TechWeb

In Focus: Exploiting Security to Increase Content Access

Feb 22, 2005 (11:02 AM EST)

Read the Original Article at http://www.informationweek.com/news/showArticle.jhtml?articleID=60402715


Electronic forms of content, from e-mail to Web sites, have opened the doors of collaboration in ways that defy the old boundaries of time and geography. With opportunity comes greater risk, however, because of the ease of proliferation, duplication and modification of content. From a security standpoint, there's a higher potential for loss of control over enterprise content. And from a risk standpoint, it's no coincidence that security concerns coexist with growth in industry and governmental regulation regarding content disclosure and secrecy.

Just as executives are seeking innovative ways to leverage content for increased market penetration, collaboration and profits, recent court rulings and regulations have made these same leaders apprehensive about providing content access. They don't have to fear, however, as 'security' and 'sharing' are not incompatible concepts. Content security is an emerging technology approach to handling content in an intelligent and flexible way. Behind the approach is a new philosophy that you can strengthen conventional security while simultaneously increasing opportunities for revenue and partnership through sharing.

Content security is not an easily obtained solution; there is no single out-of-the-box solution or single provider as yet. To be effective, it has to be built to specification following an extensive analysis of your business. Risks have to be weighed against opportunity, technology alternatives and capabilities understood, and business objectives and return on investment have to be considered. The business sponsor must work closely with a technologist to understand the strengths and weaknesses of point functionality and how orchestration and integration complement one another.

Among the technologies that will be fundamental to content security systems are document management, content management, user authentication, content authentication, digital rights management, enterprise rights management, e-mail management and e-records management. Their application must permit security down to at least the document (or message) level, as opposed to a collection/server level. It must also be policy driven, and for the utmost effect, it must permit embedded policies within the content. Ideally — and this will be the secret sauce — a single policy should be leveraged across all these technology components in an orchestrated manner that is transparent to the content consumer.

By instilling these characteristics and capabilities, it is possible to build a security system that secures content without the ongoing human intervention demanded by most security solutions. Better yet, content security can be enforced for the duration of each individual content object, no matter how or where it is used or stored.

Refocus your thinking so that security issues are business decisions, not technology decisions. Content security can promote new opportunity and business models. The initial investment may be sparked by compliance demands and piracy risks, but the lasting value will come from opportunities such as intelligent orchestration of potential mergers and acquisitions, paid subscription models to IP and broad-based secure collaboration.

While the exact nature of your deployment of content security may be unknown, one thing is certain: In the next three years, this emerging functionality is destined to become not just an issue of competitive advantage but a benchmark for business leadership.

Take the Survey: Delphi is currently conducting an online survey on content security. In exchange for your participation, you will receive access to the prepublication results.

http://www.delphigroup.com/content-security-survey-dgie

Carl Frappaolo and Dan Keldsen of the Delphi Group provided this "Managing Content" guest opinion.

An executive overview of this report will be shared in an upcoming "Managing Content" newsletter. Please share your current understanding and plans for content security by taking the survey, which takes five to 10 minutes to complete.

Thanks, Doug Henschen, Editor, Managing Content

Resources:

  1. Content at Risk: When content goes beyond the firewall, rights management technology can safeguard intellectual property.
    http://www.transformmag.com/showArticle.jhtml?articleID=47902414
  2. A Matter of Trust: To make better rights management choices, you have to understand the risks. Seven steps help you plan architectures and spot important features.
    http://www.transformmag.com/showArticle.jhtml?articleID=47902365