BANGALORE, INDIA: Today, organizations worldwide are being bombarded by volumes of information flowing through email, Internet and mobile devices.
There is a continuous inflow and outflow of documents being created, transferred, modified, stored and disposed. Thus, to reduce and manage the document flow, enterprises invest in sophisticated Content Repository and collaboration tools.
Content Repository systems come in different flavors like Electronic Content Management (ECM), Workflow systems, Business Process Management (BPM), Knowledge Management (KM) and Document Management Systems (DMS).
In an interaction with Abhigna N G of CIOL, Rahul Kopikar, business development, Seclore Technology talked about deployment of content management system and content repositories.
He also shared his views on development and future of content management system and content repositories. Excerpts:
CIOL: How do you see the deployment of content repositories? And does it require tight security?
Rahul Kopikar: The need and deployments of content repositories is now quickly expanding to go beyond the enterprise and involve business partners, vendors and sometimes even customers. This, however, has left the information contained within the repository vulnerable to mass leakage.
The volatile nature of business relationships also means that information and systems shared with business partners are used in accordance with pre-defined norms. Depending on the nature of the business this could pose an enormous threat to the business and the ROI achieved from the content repository.
Ensuring the security of information through the lifecycle of creation, distribution, use, and destruction is thus gaining a lot of importance
CIOL: Are there any security loopholes through which data can get leaked out of a Content Repository?
RK: Yes. Security policies for information contained within a content repository are only applicable till the time the information is resident within the repository. Repositories, therefore, implement only the first level of security called "access control".
Access control policies are binary in nature. They dictate whether a user can download information from the repository or not. Once the access control is given and information is downloaded, repositories don't have control over what the user can do with document (e.g. can he print, edit, copy content, and/or distribute the information).
In other words the user is free to do whatever he wants with the information. Access control, therefore, does not protect the information but just the 'gate' though which the information can leave.
