Human beings by nature are inquisitive and there will always be the temptation to pry into unauthorised confidential information. At the same time organizations must be able to control the viewing, movement and usage of sensitive data to prevent inappropriate distribution or leakage.
In a recent news article a survey carried out by Cyber-Ark global survey claimed that 41% of IT pros admit to snooping on confidential information.
The research also confirmed that snooping continues to rise within organizations both in the UK and the US. Forty-one percent of respondents confessed to abusing administrative passwords to snoop on sensitive or confidential information – an increase from 33 percent in both 2008 and 2009.
When examining the information that people were willing to circumvent the rules to access, US respondents targeted the customer database first (38 percent versus 16 percent in the UK) with HR records most alluring to UK respondents (30 percent versus 28 percent in the US).
When it comes to confidential information in unstructured format it is imperative that business takes responsibility for securing such information. Information Rights Management needs to be managed and administered by business and not IT, this rules out the possibility of unauthorised access.
In addition to encrypting each document or email, access to these documents are logged giving the data owner a full audit trail. Information Rights Management prevents staff from accessing information that is not relevant to their role.
Smart and best-in-class organizations are beginning to realize the benefits of using Information Rights Management.
Typical deployments for these organizations can vary from 3 days to 3 months, with exceptional deployments lasting between 6 months and a year, these tend to be global deployments across multiple departments with a high element of integration or customization.
The best way to get started is to ask for a proof of concept to see whether Information Rights Management meets your requirements.
For additional information on how to get started with Information Rights Management you can access Gartner’s latest publication called “Key Selection Criteria for Enterprise Digital Rights Management Solutions” by Eric Ouellet and Ray Wagner. There is also a ton of information on the Enterprise DRM blog.
Help Net Security - 41% of IT pros admit to snooping on confidential information