1 © Copyright 2008 EMC Corporation. All rights reserved. Information Rights Management EMC Content Management and Archiving

1© Copyright 2008 EMC Corporation. All rights reserved.

Information Rights Management

EMC Content Management and Archiving


Business Drivers for Content Security

Protect intellectual property– Trade secrets– Competitive information– IP theft– Secured collaboration

Compliance– Regulations– Audits

Risk mitigation– Legal exposure– Data loss– Privacy breaches

“Despite massive investment in security technology and services…

…fewer than one in five companies feel that all their data is adequately protected.”Source: Enterprise Strategy Group March 2006

82% 18%

2


The Threat Profile Has Shifted

Necessary but insufficient

Keeping the bad guys outPerimeter-based Security

SolutionBuild and protect perimeters

ApproachFirewall, IPS/IDS, anti-malware

FocusAccess and availability

ThreatDenial of Service, network intrusion, external attack

+

Assume they’re already inInformation-based Security

Manage and protect information

Identity management, data encryption

Authorization and accountability

Privacy breach, intellectual property theft, insider attack

Addresses root cause

84% of high cost security incidents are a result of insiders sending confidential material outside of their company.

— Gartner 2006


Solutions Not Addressing the Root Issue

Most information security products don’t actually secure information

They protect networks, laptops, and servers

They do little to protect confidentiality and integrity of information

Authentication

Clients

SAN

WebFiltering

Anti-spyware

LAN

Anti-virus

VPN

Anti-virus

FirewallServers

ThreatDetection

Change/PatchManagement


Authentication

Clients

SAN

WebFiltering

Anti-spyware

LAN

Anti-virus

VPN

Anti-virus

FirewallServers

ThreatDetection

Change/PatchManagement

Your Content is in Motion

Information is in constant motion throughout its lifecycle, making it difficult to lock down

Perimeters and resources are constantly being traversed


InformationRights

Management

IRM actively controls, secures and tracks sensitive and confidential information wherever it resides.


IRM Server Key and Policy Management

Content is always encrypted

The keys are always separated from the content

The local key is destroyed after useWorkflow Integrations

Desktop Integration

IRM PolicyServer

EMC Documentum eRoom

EMC Documentum Repository

File Share Content Owner

+Policy

+Policy


Partner

Hacker

Network

IRM PolicyServer

ContentServer

EMC IRM Services for Documentum WorkflowSecure Data Sharing

Corporate VPN

PartnerNetwork

Internet

Author

Review


EMC IRM Architecture

Internet Explorer

Adobe

MS Office

MS Outlook and

Lotus Notes

EmailXtender

eRoom

Documentum Admin

Webtop

Java, WDK-based

Web Delivery

Gateway

File Share

API

Information Rights Management SDK

Authentication Infrastructure

ALL Authentication Domains LDAP Win X509 RSA Documentum Custom

EMC Documentum IRM Server

Key Mgmt Authorization Policy MgmtAuthentication Auditing Encryption


Features – Protects Native Business Information

Clients for major business applications

– E-mail– Microsoft Office– Adobe– HTML– RIM Blackberry– Lotus Notes

Works within native application

Allows secure sharing of sensitive documents with internal and external users


Features – Rights Enforcement by Policy

A document policy defines: Who can view

What pages can be viewed (PDF only)

When it can be viewed

If copy or edit is allowed

If printing is allowed

If guest access is allowed

If offline viewing is allowed

Automatic expiration

Dynamic watermarks


Features – Rights Enforcement by Policy

Mandatory and discretionary policy enforcement options

Choose rights enforcement using administratively-defined templates or ad-hoc policies

Flexibility supports organizational rollout

Allows for workgroup and enterprise-wide applications


Features – Dynamic Watermarking

Dynamic watermarking can provide visible indication of who printed a copy and when they printed it

Can be used for compliance and auditing

Provide watermarks while viewing and/or when printing

Watermarks are customizable

Watermarks supports Unicode

Watermarks can use LDAP attributes


Feature – Dynamic Policy Control

Dynamic policy control allows recipient entitlements to be changed on-the-fly when individual roles or business needs change, regardless of where the content resides.

Example: In April a price list with IRM is downloaded by a sales person The sales person e-mails the price list to a customer On May 17, prices change and new prices are issued At that time, rights on the old price list are revoked, affecting all

copies, regardless of location

NEW


Feature – Continuous Audit Trail

All events in IRM are auditable IRM provides granular audit trail of

what recipients did with the documents, page by page

See who did what, when

Delivers on-going assurance of policy compliance

Auditing is continuous, whether online or offline

Leverage XML logging standards for reporting on audit trail

22


Ford Motor Company

Requirements Securely share the 10 year “Vehicle Vision” product plan for the Ford brands

and keep away from competitors and the media

Require multiple access levels for brand executives

Must be easy to use for 1,000 insiders around the world, including Chairman Bill Ford Jr.

IRM Solution Document owner protects and distributes through portal

No access outside of current insider list

Username watermark raises the bar on distribution

“We don’t want to see this in the Detroit Free Press…”

Customer Case Study


Case Study

ROI: 6 month payback, elimination of paper and delivery costsMarketing update price books monthly instead of quarterly

Challenges– Sharing price lists and competitive materials with 2000 sales agents

and suppliers globally– High cost for logistics to distribute by paper– Competitors placing bounty on our price books

IRM Solution– Access is tracked continuously and audited– Ensures only authorized users can access info.– Username is impressed as a watermark– Marketing can irrevocably delete at any time


Off Wall Street

Requirements Protect highly valuable financial information sold as a subscription

Ensure that documents are not forwarded to unauthorized users, especially competitors

Regulate what recipients can do with the information (e.g., print, edit) consistently for all reports regardless of who distributes them

IRM Solution “The product has been trouble-free from the start. We've never had a problem

with the software, ever.“— Mark Roberts, CEO

Increases revenue: users cannot access reports without paying for it

Provides policy-based usage controls and audit trail for information access

Customer Case Study


Industry Use Examples for IRM

Manufacturing – Sharing of new product specifications,

planning, R&D, and pricing documents

Government – Share information on a need-to-know basis

within intelligence community

Healthcare– Communications with business associates– Control of PHI dissemination

Financial and Legal Services– On-line mergers and acquisitions– Protect customer data– High value research circulation control– Secure distribution of bills of lading

28

Documents

1 © Copyright 2008 EMC Corporation. All rights reserved. Information Rights Management EMC Content Management and Archiving