Your Network Is Vulnerable, And So Is Your Data: Increasing Role Of Data-centric DRM Amongst Enterprises

by Abhijit Tannu, CTO, Seclore

We live in a profoundly ‘connected’ world where it is no longer possible to work in corporate silos which were prevalent earlier. Businesses have to work in tandem with each other, with their vendors, and at times, even with relevant agencies horizontally to achieve their overarching goals. This, as it is obvious, requires mutual sharing of information – including critical data – something which can have wide-ranging implications if mishandled by an outside party.

Beyond your digital perimeter – challenges posed by the current corporate establishment:

The current establishment is making the exchange of data almost impossible to contain within the digital perimeter of an enterprise. On one hand, the business cannot make headway without the exchange of critical information. On the other, it stands to bear the brunt of advanced cyber attacks, something which has even put the state-of-the-art digital infrastructure of leading global institutions to shame. Today, an attacker would typically bypass security perimeters, move along network nodes, compromise systems, and penetrate deeper through successive exploits.

Considering this, increasing the number of end-points where your data is available, such as business partner or a vendor, will increase its vulnerability to digital miscreants, who’re constantly intensifying their attacks on IT infrastructure on a global level. Extension of services to mobile and personal devices further enhances the scope of misuse of such data, both targeted and accidental. The digital perimeter is also continually expanding in the form of IoT infrastructure and cloud services, which further deepens this apprehension.

And despite this, we are well aware that no corporate relationship is everlasting. In fact, businesses come together to mutually leverage each other’s advantage in a particular sphere, and since the market is quite dynamic in nature, any market development may trigger a completely different strategic equation at a later stage. This is something that can even turn the strongest of associates into staunch rivals, for instance, Hero MotoCorp and Honda, with the two being in a joint venture for nearly three decades before their eventual split. The availability of your critical data with your new-found business rival such as in this case can have very serious business implications.

EDRM, the harbinger of change

These aspects have cre­ated significant loopholes vis-à-vis data security. This is what is driving more busi­nesses towards EDRM, or Enterprise Digital Rights Man­agement, something that builds security that is inherent to the data. EDRM adds an additional layer of protection which ensures that a business’ critical data remains safe ir­respective of its location, i.e., providing security to both internal as well as outbound data. Such EDRM solutions protect the data by adding multiple constraints to it, for example limiting its access, defining authorised usage, and even the functionalities that can be performed with the data. This includes preventing its duplication, screen cap­turing, offline usage, and even mentioning trusted devices and specific IP addresses that can access the data. EDRM solutions even enable an enterprise to decide the time of usage and the data can also be programmed to self-delete itself after a predefined period of time. This facilitates more seamless transfer of data, irrespective of its sensitivity, while simultaneously eliminating the apprehension with regards to data security in the current, fast-paced business landscape.

The most advantageous aspect of EDRM for enterprises is that it is a data-centric security system, rather than being a network-based security. This system grants safety to essential data even if it is transported out of an enterprise’s digital perimeter intentionally, inadvertently, or even maliciously thorough a network incident.

Such innovative solutions are actively eliminating wide-ranging enterprise-centric problems, including data mishandling and cyber attacks, which have several negative repercussions on a business. EDRM is turning out to be a more successful countermeasure against extensive data security threats and is gradually changing the dialogue from network-centric security to a more evolved data-centric security