The following is an excerpt from GovLoop's new pocket guide, Digital Content Security: Breaking Down What You Need to Know. You can download the full guide here.
Now we know what content security is, the type of content that is particularly important to protect, and where the motivations for digital transformation came from. Next, let’s break down content security features so that we can build robust security strategies. Content security practices can be broken into three dimensions:
Content Management Systems
Content management systems or e-document repositories that manage incoming requests for information through access controls that restrict who can open and view files. Features of good content management tools include strong user authentication and authorization; object-level access, which assigns permissions to a class of object types or a specific object; and audit logs showing records of all user and admin events. Perhaps the most important element, however, is metadata, the classification of data, and its management, which is crucial to managing content. A built-in metadata feature lets agencies collect information, and then the automatic tagging of workflows and user interface capabilities let users add meaningful metadata to stored assets.
Rights management, which is the ability to use encryption technology to help protect information independent of storage and transport and after it leaves a specified repository. This helps prevent someone who shouldn’t view certain information from being able to open a document or file. It should work across platforms and devices, helping to secure content anywhere it goes. Specifically, rights management encompasses persistent protection, enforcing access at the file layer; permissions that restrict what a user can do with the content; revocation, which can be set to make content inaccessible after a set date; authentication mechanisms such as username and password combinations, public-key infrastructure and single sign-on. Audit logs are important here too to show all valid and invalid access attempts, plus who did what with the content and where.
Consumption management, or continuous monitoring, which watches for unusual patterns or anomalies associated with protected documents. For instance, if an employee usually prints an average of five documents per day and suddenly prints 500, that should generate an alert. Visualization is one monitoring method. It lets users see where documents are opened. Affinity is another element, associating users with content, and real-time notifications let administrators know when something seems awry.