Information Rights Management (IRM):
Enhancing Security of IBM FileNet
The Problem:
A Typical File Downloading Scenario
User
IBM FileNet
Click for NEXT
Once the file is downloaded by the user, IBM FileNet has
no control on the file.
A Typical File Sharing Scenario
Edited
Copied
Printed
Un-protected File
Viewed
Distributed
It can further be:
Edited, Copied, Printed, Distributed, Viewed (by others)
Click for NEXT
It can further be:
Edited, Copied, Printed, Distributed, Viewed (by others) !!
The Solution:
File Downloading Scenario with Seclore FileSecure
User
IBM FileNet +
Seclore FileSecure
Click for NEXT
When the file is downloaded, Seclore FileSecure protects
the file
File Downloading Scenario with Seclore FileSecure
Edited
Copied
Printed
Protected File
Viewed
Distributed
Click for NEXT
It can further be:
Edited, Copied, Printed, Distributed, Viewed (by others)
The user has only restricted usage rights (e.g. view only,
edit + print only, etc)
Feature
IBM FileNet
IBM FileNet + Seclore
FileSecure
Access Control
Can provide control while
the information is within
the system only
Can provide control even after
the information is download
from the system
Usage Control
(View, Edit,
Print, etc)
Doesn't provide usage
control
Can provide usage control
persistently within & outside the
system
Policy changes
Can reflect changes in
policies while the
information is within the
system
Can reflect changes in policies
while the information is outside
the system & in real time
Audit trail
Can provide audit trails for
information before
download only
Can track all authorized and
unauthorized attempts on
information before and after
download
Some screen shots
1. Assigning Seclore Policies to FileNet folder
“Hot-Folder”
Policy Admin
Computer
Policy definition could be centralized (done by central
team) or decentralized (done by dept. level teams)
Internal Users
External Users
Policy Admin
Computer
Policy is defined asa. WHO - people / groups within or outside
of the enterprise
Policy Admin
Computer
Policy is defined as
b. WHAT - (VIEW, EDIT, PRINT,
FORWARD,… )
Policy Admin
Computer
WHEN
date range,
time span, …
Policy Admin
Computer
Policy is defined asc. WHEN - date range, time span, …
Policy Admin
Computer
Policy is defined asd. WHERE - Specific computers, specific networks, only
from the office, …
2. Downloading document from “Hot-Folder”
User’s Computer
User logs into FileNet and downloads a file
User’s Computer
The downloaded file is automatically protected with the
policy of the “Hot Folder”. Notice the “red” lock
3. Opening the document
User’s Computer
When the user opens the file, he gets to see the rights
that he has on the document
4. Performing un-authorized actions
User’s Computer
If he tries to print….
User’s Computer
He will be restricted from printing !!
User’s Computer
If the user tries to copy data…
User’s Computer
He will be restricted from copying data!!
User’s Computer
Even print-screen is blocked !!
User’s Computer
The system also maintains a complete audit trail of all the
user actions, time & even location !!
About Seclore
Corporate Background …
“Seclore is a high growth software product company.
Seclore’s technology helps mitigate the risks arising out of
information breaches whilst enhancing collaboration”
6 years old, Headquartered in Mumbai, India
Geographical and customer presence
Middle East, India, ASEAN, Western Europe, North Africa
Keywords
Information Rights Management, Secure outsourcing
Investors
The largest private bank in India, one of the foremost R&D institute &
professional financial investors
Why are we different
Minimally intrusive security technology, value based pricing, usage without
training
About …
Seclore is a high growth information security product company focussed on
providing Security without compromising collaboration
Seclore’s flagship product Seclore FileSecure is used by More than 1.5
million users & some of the largest enterprises
For more informationhttp://www.seclore.com/ibm_filenet.html
Email: info@seclore.com