Should I Be Interested?
 
6 Ways to Fight the Data Loss Gremlins
6 Ways to Fight the Data Loss Gremlins6 Ways to Fight the Data Loss Gremlins
6 Ways to Fight the Data Loss Gremlins
 
Samsung SDS IAM & EMM for Healthcare
Samsung SDS IAM & EMM for HealthcareSamsung SDS IAM & EMM for Healthcare
Samsung SDS IAM & EMM for Healthcare
 
MaaS360 - Mobile Expense Management
MaaS360 - Mobile Expense ManagementMaaS360 - Mobile Expense Management
MaaS360 - Mobile Expense Management
 
TOP SAILPOINT INTERVIEW QUESTION
TOP SAILPOINT INTERVIEW QUESTIONTOP SAILPOINT INTERVIEW QUESTION
TOP SAILPOINT INTERVIEW QUESTION
 
Computrace Laptop Security Solutions
Computrace Laptop Security SolutionsComputrace Laptop Security Solutions
Computrace Laptop Security Solutions
 
SIEM Buyer's Guide
SIEM Buyer's GuideSIEM Buyer's Guide
SIEM Buyer's Guide
 
ISACA New York Metro, Developing, Deploying and Managing a Risk-Adjusted Data...
ISACA New York Metro, Developing, Deploying and Managing a Risk-Adjusted Data...ISACA New York Metro, Developing, Deploying and Managing a Risk-Adjusted Data...
ISACA New York Metro, Developing, Deploying and Managing a Risk-Adjusted Data...
 
7 IAM Best Practices to Secure Your Enterprise
7 IAM Best Practices to Secure Your Enterprise7 IAM Best Practices to Secure Your Enterprise
7 IAM Best Practices to Secure Your Enterprise
 
Enterprise Mobility Management and its Challenges - Phdassistance.com
Enterprise Mobility Management and its Challenges - Phdassistance.comEnterprise Mobility Management and its Challenges - Phdassistance.com
Enterprise Mobility Management and its Challenges - Phdassistance.com
 
report on Mobile security
report on Mobile securityreport on Mobile security
report on Mobile security
 

Kürzlich hochgeladen

04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 

Kürzlich hochgeladen (20)

04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 

18 Tips of IRM - Making IRM Work for You

  • 1. Yuval Eldar, CTO September 2014 Making IRM Work for You
  • 2. Why IRM? Never before has enterprise IT enabled such extreme productivity. In the borderless, social enterprise, more data is shared between more people in more places, resulting in a radically more creative and collaborative work environment. This open world of sharing has facilitated a revolution both in business and society. It has also created unprecedented dangers. Because the consumerization and externalization of IT have made traditional information security models obsolete. Perimeter defenses were relevant when IT environments could be segregated. Today, where information resides and from what device it is accessed is irrelevant. The only relevant question is: who can access it? As the unique dangers of the borderless enterprise became apparent, forward- thinking CISOs have turned from perimeter-centric information security paradigms like Data Leakage Prevention (DLP) to data-centric security paradigms like Information Rights Management (IRM). IRM relates to the security of data as data, wherever it is – in motion, at rest, or in use.
  • 3. Tip 1: Choose Your IRM Engine Vendor Wisely Before we even talk about your IRM Enabler Solution, let’s consider what IRM Engine you choose. By definition, you will be granting the “keys to your castle” to your IRM Engine vendor. Make sure the company you choose is reliable, stable, and known. More importantly, make sure your vendor has shown a long-term, unwavering commitment to IRM. Some big players, notably Oracle, have abandoned the model, and left invested users hanging. Other smaller players have great tech and attractive business models – but can you be sure they’ll be around tomorrow? In truth, there’s only one player that can currently answer all these criteria: Microsoft.
  • 4. Tip 2: Take the User Out of the Equation (When Possible) From both a security and usability point of view, IRM protection should be seamless and automatic, whenever possible. To this end, choose a classification-based IRM Enabler Solution. Classification should be intelligent, and flexible enough to deliver the full scope of classification options - from automatic classification which can identify data seamlessly through content and context attributes, via system recommendations, and including user-based classification, empowering authorized data owners to be responsible for applying their own appropriate classifications
  • 5. Tip 3: Keep Security In-Line with Enterprise Policy Everything your enterprise does is driven and defined by policy. Security, and specifically your IRM solution, should be no different. To achieve the precise level of protection that your organization requires and keep security in- line with business goals, your IRM Enabler Solution should be policy-based. In addition to being driven by enterprise decisions, your solution of choice should be flexible and agile enough to align with both classification and policy standards - current and future.
  • 6. Tip 4: Maximize Your Coverage There is life beyond MS Office. Your IRM Enabler Solution should cover information from all enterprise productivity tools. IRM protection should be applied to all types of sensitive information - from any source, at any stage of the data lifecycle – not just from MS Office applications. Your IRM Enabler Solution should of course protect unstructured information. Moreover, it should be able to deal with the reality that even structured information does not necessarily remain structured. For example, you may be confident that your CRM system is effectively protected, but what about reports generated by that system? Are there other enterprise-level systems whose day-to-day usage puts your sensitive information at risk?
  • 7. Tip 5: How Much Integration is Acceptable? Zero! Especially for broad-scope end-user systems like IRM - integration with existing and future systems is a resource drain and productivity- killer. It is mission-critical for your IRM solution to work seamlessly and scale with any existing and future enterprise systems. Sensitive information can originate in hundreds or even thousands of applications – from ERP systems like SAP, through CRMs like Salesforce.com, to ECM repositories, on premises or off premises, and beyond. Make sure your IRM Enabler Solution is based on a model that can seamlessly integrate with any possible source, and any number of diverse sources, today and in the future.
  • 8. Tip 6: Make Sure It’s Application-Agnostic Many IRM solutions are completely application- dependent, and not enough applications in use are IRM-ready. Secure content needs to be accessible, and seamlessly usable, by authorized parties even in non-IRM-enabled applications. Make sure your IRM Enabler Solution delivers transparent access to sensitive information to authorized users of any application - without clumsy workarounds like changing file extensions, and without impacting workflow.
  • 9. Tip 7: Entitlement Management Integration Protect your investment in entitlement management! You may have already invested, or be considering investing, in entitlement management software. Alternately, you may be using the existing entitlements module of your Line of Business Apps. Either way, IRM can still be an excellent complement to your security toolbox, helping administer the complex world of enterprise authorizations, privileges, access rights, permissions and rules. However, you need to make sure that the same access and permissions which are used in the application/share/document library (or other entitlement sources) will propagate also to IRM-protected data assets - without replicating permission models.
  • 10. Tip 8: Compliance is King, Bow Down! Everything you do needs to be compliance-ready, including IRM. When choosing an IRM Enabler Solution, make sure IRM-protected content can still be indexed and searched by journaling software like Symantec Enterprise Vault, HP Autonomy, and other compliance-focused products.
  • 11. Tip 9: Don’t Hinder ECM & DMS Productivity Safeguard investments in Enterprise Content Management (ECM) and Document Management Systems (DMS), and keep workflows moving. To maintain security and compartmentalization, sensitive information should remain protected even when stored in secure ECMDMS systems like MS SharePoint, OpenText, Documentum, and more. This is especially clear in light of recent authorized super-user breaches like that of NSA sub-contractor Edward Snowden. However, to maintain peak productivity, make sure your IRM- protected content can be seamlessly indexed, searched and accessed via these systems.
  • 12. Tip 10: Is Protection Dynamic? As context changes, the sensitivity of information changes. Once protected by your IRM Enabler Solution, make sure your sensitive information can be made more widely available when relevant – automatically and according to centrally-managed policy. For example, can the security classification of corporate financial statements be automatically revised enterprise- wide once a “quiet period” has passed, or does this need to be done manually? Can the protection of a document be extended transparently when a data owner sends it to a third party, who was not originally included in the permission list?
  • 13. Tip 11: The Content That Was There was life before IRM. You have millions of files in your repositories, generated long before your IRM solution came online. What about them? Your IRM Enabler Solution of choice should seek out and protect content generated in the past, as well ensuring the security of newly-generated items.
  • 14. Tip 12: Must Have: Powerful Reporting Tools For auditing, compliance and policy-making – powerful reporting capabilities are crucial. In today’s regulatory and security environment, keeping security policy in-line with real-world usage, quantifying exposure (internal and external) for effective risk assessment, and maintaining strict auditing, usage trend analysis and forensics capabilities are mission-critical. Make sure your IRM Enabler Solution is up to speed from a reporting point of view.
  • 15. Tip 13: SIEMSOC Compatibility Ensure that your IRM Enabler Solution works with your security dashboard. To avoid multiple points of control for key security systems, you have probably invested in a SIEM or SOC solution. Treat your IRM Enabler Solution just like any other mission-critical security system, and make sure it integrates seamlessly with your SIEMSOC of choice.
  • 16. Tip 14: Anti-Tampering Any security solution needs to be secure itself. To enforce any kind of policy-derived security, it’s important to eliminate the possibility of enduser tampering. Make sure your IRM Enabler Solution has solid anti-tampering mechanisms that systematically ensure continuous operation, and alert you if endusers try to disable agents – whether maliciously or accidentally.
  • 17. Tip 15: Continuous Health Monitoring Policy-derived security has to run 24/7/365. Since your IRM Enabler Solution will be performing mission-critical enterprise functions, make sure that it contains health and operation monitoring components to maintain maximum control over all IRM modules from a centralized location.
  • 18. Tip 16: Anti-Virus and Anti-Malware Network threats still exist, even when information is protected. Viruses and malware can exploit the use of IRM- protected data to disguise malicious actions, and targeted attacks could easily do the same. Make sure your IRM-protected content remains fully accessible to key network and host-based security utilities like anti-virus and anti-malware.
  • 19. Tip 17: It’s a BYOD World Ensure seamless productivity in the Bring Your Own Device (BYOD) IT environment. In the BYOD era, you need to guarantee that IRM- protected content can be accessed on any device, including mobile. Also, to ensure maximum productivity on the go, your IRM Enabler Solution needs to work seamlessly with Mobile Device Management (MDM) solutions like Good, AirWatch, MobileIron, and others.
  • 20. Tip 18: Get the Most for Your Money Like any high-end purchase, your IRM Enabler Solution should exceed expectations. In today’s budget-sensitive IT climate, flexible, multi-purpose solutions that deliver the most “bang for your buck” are the rule. Make sure the IRM Enabler Solution you choose can do more than “just” IRM. A multi-purpose IRM Enabler Solution should be able to offer hybrid, borderless DLP functionality. It should offer cloud security, secure collaboration and information sharing. And, it goes without saying, it should be organically compatible with the whole of your perimeter-free security environment.
  • 21. Conclusion IRM has the potential to enable a new level of information security for your enterprise. However, mainstream IRM Engines are not sufficiently featured to smoothly integrate into existing business processes. When choosing an IRM Enabler Solution, both security and productivity should be considered. An enduser-facing security solution is only as effective as its weakest link: the enduser. And today’s endusers present a world of previously-unthinkable demands. They need to work from their device of choice, on their productivity tools of choice – and, for them, security considerations are secondary, at best. By choosing an IRM Enabler Solution that smoothly integrates into existing workflow and delivers the cutting-edge information security that your enterprise needs, you can enjoy the best of both worlds.
  • 22. About Secure Islands Secure Islands develops and markets advanced Information Protection and Control (IPC) solutions for the borderless enterprise. Offering policy-driven classification and protection for unstructured data, Secure Islands lays the foundation for sensitive information security in enterprises as they shift from perimeter defense to persistent protection. Secure Islands' holistic approach literally redefines information security and assists the enterprise in regaining control by identifying, classifying and protecting sensitive information throughout its lifecycle. Founded in 2006 and headquartered in Israel, the company’s solutions are deployed in top-tier Fortune 500 firms and government agencies worldwide. For more information, please visit www.secureislands.com.