Vishal Gupta - Information Rights Management - Interop Mumbai 2009
-
Upload
interop-mumbai-2009 -
Category
Technology
-
view
1.008 -
download
0
description
Transcript of Vishal Gupta - Information Rights Management - Interop Mumbai 2009
Information Rights Management
Coming of age
Presentation at InterOp 2009, Mumbai
Vishal Gupta
CEO, Seclore
TELEMARKETER
Information exchange in the collaborative world
Information is exchanged between Employees of the organisation
Enterprise
CUSTOMERS
VENDORS
Information is exchanged between employees & vendors & employees & customers
Competitors
What happens if an employee with privileged access leaves to join a competitor ?What happens if information shared with a vendor is lost by the vendor ?
VPN
SSL
UTM
…
Firewalls
Underlying Issues
Share it = It becomes his (also)Ownership and usage cannot be separated
Shared once = Shared foreverImpossible to “recall” information
Out of the enterprise = Free for allTechnology & processes are only applicable within
The Result
Information lands up in public websites !
Create Store Transmit & collaborate Use Archive & Backup Delete
DLP Anti-virus Anti-…
Hard disk encryption
SSL UTM
Application security
IDM DLP Vaults Digital shredders
Desktops
Laptops
Heterogeneous policies … Heterogeneous infrastructure
Mobile devices
Removable media
Content Management
Online workspaces
Remote desktops
Information lifecycle …
Shared folders Removable
media
Instant Messaging
Desktops
Laptops
Mobile devices
Archive
Backup
Document retention
Security
Options for securing unstructured information
Option 1 : Control Distribution
. . .
Security Collaboration
Options for securing unstructured information
Option 2 : Control Usage
. . .
Security Collaboration
• WHO can use the informationPeople & groups within and outside of the
organization can be defined as rightful users of the information
• WHAT can each person doIndividual actions like reading, editing, printing,
distributing, copy-pasting, screen grabbing etc. can be controlled
• WHEN can he use itInformation usage can be time based e.g. can
only be used by Mr. A till 28th Sept OR only for the 2 days
• WHERE can he use it fromInformation can be linked to locations e.g. only 3rd floor office by private/public IP addresses
Rights management technologies allow enterprises to define and implement information usage “policies”. A “policy” defines :
Information Rights Management
Information Rights Management
Policies are
• Persistent : Policies are implemented on information and all itscopies wherever they are transmitted or stored
• Dynamic : Policies can be changed without having access to or redistributing the information
• Monitored : Policy changes can be monitored
User actions are
• Monitored : Individual actions ( authorized AND unauthorized ) like
viewing, editing, printing etc. are monitored and centrally available in a reporting tool
Scenario: Research reports & drawings
Within office network
Till the time of employment
NoNoYesYesSanjiv
Within office network
30th November 2009
NoNoNoYesRahul
DistributePrintEditRead
WHEREWHENWHATWHO
organization
Rahul
Sanjiv
About
Seclore is a high growth information security product company focussed on providing Security without compromising collaboration
Seclore’s flagship product Seclore FileSecure is used by More than 1 million users & some of the largest enterprises