Adi Ruppin is vice president of marketing and business development for Confidela, provider of the WatchDox document control and tracking service. Please visit http://www.watchdox.com for more information.
Successful businesses, particularly those that aspire to global operations, must share and collaborate with people inside and outside the organization, typically on a daily basis. However, businesses frequently overlook the risks involved and may possess various misconceptions as to what they should or should not do.
8 Ways Your Organization Can Collaborate and Stay Safe
1 – Stay away from e-mail
It is easy to forget that e-mail was not designed for secure collaboration and sharing of sensitive documents. Be aware of that before you send out passwords, social security numbers, credit card numbers or sensitive documents. E-mail may be intercepted by third-parties or by your own e-mail provider (if you’re using a Web e-mail service) and is not designed for security and reliability.
2 – Adding password protection is not enough.
A common misconception is that if you send out a document that is password-protected (such as a password protected PDF document) then it’s secured. While possibly preventing a third-party from eavesdropping on the actual communications, a password-based approach is seriously flawed. After all, this password can be forwarded just as easily as the document itself, and therefore offers little security throughout the lifetime of the document.
3 – Encryption is not enough, either.
As mentioned before, password-based encryption is inadequate. Essentially, any form of encryption in which the recipients receive the document and decrypt it is just as insecure – no matter how strong the encryption is. Once decrypted on the recipient side, all security and control are lost, and the recipient is free to copy, print or forward that document to anyone without your permission or knowledge.
4 – Don’t think just because you are using a an Enterprise Content Management (ECM) system you’ve got security covered.
Whether you’re using Documentum, SharePoint or another content management solution, keep in mind that it is probably still relying on password-based authentication. This means that once a user has accessed your documents and downloaded them, he or she can still print them, copy them, forward them (either accidentally or on purpose). Imagine, for instance, the potential damage from an employee who has left with all the company’s sensitive documents on his or her PC. Clearly, having a brand-name ECM system is no guarantee that your data is secured at all times.
5 – There is such a thing as too much security.
Your first priority is to be able to share and collaborate. This means the other party must be able to access the data. Imposing unreasonable security requirements that are extremely cumbersome means that either you will not be able to get the job done or that people will find less secure workarounds that work for them. An example for such an extreme requirement is forcing the receiving parties to install software on their end in order to access the shared documents. Such is the case with many of the legacy Enterprise Digital Rights Management (DRM) systems.
6 – Tracking is important.
Controlling documents is only one aspect of securing them. For regulatory and other purposes, it’s important to be able to know who has viewed your documents, when and where. This too requires that you have some control over your documents at all times – even after they have been shared.
7 – Establish a corporate policy.
It’s important to establish some guidelines or policies as to how to secure documents that are being shared. Sometimes, just coming up with such a policy is a challenging proposition. Individual users are prone to making mistakes, so once a policy is in place it’s also useful to automate the enforcement of this policy and make it as seamless as possible to the end users.
8 -- Be mindful of what you share.
As always, any policy or technical solution will not replace your personal judgment. The more aware you are of the risks and of the pitfalls of different sharing and collaboration methods the more likely you are to effectively safeguard your organization crown jewels.
-----
The following 8 may also be of interest:
Recent Comments