By Mandy Pang.
Collaborative technologies such as e-mail, instant messaging, Microsoft SharePoint, extranet portals, and software-as-a-service (SaaS) applications make it easier to share information and communicate innovations. In a typical Microsoft environment, Office documents may be created on the desktop, then loaded to a File Server for internal sharing. Or they may be uploaded to SharePoint for sharing with your supply chain, or be emailed to a fellow employee overseas. Note the ease with which IP can be transformed, duplicated and shared.
How do you protect your office document that is moving between your Windows desktop, SharePoint, File Server, and Outlook?
While more advanced techniques like Dynamic Access Control (DAC) and AD RMS are available, they are not yet mainstream and controls remain siloed within disparate applications . Companies still rely on setting permissions.
What a pain!
First, there is no centralized way to set permissions for a file that will automatically be enforced on SharePoint, File Server, and Windows desktop, not to mention there is absolutely no way to set permissions for a file that you send out via Outlook.
Second, permissions can quickly become unmanageable.
Imagine your company operates in 20 countries, each country with 5 departments, and each department has 10 projects. Just that simple hierarchy means you will need to manage permissions for 20x5x10 = 1000 security groups!
This approach seems set up for failure. There will be administrative overhead, there will be complicated controls that are difficult to understand (and thus troubleshoot). There is no central way to capture events across these systems for auditing purposes. We need a more robust, cross-system solution!
Mandy Pang is the Product Manager for Rights Management and Data Protection at NextLabs. She works with the Solutions Management team to devise best practices for securing and controlling data in order to develop solutions for Global 5000 business around partner collaboration, export regulations, IP and Data security.