Compliance and Security Solutions

Similar documents
HiSoftware Policy Sheriff. SP HiSoftware Security Sheriff SP. Content-aware. Compliance and Security Solutions for. Microsoft SharePoint

The SharePoint Customer Journey Turn SharePoint into a Broadly Adopted Compliance and Security Asset

Best Practices for SharePoint Content: A Checklist for Creating Policies that Encourage Secure Collaboration and High User Adoption

Protecting Data-at-Rest with SecureZIP for DLP

Protecting Business Information With A SharePoint Data Governance Model. TITUS White Paper

A Websense Research Brief Prevent Data Loss and Comply with Payment Card Industry Data Security Standards

how can I comprehensively control sensitive content within Microsoft SharePoint?

with Managing RSA the Lifecycle of Key Manager RSA Streamlining Security Operations Data Loss Prevention Solutions RSA Solution Brief

Reining In SharePoint

Titus and Cisco IronPort Integration Guide Improving Outbound and Inbound Security. Titus White Paper

5 Lines of Defense You Need to Secure Your SharePoint Environment SharePoint Security Resource Kit

RSA Solution Brief RSA. Data Loss. Uncover your risk, establish control. RSA. Key Manager. RSA Solution Brief

User Driven Security. 5 Critical Reasons Why It's Needed for DLP. TITUS White Paper

Enterprise 2.0 and SharePoint 2010

The Impact of HIPAA and HITECH

HIPAA and HITECH Compliance for Cloud Applications

Data Loss Prevention Program

Real-Time Security for Active Directory

The biggest challenges of Life Sciences companies today. Comply or Perish: Maintaining 21 CFR Part 11 Compliance

WHITE PAPER SPON. Information Security Best Practices: Why Classification is Key. Published November 2011 SPONSORED BY

W H I T E P A P E R E X E C U T I V E S U M M AR Y S I T U AT I O N O V E R V I E W. Sponsored by: EMC Corporation. Laura DuBois May 2010

Empowering Your Business in the Cloud Without Compromising Security

White paper. Four Best Practices for Secure Web Access

White paper. Five Key Considerations for Selecting a Data Loss Prevention Solution

MICROSOFT DYNAMICS CRM Roadmap. Release Preview Guide. Q Service Update. Updated: August, 2011

BENEFITS OF IMAGE ENABLING ORACLE E-BUSINESS SUITE:

Microsoft Technology Practice Capability document. MOSS / WSS Building Portal based Information Worker Solutions. Overview

Securing and protecting the organization s most sensitive data

Top Four Considerations for Securing Microsoft SharePoint

10 Building Blocks for Securing File Data

Proven LANDesk Solutions

How to Secure Your SharePoint Deployment

CONCEPTCLASSIFIER FOR SHAREPOINT

Your is one of your most valuable assets. Catch mistakes before they happen. Protect your business.

Data Sheet: Archiving Symantec Enterprise Vault Store, Manage, and Discover Critical Business Information

IBM Data Security Services for endpoint data protection endpoint data loss prevention solution

FIVE KEY CONSIDERATIONS FOR ENABLING PRIVACY IN HEALTH INFORMATION EXCHANGES

DLP Vendors 8/8/2011. Data Loss Prevention: What We ve Learned from WikiLeaks TECH 15. A Few Good Questions

Enterprise Content Management with Microsoft SharePoint

TECHNOLOGY PARTNER CERTIFICATION BENEFITS AND PROCESS

McAfee Data Protection Solutions

A CPA recounts exponential growth in Compliance. Mary Ellen McLaughlin

APPLICATION COMPLIANCE AUDIT & ENFORCEMENT

Overview of Active Directory Rights Management Services with Windows Server 2008 R2

CONNECTING ACCESS GOVERNANCE AND PRIVILEGED ACCESS MANAGEMENT

RSA Data Loss Prevention (DLP) Understand business risk and mitigate it effectively

CA point of view: Content-Aware Identity & Access Management

PCI Compliance for Cloud Applications

Achieving Regulatory Compliance through Security Information Management

Websense Data Security Suite and Cyber-Ark Inter-Business Vault. The Power of Integration

IT Security & Compliance. On Time. On Budget. On Demand.

Healthcare Insurance Portability & Accountability Act (HIPAA)

Content Management for SAP Business Suite powered by SAP HANA

Protective Marking for UK Government

Track-It! 8.5. The World s Most Widely Installed Help Desk and Asset Management Solution

How can Identity and Access Management help me to improve compliance and drive business performance?

The Value of DLP

Web Protection for Your Business, Customers and Data

White Paper. Managing Risk to Sensitive Data with SecureSphere

Transform records management

effective performance monitoring in SAP environments

Supporting FISMA and NIST SP with Secure Managed File Transfer

Maintaining PCI-DSS compliance. Daniele Bertolotti Antonio Ricci

Ensuring Security and Compliance of Your EMC Documentum Enterprise Content Management System: A Collaborative Effort of EMC Documentum and RSA

Security and Privacy of Electronic Medical Records

Embarcadero Technologies, with contributions from Ron Lewis, Senior Security Analyst, CDO Technologies

plantemoran.com What School Personnel Administrators Need to know

CA Technologies Healthcare security solutions:

Strategies to Mitigate Information Risk: Data Loss Prevention and Enterprise Rights Management

Improving Unstructured Data Governance. Ryan Jancaitis Product Management Symantec

Emptoris Contract Management Solution for Healthcare Providers

Implementing SharePoint 2010 as a Compliant Information Management Platform

Xerox Workflow Automation Services Solutions Brochure. Xerox DocuShare 7.0. Enterprise content management for every organization.

IBM Data Security Services for endpoint data protection endpoint encryption solution

THOMSON IP MANAGER KNOWING IS INGENIOUS

Symantec Security Compliance Solution Symantec s automated approach to IT security compliance helps organizations minimize threats, improve security,

Privilege Gone Wild: The State of Privileged Account Management in 2015

Your is one of your most valuable assets. Catch mistakes before they happen. Protect your business.

HIPAA Omnibus Compliance How A Data Loss Prevention Solution Can Help

SHAREPOINT 2016 POWER USER BETA. Duration: 4 days

Top Ten Technology Risks Facing Colleges and Universities

Service management White paper. Manage access control effectively across the enterprise with IBM solutions.

Extending SharePoint for Real-time Collaboration: Five Business Use Cases and Enhancement Opportunities

Microsoft Office SharePoint Server (MOSS) 2007 Overview

HEALTHCARE SECURITY AND PRIVACY CATALOG OF SERVICES

Websense Data Security Solutions

GROW. From Intuit QuickBooks to Microsoft Dynamics GP: A move that makes sense for growing businesses

Contents of This Paper

Information Protection Framework: Data Security Compliance and Today s Healthcare Industry

How To Preserve Records In A Financial Institution

Product Brief MATTERSPHERE MODULES: A COMPREHENSIVE REVIEW

Managing the Perpetual Risk of Web Content Compliance

Best Practices for Choosing a Content Control Solution

Published April Executive Summary

THE FUTURE OF COLLABORATION

Gain control over all enterprise content

SharePoint Governance & Security: Where to Start

Contract management's effect on in house counsel

Best Practices in Enterprise Data Governance

Transcription:

Content-aware Compliance and Security Solutions for Microsoft SharePoint

SharePoint and the ECM Challenge The numbers tell the story. According to the consulting firm Doculabs, 80 percent of the information within organizations is unstructured (word processing files, emails, spreadsheets, Web content, blogs, wikis, etc.), with growth predicted at a rate of 36 percent per year. 1 So how are businesses managing this explosion of content? Many organizations are turning to SharePoint as the solution to their content management challenges. Microsoft recently stated that 20,000 new SharePoint users come online every day. The research firm AIIM has also reported on the rapid adoption of SharePoint, stating that 70 percent of the largest global organizations are already using it today. AIIM further reports that in organizations using SharePoint, more than half consider it their primary ECM system. But gaps in SharePoint adoption and business-readiness remain, particularly when it comes to data compliance and the management of private or otherwise sensitive content. In fact, only 20 percent of the respondents to AIIM s 2011 survey indicated they had sufficient confidence in SharePoint security to store sensitive information. And more than 60 percent of organizations have yet to bring SharePoint in line with their existing compliance policies. 2 SharePoint: Not a Compliance and Security Silver Bullet As this data shows, many organizations are deploying SharePoint to manage their enterprise content and streamline business processes while enhancing enterprise 2.0 collaboration. However, compliance and security concerns and their associated risks remain top of mind. As the amount of content and user interaction increases, particularly given the enhanced collaborative capabilities of SharePoint 2010, the chance for a security breach or a compliance violation increases as well. Without effective compliance and security controls, SharePoint will never realize its potential as a comprehensive, widely adopted Enterprise Content Management platform. A solution that automatically scans, classifies, applies permissions, tracks, encrypts and prevents the inappropriate storage, access and distribution of sensitive content stored in SharePoint is clearly necessary to overcome this confidence gap. Ensure Data Compliance, Enforce Information Security Controls Fully integrated with SharePoint, HiSoftware s content-aware compliance and security suite, HiSoftware Compliance Sheriff and HiSoftware Security Sheriff, complement the platform s powerful content publishing and collaboration features by continuously auditing data and documents for compliance requirements such as privacy, information security, accessibility, site quality and brand integrity. Along with the hundreds of checkpoints built-into HiSoftware s policy manager, including pre-defined checkpoint groups for Section 508, WCAG 2.0, HIPAA, FISMA, PCI-DDS and other regulatory mandates, HiSoftware s suite of solutions allow users to easily define and configure checkpoints for their own unique privacy and security policies without costly consulting and/or programming resources. As the solution scans and identifies areas of risk or detects specific policy violations, the flagged item is classified via the addition of Sheriff metadata. Once classified, user-defined business rules can automatically restrict access to the item, encrypt it, track the document s chain of custody, and prevent it from leaving SharePoint. 1 Source: http://www.doculabs.com/wp-content/uploads/downloads/2011/12/ A-Doculabs-White-Paper-Quantifying-ROI-for-ECM1.pdf 2 Source: AIIM s 2011 State of the ECM Industry

HiSoftware Compliance Sheriff HiSoftware Compliance Sheriff is an award-winning content-aware compliance solution for SharePoint 2010 and MOSS 2007. Compliance Sheriff allows organizations to realize the full ECM potential of SharePoint while mitigating the risk of a privacy breach and ensuring compliance with specific regulations and internal policies including PII, PHI, PCI-DSS, HIPAA, HITECH and custom guidelines. With Compliance Sheriff organizations can: AUDIT (2007/2010): Organizations can scan information at rest within their SharePoint sites against over 650 existing and easily configurable policy checkpoints to assess the level of sensitive information present and identify compliance issues. In addition, Compliance Sheriff also scans data in motion against these or custom corporate policies as documents are updated or moved in and out of your SharePoint environment. REPORT (2007/2010): Through the policy dashboard, Compliance Sheriff provides executives and policy managers with visibility into SharePoint s compliance status. Via standard reports, compliance and privacy officers get real-time insight into the compliance status of the SharePoint environment, can identify teams or departments where issues are recurring, and measure progress against compliance objectives over time. The reporting function also provides a detailed analysis of red flag issues allowing developers and quality assurance teams to quickly identify and remediate issues. CLASSIFY (2010): As Compliance Sheriff identifies potentially sensitive content, at rest or in motion, in SharePoint, it can dynamically tag the content with metadata that identifies it as having a certain level of risk or as containing sensitive information. Content scans are triggered: By the HiSoftware policy manager as it scans data at rest within a specific SharePoint site or library Automatically as new documents and items are added to SharePoint By authorized users when they create and/or edit an individual document or content item Authorized users can also reclassify documents. unauthorized users. Classification can also aid in e-discovery, search and retrieval, and provide a persistent form of identification for sensitive content as your SharePoint environment grows and evolves. QUARANTINE (2010): Using Sheriff Workflow (optional module), organizations can also quarantine documents and stop them from being added, published or moved in SharePoint. Workflows can be designed to match the complex needs of any organization. CONTROL (2010): Additionally with the Sheriff Workflow module, Compliance Sheriff can trigger workflows to remediate compliance issues and/or task the proper individual(s) in the organization to review and potentially quarantine, remove, classify or re-classify the content. According to AIIM only 20% of organizations have sufficient confidence in SharePoint security to store sensitive information in it and over 60% of organizations have yet to bring the platform in-line with existing compliance policies. A number of basic classification categories come standard with the solution, however, an organization may easily customize any number of new classification categories for their specific needs. Once an item is classified by Compliance Sheriff the classification values can then be utilized by the optional Security Sheriff product to automatically restrict, track and encrypt documents, as well as prevent distribution by

HiSoftware Security Sheriff SP2010 The award-winning HiSoftware Security Sheriff SP2010 provides the ability to restrict access to, encrypt, track and prevent the publishing of content based upon the presence of sensitive and/or non-compliant information, offering content-aware data loss protection (DLP) capabilities for SharePoint. When used in conjunction with Compliance Sheriff, it leverages the product s policy scanning and auto classification features to perform these actions automatically. Security Sheriff enables both users and administrators to: CLASSIFY: With Security Sheriff, users can easily configure secure metadata and define choice values to suit any business requirement. Authorized SharePoint users can classify or declassify documents according to their content, unlike standard SharePoint data that can be modified by anyone that is allowed access. Using Security Sheriff users can define the level of sensitivity of the document as confidential, private or secret. Then depending on their selection additional levels of classification, including selecting the audience, department or project, can be added as required. RESTRICT: Based upon the business rules associated with its classification, access to a document or content item within SharePoint can be restricted to a specific individual or group, even if a wider audience has access to the site or library where the item physically resides. With file level permissions, administrators can reduce the number of sites that get created (site proliferation) just to cope with another set of collaborative users. Managing file permissions with Security Sheriff is easy since they are based on the metadata values added at the time of classification. ENCRYPT: Data loss prevention is a critical issue for many organizations. In addition to securing a document based on its classification (metadata), Security Sheriff can further secure SharePoint content by encrypting it. When Security Sheriff identifies sensitive content, it can encrypt the information immediately. This means only properly credentialed users will be able to read the content whether inside or outside of SharePoint even if they have SharePoint administrator privileges, making it safe to store confidential documents such as Board discussions and HR documents. It also ensures any documents that make it out of SharePoint can only be accessed by the credentialed users. TRACK: With the optional Sheriff Office and Outlook Connector modules, Security Sheriff can also track the entire lifecycle of Microsoft Office documents. This means that a policy manager or security officer can see if and when a document has been read, emailed, or printed and by whom. A document s entire chain of custody is recorded and easily available in the event of a breach or a regulatory audit. PREVENT: To further extend the tracking process you can also define rules in Security Sheriff to warn users on or prevent the distribution of sensitive information or confidential documents. For example, if a document is going to be emailed to a group and a listed recipient does not have proper access to that category of document, the email cannot be sent until that individual is removed from the distribution list. Users can also be prevented from printing and saving Microsoft Office documents outside of SharePoint. CONTROL: Using Sheriff Workflow, Security Sheriff can trigger workflows to quarantine, move, request approval from policy officers / managers, or request explanations from users. Complete business rules can be developed so that you can remediate compliance issues and/or task the proper individual(s) in the organization to review and potentially classify, re-classify or encrypt the content. Workflow can also be used to prevent the publication of confidential documents. With Sheriff Workflow organizations can also block documents from being added, published or moved in SharePoint.

Flexible Policy Manager The policy manager is a flexible rules engine within Compliance Sheriff. It ensures information moves in and out of your systems in accordance with your privacy policy, Written Information Security Program (WISP), and brand standards. The policy manger s checkpoint groups are broken out into four modules outlined below (each sold separately) allowing you to address the compliance issues pertinent to your organization. By taking advantage of pre-defined policy checkpoint groups to address specific regulatory mandates your organization can quickly deploy a proven content compliance solution and begin protecting sensitive information immediately. Should your compliance needs change you can add a module at any time. Also, as you refine your compliance approach to meet the unique needs of your organization, the flexibility of the policy manager allows you to easily customize and add new checkpoints. These checkpoint groups are also available for Security Sheriff when paired with Compliance Sheriff. PRIVACY: The Privacy Module automatically scans SharePoint sites to detect the presence of PII, PHI, intellectual property, company confidentials and sensitive information, notifying policy officers and privacy managers of potential violations. Depending on your organization s unique compliance approach and risk threshold, it can confirm the use of secure methods to collect private information with the proper consents, and ensure that whenever information is stored, accessed or moved, it is only by credentialed users and only to appropriate locations. The module includes standard privacy checkpoints for: HIPAA, FISMA, PCI-DSS, COPPA, OMB 10-22 cookie guidance, MA 201 CMR 17 and other key privacy standards. ACCESSIBILITY: The Accessibility Module establishes ongoing, automated checks to ensure SharePoint accessibility concerns are seamlessly managed and that compliance issues are flagged and prioritized for swift remediation. The Accessibility module checkpoints map to all common Web accessibility standards including Section 508, WCAG 2.0, Canadian Common Look and Feel (CLF) and XML Accessibility Guidelines (XAG). BRAND INTEGRITY AND SITE QUALITY: The Brand Integrity and Site Quality Module scans and analyzes SharePoint content for brand conformance issues such as logo consistency and integrity, correct legal name usage, copyrights and more. This module also includes checkpoints to monitor for offensive or inappropriate language that may be included in collaborative environments such as blogs, discussion lists or other user-generated content. Detailed reports help development and quality assurance managers quickly pinpoint and fix issues as identified. OPSEC INFORMATION ASSURANCE: The OPSEC Module monitors and verifies that SharePoint content complies with federal risk assessment practices and the U.S. government s OPSEC guidelines. It helps to determine if published SharePoint content references operational military information that would reveal sensitive movements of military assets, or the location of units, installations or personnel. Monitoring helps protect against the accidental disclosure of confidential information and fully integrates OPSEC testing into your quality assurance and content delivery processes. Sheriff Workflow As specific areas of content risk are identified in SharePoint, Compliance Sheriff and/or Security Sheriff triggers the optional Sheriff Workflow module to remediate compliance issues and/or task the proper individual(s) in the organization to review and potentially classify, re-classify and encrypt the content. Workflow can also be used to prevent the publication of non-compliant content (e.g. in a discussion forum or blog) based upon the policies created within the policy manager. With Sheriff Workflow: Design workflows easily using an intuitive browser-based visual workflow designer Send notifications, get approvals, request explanations, move/quarantine documents, remediate Prevent publishing of non-compliant or confidential documents Publish workflows on Sheriff policy sites, allowing policy owners to manage policies centrally Secure business processes with central workflow to prevent users from interrupting execution

Sheriff Office Connector and Sheriff Outlook Connector By deploying the Sheriff Office Connector and Sheriff Outlook Connector for Microsoft s Office and Outlook applications, organizations can add further controls to prevent sensitive content from being viewed by unauthorized users. Both Compliance Sheriff and Security Sheriff, working in concert with the Connectors, allow individual content contributors to scan and classify content on its way into and out of SharePoint from within the familiar Microsoft ribbon interface. Once classified, credentialed privacy users or other policy officers may choose to override a user classification, as needed, to ensure that a specific document is tagged with the proper level of sensitivity. Both Connectors are optional add-ons and are sold separately. Sensitivity and audience can be set by content authors. Policy officers can use the Connectors to override system or user classifications. Users can launch a scan from directly within the client applications. The Sheriff Office Connector and Sheriff Outlook Connector appear right in the ribbon, allowing users to scan and classify documents as they are being worked on. Compliance and Security That Work the Way You Do By default, SharePoint mirrors the traditional IT approach to permissions and access management. SharePoint secures access by applying permissions to specific libraries or lists based on Active Directory groups defined by the SharePoint Administrator. The Active Directory groups are often tied tightly to the organizational structure, yet frequently this approach does not reflect the cross-functional reality of how business gets done, and is often at odds with the use of SharePoint as an enterprise collaboration platform. This approach is also an underlying cause of the many governance headaches associated with SharePoint, including proliferation of sites and document libraries. Both Compliance Sheriff and Security Sheriff look at an entire library of content to identify individual documents and files which should be secured based on specific policies. These policies are applied by scanning the content against the pre-defined checkpoints resident within the policy manager. This approach is possible because HiSoftware s solutions for SharePoint are contentaware, and are able to read the actual data contained in a specific document or item. HiSoftware then classifies, and if desired, restricts access to, and encrypts the item(s). Since permissions are applied at the individual file level (using classification), as compared with solutions that secure or encrypt at the library level, sensitive content can be stored, shared and collaborated on from any site or library in the SharePoint farm. It also ensures access to the content is restricted to only those who have permissions to the file as defined by its classification. HiSoftware is the only solution which limits access at the item-level. In addition to protecting your organization from an accidental breach, this approach also controls the proliferation of sites and libraries in SharePoint. For example, if a company s board of directors is considering a potential merger, the documents generated prior to the merger becoming public can be stored anywhere in SharePoint and classified as Board Only, making the sensitive content visible only to relevant parties. Other solutions would require the provision of a new site every time such a restricted project was undertaken. Most importantly, without item-level security, the end user has to remember the proper location for every sensitive item they create or edit to ensure appropriate access a certain recipe for a breach.

Making SharePoint Safe for Sensitive Data HiSoftware delivers comprehensive content-aware compliance and security solutions optimized for SharePoint. Unlike competitive solutions for classification, or enterprise DLP solutions that are significantly more expensive to deploy and maintain, HiSoftware has created a suite of complimentary modules that are highly configurable and focus on a compliance and business-centric approach to managing sensitive data in SharePoint. The suite is tightly integrated to the way your organization already uses SharePoint and its complementary Microsoft applications today. Flexible, Content-Aware Rules Engine FISMA MA 201 17 Privacy Site Quality Opera onal Security REPORT CLASSIFY ENCRYPT NOTIFY PREVENT TRACK WCAG 2.0 Accessibility WORKFLOW The HiSoftware Sheriff suite scans and classifies SharePoint data both at rest and in motion. Based upon classification, it restricts access to the item, prevents the item from being removed from SharePoint, and tracks its entire chain of custody. Any SharePoint item can then be encrypted to safeguard against a breach inside or outside of SharePoint. The solution also includes a complete set of policy notifications and workflow capabilities to alert privacy and information security officers of a potential risk. Using the Sheriff Office and Sheriff Outlook Connectors, individual content contributors can further manage compliance and privacy settings by applying classification from within the familiar Microsoft ribbon interface. Key Features and Benefits Maintain Compliance with Regulatory Mandates Leverage pre-defined checkpoints for HIPAA/HITECH, MA 201 CMR, FISMA, COPPA, Section 508 and WCAG 2.0, OMB 10-22 and many other regulatory requirements. Leverage the Full Business Value of SharePoint Security and permissions functionality expand the community that can now safely use and access your SharePoint environment: internal employees, partners, vendors, customers and prospects. Secure Sensitive Information Implement contentaware controls that ensure the right users access the right information, every time. Apply Unique Classification Parameters Using Metadata Whether system-applied based on policies, or user-applied, classification can control access to content and aid in e-discovery, search and retrieval, and any audits which may be required in the event of a breach. Simplify SharePoint Governance and Reduce Administration Costs Automate SharePoint compliance and security to reduce site proliferation and allow administrators to focus on higher value projects for training, business process management and user adoption.

About HiSoftware HiSoftware provides content-aware compliance and security solutions for the monitoring and enforcement of risk management and privacy guidelines across digital environments. The company s solutions provide a data governance and compliance platform for content management and collaboration processes that support corporate and brand integrity, site quality, accessibility and confidentiality for public websites and portals, as well as internal intranets and SharePoint sites. HiSoftware s customers include some of the largest US and international government agencies, as well as Global 2000 companies. The company is headquartered in the United States in Nashua, New Hampshire and has international offices in Melbourne, Australia. For more information, visit www.hisoftware.com. Corporate Headquarters One Tara Boulevard, Suite 104 Nashua, NH 03062 USA T: +888.272.2484 (U.S. & Canada) +1.603.578.1870 F: +1.603.578.1876 E: info@hisoftware.com @HiSoftware www.hisoftware.com Copyright 2012 HiSoftware Inc. All rights reserved. HiSoftware Compliance Sheriff, HiSoftware Security Sheriff, Sheriff Workflow and HiSoftware are trademarks of HiSoftware Inc. which may be registered in certain jurisdictions. Any and all other product and company names mentioned herein are the trademarks or service marks of their respective owners.

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information