October is National Cyber Security Awareness Month — a joint effort by government and industry to ensure that every American has the resources they need to stay safer and more secure online. As the headlines remind us, consumers and businesses alike can’t afford to let their guard down. It’s a good time for a quick review of how work gets done today, and share some best practices for collaborating securely in an unsafe world.
First, we need to recognize that the way people work together has changed dramatically. New cloud and device technologies, employee mobility and complex digital workflows that involve internal and external teams have transformed the workplace. (Even the term “workplace” has become a misnomer.) The information that needs to be shared across today’s extended business ecosystem is often highly sensitive, and criminals, competitors and/or governments would love to get their hands on it. We also have to account for human nature. People keep making the same security blunders (sending email to the wrong addresses, using weak passwords, etc.) no matter how much you remind them and plead with them.
Stay Safe Online: Collaborate with Confidence
Across this volatile landscape, organizations need to maintain control over their content regardless of where it resides or travels. At the same time, they need to minimize friction for the people who depend on that content to do their jobs and grow the company. Here are the capabilities you should be looking for if you’re not leveraging these already:
- Secure Workspaces: Safer than Email and Highly Collaborative: There have been so many news reports of email fiascos that most companies understand they need a more secure means of information transmission. Secure workspaces provide a far safer, more effective environment for sharing sensitive content and collaborating with external partners. Users can be invited by email to join the workspace, but the actual delivery of data is secure.
- Control Your Content with Information Rights Management: Information Rights Management (IRM) allows you to specify who can access what content and what they can do with it, so you can retain control even after the content has left the organization. Business users or managers can specify recipients and set permissions which are enforced automatically: view, print, copy, save, edit, rename, etc. Permissions are embedded directly into the file and travel with it wherever it goes. They can range from very general (for example, covering the entire organization) to extremely granular, at the workspace, folder or file level. When the relationship ends, or if a file falls into the wrong hands, all access rights can be immediately revoked, keeping the information safe.
- Anytime, Anywhere, Any Device: Internal and external teams need access to their files online, offline, from mobile devices and PCs, at work, at home and while traveling. Secure content collaboration and workflows need to support all of these environments gracefully, so nobody who needs to participate is left out.
- Data Is Encrypted and Only You Have the Key: Data needs to be protected with AES 256 encryption in motion, in use and at rest so if there’s a hack at any point, the file is unreadable. The customer also needs full control of the encryption key, so not even the cloud vendor can see it (for example, with a random generated key that’s only exposed to the customer inside their data center). The file is locked before it leaves the customer premises, and stays that way wherever it goes.
- Think Globally, Act Locally: Companies have grown comfortable with running their applications and data in the cloud, and letting the cloud provider decide where to run and store it. But different countries and regions have their own data residence requirements and data privacy rules, with harsh penalties for non-compliance. Thus companies and their technology partners need to understand local laws for where data must be processed and stored, and be able to tailor their response based on physical, logical or legal definitions of data location.
- Auditing and Reporting to Show Compliance: Companies — specifically their IT and security departments — need to be able to demonstrate that their digital content collaboration complies with corporate policies as well as external regulations for privacy and data sharing. Keeping an automatic record of who accessed what information, and what they did with it, is crucial. Knowledge that they have full visibility and reporting into user activity across workspaces helps organizations collaborate with confidence.
- Simple to Deploy, Simple to Use: Finally, the solution needs to be frictionless — or as close to it as possible — so people can use it on the fly. It needs to be easy for internal business users to set up workgroups and set permissions, and easy for end users to interact with content with the privileges which they are authorized; as easy as email, but far more secure.
Business Beyond Boundaries
Organizations need to collaborate and conduct business on a global stage, without being stifled by security concerns. Rather than cowering behind a firewall, the right secure collaboration solution allows you to extend and enhance your digital processes, reduce operational complexity and get work done faster. It’s ideal for working in a world beyond organizational boundaries, whether for mergers and acquisitions, partnership relationships, investor and client communication, or any collaborating on any other kind of information. Grow your business, and stay safe!
If you want to learn how we can help protect your information, visit our resources on secure content collaboration.