Writen by Nathan Kully
Have you ever found a proposal of yours in the hands of a competitors? Unfortunately, far too many small businesses these days have experienced this issue. Until lately, few businesses have done much to protect their company IP. In 2005, according to the FBI/CSI report, 56% of businesses reported that there had been unauthorized use of information within the company's computer systems(1). Think of it this way, while this sort of infiltration probably has not happened to your business, next time you shake the hands of three potential clients, chances are that two of them have had this problem to deal with.
Assets can be stolen from companies in many ways from sloppy ASP/PHP coding to outdated security software to just stealing hardware like discs or laptops. Businesses are aware of the dangers to exposing information, but unfortunately just haven't done enough to protect themselves or their customers to date.
Small businesses aren't the only entities who have to stay on top of data risks. The government and large enterprises have been highlighted in the news for identity theft and laptop breaches. The United States Veteran's Administration experienced the largest loss from laptop theft to date with 26.5 million individual's personal information stolen. Another substantial example of ID theft occurred two months earlier at CitiBank who reported the largest debit card data breach to date when 300,000 account and pin numbers were stolen. Data infiltrators are getting better each day, and while large company thefts make the headlines, small companies are still their primary focus. What can small and medium businesses (SMBs) do but protect their data and files better?
Small Business Rights Management (SBRM) is a term which reflects the shift ERM (Enterprise Rights Management) technology has taken as awareness of industry compliance issues and protection of original works has evolved and become implicit within businesses of under 50 employees. The realm of protected digital documents, like many business solution advances has traditionally only been available to privileged large corporate enterprise businesses. This is no longer the case because rights management solutions can now be for small and medium businesses or sole-proprietorships. SBRM solutions provide businesses of a smaller scale an equal level of user rights management and encryption previously available to large enterprise business.
As awareness about access rights management issues has increased throughout the corporate world, problems have continued to escalate, for example:
• Theft of proprietary information was the third most costly security breach after virus & denial of service attacks (2).
• The most business-critical digital asset a company can have is sensitive financial information (3).
• 40% of survey respondents are concerned with the security in place when sending corporate emails(4).
Standard SBRM software gives content authors the power to determine how recipients may use their email and documents. For example, senders can prevent unauthorized distribution (no forwarding, printing) and prevent unauthorized editing (no cut, copy, paste) of content, also know as copy prevention. SBRM software puts access controls in the hands of SMBs, not just large enterprises.
Compliance regulations are a cost of doing business for many industries like medical, financial and legal industries stiff penalties exist for non-compliance or breach of industry best practices. Industries regulated by compliance laws like HIPAA, SOX and Gramm-Leach-Bliley have found running their businesses to match regulation standards can often be expensive. Government compliance issues for many industries become a financial burden forcing small neighborhood clinics, law firms and entrepreneurs to go under due the financial stress.
Compliance as it concerns digital data is finally catching up to the widening commercial sector which is highly impacted by the success of small businesses. Small firms dealing with compliance issues can turn to SBRM solutions to bridge the gap between staying current with industry regulations and staying in business.
- - - - - - - - - -
End Notes:
1.)Lawrence A. Gordon, Martin P. Loeb, William Lucyshyn and Robert Richardson, "2005 CSI/FBI Computer Crime and Security Survey," Computer Security Institute, http://www.gocsi.com, 2005.
2.) Ibid.
3.) Peter Sargent, "Digital Rights Management in the Enterprise," Jupiter Research, http://www.jupiterresearch.com, May 25, 2004.
4.) Ibid. between Marilee Veniegas and Nathan Kully from Essential Security Software, an emerging access rights software company based in Bellevue, WA.
The SBRM article was a collaboration between Marilee Veniegas and Nathan Kully from Essential Security Software http://www.essentialsecurity.com, an emerging access rights software company based in Bellevue, WA. Marilee is a site editor for the company's email culture blog "I Want My ESS!" http://www.iwantmyess.com Nathan is an Applied Economics student at Cornell University.
0 comments:
Post a Comment