Seclore FileSecure Integrated with IBM FileNet

1
Seclore Filesecure FileNet Connector Enhancing
security of IBM FILENET
2
Contents

• Constraints of IBM FileNet security
• The Solution ..
• What is Seclore FileSecure
• Seclore FileSecure connector for IBM FileNet
• Policy definition
• Assigning policies to FileNet folders
• Uploading documents
• Downloading a file from FileNet folder
• Accessing a protected file
• Audit trails
• About Seclore

3
FileNet and security
A Process Flow of Product Plan
FileNet
User
User
Un-protected File
FileNet accessed by users
FileNet security is not persistent . Once the
file is downloaded locally, it can be edited,
copied distributed.
4
Contents

• Constraints of IBM FileNet security
• The Solution ..
• What is Seclore FileSecure
• Seclore FileSecure connector for IBM FileNet
• Policy definition
• Assigning policies to FileNet folders
• Uploading documents
• Downloading a file from FileNet folder
• Accessing a protected file
• Audit trails
• About Seclore

5
Seclore FileSecure
Seclore FileSecure allow enterprises to define,
implement audit information usage policies. A
policy defines

• WHO can use the information
• People groups within and outside of the
  organization can be defined as rightful users of
  the information
• WHAT can each person do
• Individual actions like reading, editing,
  printing, distributing, copy-pasting, screen
  grabbing etc. can be controlled
• WHEN can he use it
• Information usage can be time based e.g. can only
  be used by Mr. A till 28th Sept OR only for the 2
  days
• WHERE can he use it from
• Information can be linked to locations e.g. only
  3rd floor office by private/public IP addresses

6
Seclore FileSecure

• Policies are
• Persistent Implemented on information and all
  its copies wherever it is transmitted or stored
• Dynamic Policies can be changed after
  distributing information without having access to
  or redistributing the information
• Policies can be attached to information on
• Creation
• Placement in a certain location e.g. shared
  folder
• Attachment to email
• Uploading to a document management / ECM system

7
Contents

• Constraints of IBM FileNet security
• The Solution ..
• What is Seclore FileSecure
• Seclore FileSecure connector for IBM FileNet
• Policy definition
• Assigning policies to FileNet folders
• Uploading documents
• Downloading a file from FileNet folder
• Accessing a protected file
• Audit trails
• About Seclore

8
Seclore FileSecure Enabled FileNet
A Process Flow of Product Plan
User
FileNet Seclore FileSecure
User
Protected File
FileNet accessed by users
Files copied out of FileNet Folder are
persistently protected. Rights to edit, copy,
print and distribute are restricted based on
Seclore FileSecure policies
9
Contents

• Constraints of IBM FileNet security
• The Solution ..
• What is Seclore FileSecure
• Seclore FileSecure connector for IBM FileNet
• Policy definition
• Assigning policies to FileNet folders
• Uploading documents
• Downloading a file from FileNet folder
• Accessing a protected file
• Audit trails
• About Seclore

10
Policy definitionWHO, WHAT
Policy Admin
People / groups, within / outside the enterprise
can be dis-allowed to edit, print, copy, forward
etc. via a policy
11
Policy definitionWHEN, WHERE
Policy Admin
A policy can expire information beyond a date /
timespan and also restrict its usage to certain
computers / networks
12
Contents

• Constraints of IBM FileNet security
• The Solution ..
• What is Seclore FileSecure
• Seclore FileSecure connector for IBM FileNet
• Policy definition
• Assigning policies to FileNet folders
• Uploading documents
• Downloading a file from FileNet folder
• Accessing a protected file
• Audit trails
• About Seclore

13
Applying Policies
FileNet Admin
Policies can be applied to folders by the FileNet
admin. The admin chooses the folder
14
Applying Policies
FileNet Admin
Policies are applied
15
Contents

• Constraints of IBM FileNet security
• The Solution ..
• What is Seclore FileSecure
• Seclore FileSecure connector for IBM FileNet
• Policy definition
• Assigning policies to FileNet folders
• Uploading documents
• Downloading a file from FileNet folder
• Accessing a protected file
• Audit trails
• About Seclore

16
Add document
FileNet Admin
Add document
17
Add document
FileNet Admin
Add document
18
Document is uploaded
FileNet Admin
Document is uploaded
19
Contents

• Constraints of IBM FileNet security
• The Solution ..
• What is Seclore FileSecure
• Seclore FileSecure connector for IBM FileNet
• Policy definition
• Assigning policies to FileNet folders
• Uploading documents
• Downloading a file from FileNet folder
• Accessing a protected file
• Audit trails
• About Seclore

20
Download document from FileNet
Users Computer
Once the users downloads the document from
Seclore FileSecure policy protected FileNet
folder the file gets instantly protected
21
Download document from FileNet
Downloaded document from FileNet. Notice the red
lock!
Users Computer
file gets instantly protected
22
Contents

• Constraints of IBM FileNet security
• The Solution ..
• What is Seclore FileSecure
• Seclore FileSecure connector for IBM FileNet
• Policy definition
• Assigning policies to FileNet folders
• Uploading documents
• Downloading a file from FileNet folder
• Accessing a protected file
• Audit trails
• About Seclore

23
Rights display
Users Computer
On clicking a rights display makes the recipient
explicitly aware of his rights to the document
24
Unauthorized print
Users Computer
Unauthorized activities like attempts to print
25
Unauthorized print
Users Computer
are disallowed
26
Unauthorized edit save
Users Computer
Unauthorized activities like attempts to edit
save
27
Unauthorized edit save
Users Computer
are disallowed
28
Unauthorized copy
Users Computer
Attempts to copy parts / whole of the document
29
Unauthorized copy
Users Computer
are disallowed
30
Unauthorized screen grab
Users Computer
Screen capture by the Prt Scr key, screen
grabbing tools like Camtasia and screen sharing
tools like Webex is blocked
31
Contents

• Constraints of IBM FileNet security
• The Solution ..
• What is Seclore FileSecure
• Seclore FileSecure connector for IBM FileNet
• Policy definition
• Assigning policies to FileNet folders
• Uploading documents
• Downloading a file from FileNet folder
• Accessing a protected file
• Audit trails
• About Seclore

32
Information audit
Users Computer
The audit captures the WHO, WHAT, WHEN and WHERE
of the access attempt. Authorized and
unauthorized attempts are captured and reported
33
Contents

• Constraints of IBM FileNet security
• The Solution ..
• What is Seclore FileSecure
• Seclore FileSecure connector for IBM FileNet
• Policy definition
• Assigning policies to FileNet folders
• Uploading documents
• Downloading a file from FileNet folder
• Accessing a protected file
• Audit trails
• About Seclore

34
Corporate Background
Seclore is a high growth software product
company. Seclores technology helps mitigate the
risks arising out of information breaches whilst
enhancing collaboration

• 6 years old, Headquartered in Mumbai, India
• Promoted by IIT Bombay under the SINE program -
  www.sineiitb.org
• Geographical and customer presence in Middle
  East, ASEAN, SAARC Europe
• Offerings focused on Information Rights
  Management and Secure Outsourcing
• Stake holders including
• IIT Bombay www.iitb.ac.in
• ICICI Bank www.icicibank.com
• Ventureast www.ventureast.net
• Technology and service differentiators focusing
  on minimally intrusive technology, value based
  pricing and usage without training

35
About
Value to customers Security without compromising
on collaboration Customers across .Diversified
business groups
.Large financial services groups
.Engineering and manufacturing organizations
.Defence, Software, BPO, Consulting, Services, .
36
What customers say about us
We chose Seclore FileSecure due to the
flexibility provided by Seclore in terms of
solution capabilities and customization.
Implementation of Seclore FileSecure has reduced
the exposure of critical data for potential
misuse or frauds. The business benefits are
tremendous. - Murli Nambiar, Head of
Information Security
"Financial services companies like banks,
insurance carriers broking are opening up
their information systems and processes for
participation by customers, partners and vendors.
This of course brings in a lot of value chain
integration and lowers costs but comes with
information security needs which cannot be solved
by present day systems. Seclores technology for
securing documents as they flow within and
outside enterprises as well as securing data
shared with outsourcing partners is extremely
relevant. - C N Ram. Group CIO, Essar group
37
What industry experts say
Seclores approach is different in that they not
mandatory rely on such plug-ins but mainly act
below the application. The client component
(which is required to access protected, e.g.
encrypted, documents) tries to analyze the
activities off the application like access to the
file system. One impact of that approach is that
a document might be opened with different
applications supporting the specific document
format.
- Martin Kuppinger, One of the fore-most
information security analysts
Information breaches normally result in
intellectual property violation which is a
serious problem affecting industry today.
Seclores combination of preventive and
corrective methods of handling information
breaches is invaluable to any industry -
Haigreve Khaitan (Managing partner Khaitan and
Co)
Collaboration, security and privacy appear as
mutually conflicting goals with most present day
technologies. Seclore has resolved this conflict
in a very elegant manner with its technology.
- Animesh Parihar (Global Delivery Head SAP)
38
Awards and recognition
Deloitte Technology Fast 50 is a ranking compiled
every year based on percentage of growth of
fiscal year revenue over three years. The
companies must also fulfil other criterion of
technology orientation.
Hidden Gems 2010 by Kuppinger Cole, Europes
leading information security analyst firm is a
report which lists vendors, which have a
significantly differentiated offering and are
market leaders in a particular segment.
39
Awards and recognition
The TR35 award is for innovators whose
inventions and research, Massachusetts Institute
of Technology (MIT) finds exciting. Technology
Review, owned and published by MIT, is the
worlds oldest technology magazine.
Innovations ideas in practice is an annual
event honoring researchers and innovators for
creative and innovative work in the sphere of
science and technology. The innovation needs to
have a high degree of practical relevance to
change everyday life.
40
More Info? www.seclore.com 91-22-4015-5252