Unlock your data

Inside the Enterprise: Regulations and compliance can put barriers between information, and the users who need to work with it.

Keyhole on computer screen

Businesses in sectors such as health care, manufacturing and financial services are under increasing pressure both to keep information for longer, and to control who has access to it. Regulators, such as the Information Commissioner rightly want to make sure personal information does not fall into the wrong hands.

Businesses also have to comply with industry-specific regulations that control who can see documents, who can amend them, and even where in the world those documents can be viewed.

Once the data is imprisoned, anyone who needs to access it needs to apply for visiting rights.

This, some businesses are finding, is causing IT and compliance departments to put an ever wider range of documents under lock and key. Whilst this might ensure compliance, it can also make it hard for employees to access the information and data they need to do their jobs.

According to Rohit Ghai, general manager for the content and case management group at EMC, the result is that companies put their information in vaults. In effect, they "imprison their data," he says. And, once the data is imprisoned, anyone who needs to access it needs to apply for visiting rights. Hard-pressed IT departments, already dealing with ever-larger quantities of information, simply do not have the time and resources to control information access.

The answer, at least in part, lies in greater automation. As Ghai argues, using automated tools to index and classify information will become a necessity, if businesses are to keep on top of petabytes of sensitive information.

Automation will also be needed to apply access policies to that information, and to determine when those policies have been breached. But at the same time, IT departments need to respond to the needs of users who want to access company documents on the move, especially from personal devices such as tablets, or smart phones.

At EMC's Momentum conference in Berlin, Ghai demonstrated a software prototype that will allow mobile workers to access documents from an iPad, but applies information access policies on the fly.

So, for example, if a user is permitted to view information that is restricted by the US' Department of Defense regulations, only when he or she is in the US, the document management application will allow that access from a US IP address. But if that same user travels outside North America, access will be blocked and the blocked access attempt logged for compliance reasons.

The attention to detail in the system is impressive: even thumbnail views of documents are suppressed, just in case sensitive information could be viewed that way.

Implementing such systems, though, is about more than investing in the software. Companies need to think about who should access their data, where, and under which circumstances. That includes from which type of device.

Automating policies - and compliance with them is well within the reach of technology. Deciding what those policies should be is not just an IT, but a board-level task.

Featured Resources

BCDR buyer's guide for MSPs

How to choose a business continuity and disaster recovery solution

Download now

The definitive guide to IT security

Protecting your MSP and your customers

Download now

Cost of a data breach report 2020

Find out what factors help mitigate breach costs

Download now

The complete guide to changing your phone system provider

Optimise your phone system for better business results

Download now

Most Popular

Dell patches vulnerability affecting hundreds of computer models worldwide
cyber security

Dell patches vulnerability affecting hundreds of computer models worldwide

5 May 2021
16 ways to speed up your laptop

16 ways to speed up your laptop

29 Apr 2021
KPMG offers staff 'four-day fortnight' in hybrid work plans
flexible working

KPMG offers staff 'four-day fortnight' in hybrid work plans

6 May 2021