Partnerships Spark New Life Into Enterprise DRM

Posted by George Hulme on January 5, 2009

Tags: Backup & Recovery,  Cloud Storage,  Data Protection,  Other,  Storage Management

Channel: Backup & Recovery, Cloud Storage, Data Protection, Other, Storage & Mgmt

There's no shortage of storage security stories highlighting the insider threat -- employees, whether criminally inclined or not, always have been and remain a company's biggest security risk and the source of many, if not most, information leaks. And, while companies can use network firewalls and intrusion detection technologies to protect their networks and other anti-malware software to shield servers and endpoints, those tactics don't protect the actual data within files.

That's why critical information -- business plans, financial information pertaining to customers, or a business' own finances -- is always at risk of leaking as a result of insider mistakes such as an accidentally sent email, a lost notebook, or even a misplaced removable storage device.

Encryption technology can work for files and disks. But it isn't always practical for entire organizations. Workers forget to use it, keys are lost, and systems break down. That's where enterprise digital rights management (DRM) is suppose to step in. The technology, theoretically, should help organizations manage the security of documents wherever they travel by embedding access rights and encryption directly into the files. These rights limit which users can read, print, copy, or transmit the files. They can even terminate access to specific files at a certain date. "But the problem with enterprise DRM has been that the technology is complex and outside normal work behavior. The tools work great, but organizations don't always use them consistently," says Rich Mogull, founder and analyst of security consulting firm Securosis. "Users also don't know what rights to apply to what objects or which users should have those rights. While companies can setup templates, the users still need to manually classify data."

That, analysts say, is about to change thanks to newly forming partnerships among data leak protection (DLP) vendors and makers of enterprise DRM software. Essentially, DLP applications help organizations identify and classify information they'd like to protect -- customer data, Social Security numbers, business plans -- and then use pattern matching and other techniques to find other files that meet that criteria. Then the enterprise DRM software imposes limits on who can access and use those files.