Categories
Blog File Server Security Insider threats USB Sescurity

An Economical and Effective Data Protection Tailored to Small and Medium-sized Businesses (SMBs)

Data breach threats are growing exponentially; even the small and medium-sized businesses (SMBs) are now in danger, and are most likely to suffer more than the big enterprises. According to UPS Capital, “60% of smaller businesses are out of business within six months of suffering a cyberattack.” Despite the potential catastrophe due to data breaches, preventing it is challenging for the SMBs. First of all, SMBs have relatively less budget and resources for investment. Second, they do not consider themselves as the targets of data breaches, despite the tendency that cybercriminals tend to take the path of least resistance. Simply put, SMBs are left unaware of and vulnerable to data breach threats that can sink businesses outright in extreme cases.

Due to the ever-growing number of data breach threats, we see a variety of enterprise-targeted, complex solutions like data loss prevention (DLP), enterprise digital rights management (EDRM), user and entity behavior analysis (UEBA), and virtual desktop infrastructure (VDI). Unfortunately, it is extremely difficult for SMBs to implement these types of solutions due to high cost and resource requirements for purchase, deployment, and operation. Having found the demand for solutions tailored for SMBs, some solutions vendors provide similar solutions that are less expensive. However, these solutions are still complex to operate and requires dedicated personnel to manage them effectively. Therefore, SMBs need a new concept of data protection with appropriate practices, which will suit their limited budget and resources.

Practice 1) Treating all relevant data and files as one entity, rather than classifying them by the degree of importance or confidentiality
Understanding this practice is the primary goal to set up cost-effective data protection for the SMBs, as all relevant data, whether confidential or not, is unstructured. This means that all relevant data resides anywhere in the files that are being used daily at multiple endpoints. Therefore, SMBs must first consolidate all its data into a system of data repositories, which require physical and network isolation to prevent physical harm and Internet-based threats, respectively. It is all about reducing the number of exit points from which confidential data can be leaked since SMBs will only have to protect data repositories, rather than tens and hundreds of endpoint PCs.

Practice 2) Protecting consolidated data with solutions that provide not only simple operation but also continued productivity for both administrators and employees
Limited resources for SMBs mean that they have less leeway in hiring or assigning time and personnel to implement and manage solutions on a regular basis. Therefore, quick and easy implementation, along with thorough training for operation is important for the administrator. For employees, the solutions must not interfere them from sharing and working with the protected data and files. If the data protection solution goes as far as hindering business productivity of the employees, it may cause more discomfort than the sense of relief.

Practice 3) Acknowledging that data breach threats arise from both inside and out
Data breach threats are no longer about outside-in; according to IBM, 60% of attacks are carried out by those who have insider access. Effective data protection is all about considering both inside and out; threats like hackers, phishing, and ransomware are from outside, while inside threats include malicious and accidental data leaks by the employees. It is crucial that all relevant data is protected while in use, and in motion by regulating what each employee can do and by monitoring what is happening at file and user level.

Naturally, SMBs have less freedom of budget and resources to run their businesses efficiently, and this constraint makes it difficult to find the right ways to protect their data from being breached by ever-growing threats from both inside and out. Blending data consolidation and protection helps SMBs to achieve the primary stage of complete data protection effectively and efficiently. With added protection against data breach from inside and out, SMBs can cap off the implementation and operation of data protection that delivers cost-efficiency and effectiveness to suit their limited budget and resources.

To learn how Secudrive solutions help SMBs protect their important data from being breached from internal and external threats, please read our next blog!

Categories
Blog File Server Security Insider threats USB Sescurity

3 Reasons Why Data Breach is a Difficult Challenge for Most Small and Medium-sized Businesses (SMBs)

Data breach is causing a lot of headaches among global businesses, and it does not seem to slow down anytime soon. In the US alone, businesses and customers suffered 1,120 total breaches and more than 171 million record exposures during the first 10 months of 2017, according to Identity Theft Resource Center (ITRC). Furthermore, its impact is growing as the average cost of a data breach in 2017 has been reported to be $3.62M globally and $7.35M in the US, according to 2017 Ponemon Cost of Data Breach Study.

These numbers may reflect only the reality that big enterprises face; however, to small and medium-sized businesses (SMBs), data breach is a threat that is just as clear and present. In 2016, Symantec’s Internet Security Threat Report reported that43% of data breaches were targeted at SMBs.

Data Breaches Hit SMBs Harder!

Data breaches cause SMBs the financial, reputational, and other organizational damages. A report by Kaspersky Lab shows that average cost of a data breach for SMBs was measured at $117,000 per incident, while more potent and targeted breach cost SMBs $188,000 on average. Some of the key spendings on damage control were as below.

  1. Hiring professional experts and preparing employee training programs
  2. Lost customers or business
  3. Lowered credit rating and increased insurance premiums
  4. Software and infrastructure improvement
  5. Brand image reparation and customer compensation

Monetary loss or business setbacks like above may not be the end of what data breaches can inflict the SMBs; data breaches can lead to business bankruptcy as SMBs are most likely to be lacking in the capital and resources to handle such impact. To According to UPS Capital, “60% of smaller businesses are out of business within six months of suffering a cyberattack.”

Why Do SMBs Suffer More?

SMB owners already have more than enough responsibilities to drive their business forward with limited capital and resources, and this puts data security in a less prioritized position, where it gets either neglected or overlooked without any seriousness. SMB owners and employees are generally unaware of the current state and potential damage of data breach; therefore, they naturally become good, naïve targets of opportunity for the cyber criminals, whether they are inside or outside the organization. This lack of awareness ties closely into the nature of data breach, being not only malicious but also accidental, as most breaches are in fact, caused by mistakes like negligent employees mishandling security configurations or employees clicking wrong links online. Not only that, the limitation of capital and resources will lead to difficulty in covering the costs of implementation of technical measures and damage control. The absence of technical measures undoubtedly puts SMBs in a vulnerable position, which is exposed to data breach threats from various fronts.

Say that SMBs were familiar with and prepared for data breaches, the measures which they implemented can turn out to be insufficient as security gaps can unexpectedly emerge, opened to exploitation by data breach threats. This issue can be considered as a by-product of current trend of data security industry that is focusing on providing enterprise-grade security that demands high investment, dedicated IT resources, and complex configurations. Thus, SMBs are finding it difficult to find the right solutions that will meet their specific requirements, and they are left to settle for cost-effective alternatives that are less capable.

If you, as an SMB owner, have experienced or are worried about data breaches, the important thing is to start seriously considering the potential risks now, and not after the damage has been done. With lack of awareness, capital, and resources, SMBs can be left unsure on “how and what” to do to prevent data breaches. Head to our next blog to learn how SMBs can establish their data security against data breach threats from outsiders and insiders.

Categories
Blog Insider threats USB Copy Protection USB Sescurity

Is Your ‘Secure’ USB Flash Drive Secure Enough to Prevent Insider Threats?

Concern about insider threats has been increasing in organizations. Because insiders usually know which information is sensitive for the organization, where the information is, and how to gain access to it, data breaches by insiders such as employees, former employees, contractors, and business associates are more critical than those by outsiders.

A data breach can occur when an insider loses a laptop or sends an email attachment with sensitive documents to the wrong person by mistake. However, an organization can be severely damaged when a malicious insider intentionally targets sensitive information for reasons such as espionage or selling. Insiders can gain access to and deliver information with relative ease.

In 2009, the FBI announced that former Boeing engineer Greg Chung delivered secure documents valued at $2B relating to aerospace technology to the Chinese aerospace industry as a contribution to his homeland over the 30 years he worked for Boeing. This case shows that data breaches by insiders cannot be detected for a long time. Data breaches by insiders, about which we sometimes see news reports, might be only a small part of undetected insider threats.

Some suggest that non-disclosure agreements can keep employees away from wrong-doing or trusting employees is better than adopting security solutions that decrease work efficiency. However, once data breaches occur, they cannot be easily recovered by lawsuits. Thus, prevention is best.

Many solutions have been introduced to prevent insider threats. Data Loss Prevention (DLP) solutions analyze data packets to check if sensitive information is transferred through the network and detect sensitive information containing specific keywords saved in PCs. Enterprise Data Right Management (E-DRM) solutions encrypt transferring files and manage users’ rights to copy, print, and screen-capture files. Finally, insider threat prevention solutions analyze abnormal behaviors of insiders with data and monitor the possibility of threats.

Meanwhile, USB flash drives are still allowed for unavoidable reasons in many organizations. Security-sensitive organizations have introduced so-called ‘secure’ USB flash drives. These enable a user to gain access to encrypted data on the USB flash drive only with the proper password, and they can protect data breaches even when the USB flash drive is lost or stolen. The U.S. governmental organizations are required to adopt hardware-encrypted, secure USB flash drives that comply with Federal Information Processing Standard (FIPS).

However, how can we handle a malicious insider with a USB flash drive? What if a malicious insider puts sensitive information onto an encrypted ‘secure’ USB flash drives., carries it out of office, decrypts the data, and sells it to competitors?

When it comes to malicious insiders, a copy-protected USB flash drive should be used instead of a general, secure USB flash drive by organizations. A copy-protected USB flash drive makes it possible for a user to gain an access to the encrypted data only with the proper password just like an encrypted USB flash drive. Furthermore, an administrator is able to restrict a user’s right to copy, print, screen-capture, and network-transfer files on the USB flash drive. Also, what a user does with files on the USB flash drive is monitored through the internet. There are two types of copy-protected USB flash drives for the purpose of 1) business, for office files and CAD files, and 2) content distribution, for multimedia files. The first can be used mainly for preventing insider threats.

Think about it!

For example, if you adopt an encrypted USB flash drive in your hospital and a staff member deliver one of the encrypted, ‘secure’ USB flash drives containing Personal Health Information (PHI) along with the password to an unauthorized person, can you be assured that the ‘secure’ USB flash drive prevented a Health Insurance Portability and Accountability Act (HIPAA) breach?

Categories
Blog File Server Security Insider threats

The final step of file server security: prevention of copying a file from a file server

Important unstructured data concerning accounting, product development, and marketing are stored in file servers in organizations. Users share the data using shared folders on file servers. File server security is crucial because organizations could lose intellectual property and be damaged in terms of business continuity and reputation if the data is lost or leaked from a file server due to disaster, error, or external attack.

The following should be done to secure file servers: 1) keep file servers in a secure place to prevent theft, 2) separate file servers from the Internet to prevent cyber-attack, 3) encrypt file servers using Bit Locker to prevent data leakage in case of theft or loss, 4) keep Windows file server software updated to maintain up-to-date security patches, 5) install anti-virus software to prevent malware, 6) control access and privileges of users, 7) regularly back up file servers, 8) whitelist applications in a file server to prevent ransomware, and 9) audit the file logs of users.

However, existing file server security solutions have mostly concentrated on preventing attacks from the outside and lack focus on preventing insider threats to file servers.

Theoretically, we can audit files a user copies or transfers outside the server through logs provided by the Windows file server; however, in reality, if the options are set to create logs, tons of logs can be created. Accordingly, it is very hard to figure out which log is useful, and log data management can be another bothersome job, which is why many expensive third-party file server audit software applications for sorting, managing, and monitoring logs are needed.

We can manage users’ permission as ‘read only,’ ‘write,’ ‘modify,’ etc. However, we cannot prevent a user from copying a file to the outside, even by assigning the ‘read only’ permission to a user. As a user’s permission provided by Windows, ‘read only,’ only makes it impossible to modify the original file with the same file name. If we rename it, we can modify and copy it as well. However, when it comes to file servers, as an important collaborative workspace in organizations, more features relating to insider threat prevention are needed for more than permission management. It should be possible to prevent users from copying, printing, screen-capturing, and network-transferring files, even when they can edit the files.

Secudrive File Server prevents users from copying, printing, screen-capturing, and network-transferring a file in a shared folder of a file server, even when users can edit the file. Moreover, it makes it possible to filter and sort when and where a user can create, modify, copy, transfer, and delete a file, making it very useful for auditing as well as real-time monitoring. Secudrive File Server can keep file servers secure as a collaborative workspace from insider threats and can be considered the final step in file server security.

Categories
Blog Device Control File Server Security Insider threats USB Sescurity

How to Prevent HIPAA Data Breach by Insiders

The most frequent cause of health data breach accidents is an insider. About half of these accidents are a result of an error by insiders while the other half are a result of wrongdoing. Obviously, we should prevent accidents by both causes. (Read: Insiders: the Most Frequent Reason for HIPAA Data Breach)

First, health data should not be stored in scattered PCs, but should be stored separately from other data in a securely reinforced storage computer. This has a decided advantage to keep not only confidentiality but also integrity and availability, which are required in the security rules of HIPAA.

A file server could be a good option, after it is reinforced with some actions, as follows. Access to and permission to edit the data should be controlled. File versioning is needed to keep data integrity against intentional alteration or deletion of the data. The data should be backed up in real time or regularly to keep data availability. And finally, the network for storage should be separated physically/logically and encrypted to protect against attack from outsiders.

Secudrive File Server makes it possible to manage users’ rights of copying, printing, screen capturing and network transferring to use files in the file server. File activity logs are monitored at a glance and stored in real time so that they could be very helpful for audits. When data is transmitted to the outside, it provides encrypted data transfer under approval by the authority. In addition, whitelisting to enable specific applications to be used in the server can protect the data against attack by ransomware.

When data needs to be taken outside using a USB flash drive, Secudrive USB could be used to prevent users from unauthorized copying, printing, screen capture or network transfer of data on the USB flash drive to others, even in an ‘out of sight’ environment. Usage logs are gathered and monitored in real time through the network. When offline, the logs are gathered in the secure zone of the USB flash drive. When it comes back to the office, an administrator can view what the user had done with the USB flash drive. If the USB flash drive is stolen or lost, the data on it can be destroyed remotely. Of course, the USB flash drive is hardware encrypted, requiring a password to see the data. Secudrive USB Management Server provides a central management environment to manage the security policy of scattered USB flash drives and to monitor their real-time usage.

Because external hard drives, USB flash drives, and smartphones can be connected to PCs through USB ports, they could be used to take data from a PC. Secudrive Device Control can block the USB ports, ensuring that only secure USB Flash drives like the Secudrive USB flash drive can be used. For a coworker off site, an access-controlled account can be made for him/her in the file server to share files. This is much more secure than using email or public cloud service to share data.

Finally, educating insiders about security should be a top priority to prevent health data breaches by insiders. Data should be classified to be kept secure and access and rights to classified data should be allocated to the right persons. Administrative works should be done and updated regularly. In the ongoing administrative process, Secudrive could be an easy and cost-effective solution for small and medium healthcare organizations to mitigate the risk of a data breach by insiders in accordance with the technical safeguards of the security rules of HIPAA.

Blogs relating to HIPAA

Data Destruction for HIPAA Compliance
Insiders: the Most Frequent Reason for HIPAA Data Breach
the Costs of Data Breaches and Violation against HIPAA
The Primary Threats to Data Breaches of Protected Healthcare Information(PHI)
The Three Safeguards of the HIPAA Security Rule Summarized

Categories
Blog Insider threats

Insiders: the Most Frequent Reason for HIPAA Data Breach

Ponemon Institute and IBM reported that the average total cost of a data breach is $4M in their study, “2016 Cost of Data Breach Study: Global Analysis,” which researched 383 companies in 12 countries, including the U.S. However, the average total cost of a health data breach could be more than that because the study said that a stolen healthcare record costs the average business $355, which is more than the twice the mean cost of $158 across all industries.

A small data breach could cause huge operational, financial and reputational damage to a healthcare organization. When a data breach occurs, the healthcare organization must have a long intensive audit by the Office for Civil Rights (OCR) and spend a lot of time and money on the resolution process to comply with the Health Insurance Portability and Accountability Act (HIPAA) regulations. The OCR will release information about the accident in the media, likely damaging the organization’s reputation. Expensive lawsuits from affected individuals can then follow.

Meanwhile, according to the Breach Barometer Report: 2016 Year in Review by Protenus, 192 out of 450 healthcare data breach accidents of 2016, which they surveyed, were caused by insiders. This means that data taken by an insider is the most frequent reason (43%) while hacking accounts for 26.8% and data simply lost/stolen accounts for 19% of all breaches. Of the 192 accidents in the report, 99 were a result of an insider-error or accident, while 91 were a result of wrongdoing. (Two could not be classified as error or wrongdoing due to lack of information.)

Protenus’s report also mentioned that it took an average of 233 days for a healthcare organization to discover they had a health data breach, however, the time to discover in cases of insider wrongdoing was more than double that – 607 days. It indicated that the main reason for taking that long is lack of money and a dedicated professional to monitor data, but another important reason is that organizations basically have taken a reactive approach to privacy monitoring: they worry about breaches to patient data only after they are brought to their attention by the affected party, allowing for inappropriate access to patient data to go unnoticed for extended periods of time, if it is detected at all. The organizations may also be informed about breaches by outside sources like the media.

Secudrive could be a good alternative for healthcare organizations to take a proactive approach to prevent data breach by insiders. Specifically, it provides an easy and cost effective way even for small and medium organizations to prevent intentional breaches by malicious insiders as well as breaches caused by an error by inadvertent insiders.

Blogs relating to HIPAA
Data Destruction for HIPAA Compliance
the Costs of Data Breaches and Violation against HIPAA
The Primary Threats to Data Breaches of Protected Healthcare Information(PHI)
The Three Safeguards of the HIPAA Security Rule Summarized

Categories
Blog Device Control File Server Security Insider threats

Insider Threat Prevention Using a File Server in an SMB (Small & Medium Business)

One possible alternative for resolving data security and management issues in a distributed data environment is the VDI (Virtual Desktop Infrastructure). In a VDI environment, the insiders’ PC functions as a terminal with which to work with data stored on servers. Insiders’ PCs don’t have any data stored on them, thus providing a significantly enhanced level of information security for enterprises. System administrators can focus on server management, while insiders are responsible for managing what happens on their own PCs.

However, the VDI environment is quite unlike the typical PC environment, and being so unfamiliar to most of us, we would likely need the help of VDI specialists to introduce and manage it. Furthermore, a VDI environment costs about twice as much as a standard PC environment because the software licenses for servers which are not required in PC environments can be quite pricey. Consequently, many companies, especially SMBs, are often reluctant to introduce VDIs despite their obvious advantages in terms of information security and management.

A file server solution represents a reasonable alternative to a VDI. In this solution, all corporate data is stored on a file server, and an administrator focuses on the server to enhance the level of security and to facilitate asset and data management. With all corporate data now stored on the file server, all activity log files from creation to deletion can be gathered quickly, and individual access authority can be managed collectively. Moreover, if the file server has a backup system, data loss due to inadvertent or malicious deletion by insiders can be prevented. Ransomware attacks can also be prevented through the use of whitelisted corporate applications. Of course, the file server should be encrypted and equipped with antivirus to prevent attacks from outside, too.

All file activities should be executed on the server, and all users should be restricted from copying and network transferring a file to outside the file server, thus preventing data leakage. A watermark or print prohibition feature could be useful in preventing data leaks through printing. If a file server is equipped with such DRM features, it can effectively prevent insider threats. In sum, there is a range of data and network security features available with a file server solution, thus negating the need for a VDI.

Categories
Blog File Server Security Insider threats

3 Ways SECUDRIVE is a Better Alternative to Google IRM in an Enterprise Environment

Though I have found that Google’s IRM has some good features such as its abilities to block exporting, copying, and printing for Google App files, I have also found a few weak points that would not make it the best option in an enterprise-level setting [Previous Post: 4 Reasons Why Google IRM is Not Enough for Corporate Use].

SECUDRIVE File Server (FS) can create a secure collaborative enterprise environment and I have listed what I thought are the top 3 ways FS can be a better alternative solution to Google IRM.

Simplified Management and Implementation
While Google IRM uses a file-by-file management system, FS simplifies management by utilizing a folder-based system. I find that it is much easier to manage a few folders than a few hundred files.

Instead of having the user be responsible for setting the IRM settings, FS has all security settings applied by a security administrator. This gives users one less thing to worry about when sharing files and puts the responsibility of security in the hands of someone qualified to handle it. Personally, I wouldn’t want to have 100 separate users responsible for my data’s security because that is 100 more opportunities for data to be leaked.

The solution can also be applied to a Windows file server and use the preexisting Active Directory, users, groups, permissions, and shared folders for a hassle-free implementation. FS extends to the cloud as well and can be implemented onto cloud servers such as Amazon AWS EC2 with Windows Server in order to allow users to access data in a protected state while out of the office network.

Wide Variety of Protected Applications
Since Google IRM is mainly focused on protecting Google App files, in order for me to truly get the full extent of the security, I would have to convert my Microsoft Word documents, Powerpoint presentations, and Excel files to their Google Apps counterparts. I don’t know about you, but that is a lot of files I would have to convert.

With FS, I do not have to convert anything so I can maintain the overall workflow for myself and my team by using our normal applications such as Microsoft Office Suite. It also supports other applications such those in Adobe Creative suite, as well as an array of video players, photo viewers, and standard Windows applications such as Notepad. FS is also versatile with its protected applications so, for example, it can protect a manufacturing company that may have CAD-based product designs files and layouts in AutoCAD and CATIA as well. This versatility can help keep business as usual in multiple types of environments.

Protected Editing
My biggest disappointment with Google IRM was the lack of protection for editors since the simultaneous collaborative functions were, in my opinion, the most useful feature of Google Apps. So it creates a situation where has to choose between collaborative editing and IRM security.

In contrast, the rights management feature of FS extends to users that have read/write access. They will not be able to copy, print, screen capture, or transfer any files out of the protected shared folders but will still be able to edit and work as normal. I can also select which rights I want to block individually on FS whereas Google IRM is only one option to block exporting, copying and printing altogether.

I should mention that I have only outlined a few features of FS in comparison to Google’s IRM because the entire FS solution comes with many other security features such as real-time monitoring, detailed logging, DFS and WSFC compatibility, Addition of file linking for Windows Servers, and encrypted file export to SECUDRIVE manageable USBs.

So if security is your main concern when sharing your organization’s files, then SECUDRIVE File Server would be a better alternative to help mitigate the intrinsic risks associated with file sharing.

Click here to ask us more about our SECUDRIVE File Server Solution

Categories
Blog File Server Security Inside Story Insider threats NEWS

4 Reasons Why Google IRM is not Enough for Corporate File Sharing

Google has implemented a new security feature in order to allow file owners to control whether or not the users for shared files can copy, print, or export them on Google Drive. I wanted to explore the usability of Google’s IRM feature within a corporate environment to see if it could help to prevent data leaks caused by insider threats from employees, as well as data leakage threats from partners, and third-parties. If the feature is sound, it could be a convenient method of safely sharing data since Google is linked up with many useful applications.

Unfortunately, upon further investigation and usage of Google’s IRM, I found that it was a good feature in some aspects but not quite good enough to be suitable for corporate use.

Here are my four reasons why I believe it is not well suited for corporate file sharing.

Rights Management Concerns
There were two key issues with management of the Google IRM feature. The first is that the IRM features are set file by file making it a big headache for any security administrator. Imagine managing just 20 users and each of them made just 1 file per day. This is around 600 files per month that they would have to try and manage. Now imagine that on an enterprise scale. That would be thousands of file daily.

IRM is also set by the file owner instead of the security administrator. It basically leaves each employee in charge of the security of each individual file leaving you highly vulnerable to employee-related data leaks.

Collaborative Editing or IRM
Personally, I find that the collaborative editing is one of Google Apps’ best features so you can imagine my disappointment when I found that the IRM doesn’t extend to editors.

Google’s IRM is only applicable for users with read or commenter access rights (Previous Post: Top 3 Things to Know about Google’s Information Rights Management (IRM)) meaning I ultimately have to choose to have IRM security without the ability to edit or have the convenience of collaborative editing without IRM security. Why can’t I have both?

Google Apps Only
The Google IRM is mostly centered on protecting Google App files and for all other files in Google Drive, the functionalities are limited. For non-Google App files, the IRM only removes the options for copying, exporting, and printing but content can still be copied using clipboard copying. So, Google IRM is not a viable option for confidential data. Also, since many of my organization’s files are from Microsoft Office as well as other standard applications such as those from Adobe Creative Suite, a large majority of my files will not fall under the full protection of Google’s IRM.

Lack of Compatible Protected Applications

As previously mentioned, Google IRM is focused mainly on Google App files, so it leaves the large majority of my other files to fend for themselves. The only files that I could protect are Microsoft Office files but they would have to be converted into Google App files in order for me to get the full protection.

I personally share a lot of Adobe Illustrator, Photoshop, and Premiere files for marketing content on the website. These files do not have a Google-App counterpart and cannot be used within Google’s browser-based platform. So essentially, the feature provides very little usability and security for myself and my team.

For other organizations, I can see this being an even larger barrier. For example, R&D for a manufacturing company could need protection for their AUTOCAD files, website developers could need protection for their HTML files, or a gaming software design company would need protection for their source codes.

Google IRM’s Role and an Alternative Solution
Google IRM could be a good start to trying to protect you from data leaks caused by your own employees and colleagues. As it is now, it doesn’t seem good enough to be used in a dynamic enterprise-level environment. But if you want to create a more secure environment that is convenient and better suited for the enterprise, we have a solution that would be able to allow for secure file sharing within file servers and the cloud by using advanced rights management technology. [Next Post: 3 Ways SECUDRIVE is a Better Alternative to Google IRM in an Enterprise Environment]

Categories
Blog File Server Security Inside Story Insider threats NEWS

Top 3 Things to Know about Google’s Information Rights Management (IRM)

Google Apps for Work released a security feature last July which enables the owner of a document to disable the download, print, and copy functions for Google App files using Information Rights Management (IRM).

I was excited to see that Google was looking more into rights management solutions as it is not a common feature in most cloud service solutions. As I mentioned in one of my previous posts (Link: 5 Security Concerns when using Google at Work), I use Google Apps for work regularly so I was eager to test out the IRM functionality and implement it within my own work environment as it looked like it could solve some of my security concerns.

Blocking Copying Functions for Google Apps
Upon testing the feature, I found that I was able to block copy & paste, clipboard copy, export, downloading, and printing functions for Google App files, specifically for viewers and commenters. This feature is most useful in situations where I want to receive feedback on a Google Document but I do not want the shared users to copy or save the data to their own machines. [Link: http://googleappsupdates.blogspot.com/2015/07/disable-downloading-printing-and.html]

Though I should mention that you cannot control each of these blocks individually, it wasn’t too big of a problem since when I want to block copying, I typically want to block printing and exporting as well.

IRM in Google Drive
The IRM feature also expands to non-Google Apps files stored in Google Drive and disables the menu items for export, copying, and printing. But I noticed that the features aren’t as in-depth for Google Drive files in comparison to Google App-files since content can still be copied using the copying keyboard shortcuts.

I have some concerns with the fact that files can be opened and then screen captured for Google Apps and Non-Apps files alike. The protection for Google Drive files only applies when the files are viewed within the browser as well.

Feature Does Not Cover Editors
The IRM only applies to users that have a viewer or commenter access. So the feature cannot prevent editors from copying information. I had hoped that the IRM function would have covered all user types because there are instances where I do not want editors to be able to copy the information to their own systems but I still want the collaborative functionalities that make Google Apps so great. If Google expands the protection to editors as well, it could help to greatly improve the usability of the IRM feature. [Next post: 4 Reasons Why Google IRM is not Enough for Corporate File Sharing]

Overall, it is nice to see Google being proactive in regards to security by providing more options for users to protect their shared data. Though it’s a positive step in the right direction, the IRM feature does have room for improvement.