Protecting Business Information With A SharePoint Data Governance Model. TITUS White Paper



Similar documents
Titus and Cisco IronPort Integration Guide Improving Outbound and Inbound Security. Titus White Paper

Compliance and Security Solutions

Enterprise Content Management with Microsoft SharePoint

How to Secure Your SharePoint Deployment

The Recipe for Sarbanes-Oxley Compliance using Microsoft s SharePoint 2010 platform

User Driven Security. 5 Critical Reasons Why It's Needed for DLP. TITUS White Paper

IBM Data Security Services for endpoint data protection endpoint data loss prevention solution

AD Management Survey: Reveals Security as Key Challenge

Published April Executive Summary

The Core Pillars of AN EFFECTIVE DOCUMENT MANAGEMENT SOLUTION

Data Classification Technical Assessment

Security and HIPAA Compliance

Lowering E-Discovery Costs Through Enterprise Records and Retention Management. An Oracle White Paper March 2007

how can I comprehensively control sensitive content within Microsoft SharePoint?

with Managing RSA the Lifecycle of Key Manager RSA Streamlining Security Operations Data Loss Prevention Solutions RSA Solution Brief

TERRITORY RECORDS OFFICE BUSINESS SYSTEMS AND DIGITAL RECORDKEEPING FUNCTIONALITY ASSESSMENT TOOL

Copyright 2014 Carnegie Mellon University The Cyber Resilience Review is based on the Cyber Resilience Evaluation Method and the CERT Resilience

5 Lines of Defense You Need to Secure Your SharePoint Environment SharePoint Security Resource Kit

Records Management and SharePoint 2013

Compliance Management, made easy

DHS SharePoint and Collaboration Sites

Protective Marking for UK Government

10 Building Blocks for Securing File Data

Overview of Active Directory Rights Management Services with Windows Server 2008 R2

Kit Rowley. Subject: Content type and workflow planning (SharePoint Server 2010) Attachments: image001.gif. Plan content types. Plan content types

SharePoint Governance & Security: Where to Start

Community Edition 3.3. Getting Started with Alfresco Explorer Document Management

Data Management Policies. Sage ERP Online

Protecting Data-at-Rest with SecureZIP for DLP

IBM Data Security Services for endpoint data protection endpoint data loss prevention solution

A Websense Research Brief Prevent Data Loss and Comply with Payment Card Industry Data Security Standards

Symantec Enterprise Vault for Microsoft Exchange

How To Control A Critical Spreadsheet

ComplianceSP TM on SharePoint. Complete Document & Process Management for Life Sciences on SharePoint 2010 & 2013

Five Ways to Improve Electronic Patient Record Handling for HIPAA/HITECH with Managed File Transfer

W H I T E P A P E R E X E C U T I V E S U M M AR Y S I T U AT I O N O V E R V I E W. Sponsored by: EMC Corporation. Laura DuBois May 2010

RecordPoint Overview

Reporting Services. White Paper. Published: August 2007 Updated: July 2008

Change Management: Automating the Audit Process

Microsoft Outlook Quick Reference Sheet

Director, Value Engineering

Exchange Managed Folders versus SharePoint for Records Management

10 Steps to Establishing an Effective Retention Policy

DIVISION OF INFORMATION SECURITY (DIS)

Payment Card Industry Data Security Standard

Cabarrus County SharePoint Governance

2007 to 2010 SharePoint Migration - Take Time to Reorganize

Real-Time Security for Active Directory

About Your Policy Kit

Information Management

Supporting FISMA and NIST SP with Secure Managed File Transfer

Enterprise Document Management

SM B13: Symantec Data Insight Ketan Shah, Principal Product Manager John Dodds, Director Technical Product Manager

Windows Least Privilege Management and Beyond

The archiving activities occur in the background and are transparent to knowledge workers. Archive Services for SharePoint

Scotland s Commissioner for Children and Young People Records Management Policy

Identifying Broken Business Processes

Microsoft SharePoint and Records Management Compliance

TRIPWIRE NERC SOLUTION SUITE

Data Sheet: Archiving Symantec Enterprise Vault Store, Manage, and Discover Critical Business Information

Symantec Enterprise Vault for Microsoft Exchange

Gain control over all enterprise content

The problem with privileged users: What you don t know can hurt you

Implementing SharePoint 2010 as a Compliant Information Management Platform

Microsoft s Compliance Framework for Online Services

Open Data Center Alliance Usage: Provider Assurance Rev. 1.1

Data Protection Act Guidance on the use of cloud computing

Management of Official Records in a Business System

Using ISO as an Audit Tool

Business 360 Online - Product concepts and features

IBM Tivoli Netcool Configuration Manager

Understanding Enterprise Cloud Governance

Effective Release Management for HPOM Monitoring

SAME PRINCIPLES APPLY, BUT NEW MANDATES FOR CHANGE

Harbinger Escrow Services Recordkeeping and Retention Policy. Document version: 3.3. Harbinger Group Pty Limited Delivered on: 22 July 2011

Enforce Governance, Risk, and Compliance Programs for Database Data

MANAGED FILE TRANSFER: 10 STEPS TO SOX COMPLIANCE

Estate Agents Authority

10 Things IT Should be Doing (But Isn t)

Solution Brief. Archiving from Office 365 for Compliance and ediscovery. 1) Capture Everything

Quick Start and Trial Guide (Mail) Version 3 For ios Devices

Active Directory Auditing The Need and Result

Record Retention and Digital Asset Management Tim Shinkle Perpetual Logic, LLC

The Firewall Audit Checklist Six Best Practices for Simplifying Firewall Compliance and Risk Mitigation

IBM Unstructured Data Identification & Management An on ramp to reducing information costs and risk

Transforming Information Silos into Shareable Assets through Automated Content Conversion

GFI Product Guide. GFI Archiver Evaluation Guide

ORACLE PROJECT MANAGEMENT

Transcription:

Protecting Business Information With A SharePoint Data Governance Model TITUS White Paper

Information in this document is subject to change without notice. Complying with all applicable copyright laws is the responsibility of the user. No part of this document may be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without the express written consent of TITUS Inc. Copyright 2013 TITUS Inc. TITUS is a registered trademark of TITUS Inc. All other product and company names mentioned are trademarks or registered trademarks of their respective owners. TITUS Inc. may have patent applications, trademarks, copyrights or other intellectual property rights covering subject matter in this document. At TITUS we work to help businesses better manage and secure valuable corporate information. Our solutions enable enterprises, military and government organizations to classify information and meet regulatory compliance by securing unstructured information. For further information, contact us at (613) 820-5111 or email us at info@titus.com www.titus.com

Table of Contents 1.0 Overview... 3 2.0 Defining Data Governance for SharePoint... 3 3.0 The Data Governance Model for SharePoint... 5 3.1 Defining Roles/Policies and Stakeholder Agreements... 5 3.2 Apply Security Settings... 6 3.3 Enforce Document Creation Rules... 7 3.4 Control Access... 7 3.5 Raise Awareness of Data Sensitivity... 8 3.6 Promote End-User Accountability... 9 3.7 Manage and Log Document Lifecycle Events... 9 3.9 Auditing and Reporting... 10 4.0 Summary... 11 www.titus.com Protecting Business Information P a g e 2

1.0 Overview As a product offering from Microsoft, the SharePoint collaboration and document management solution has been available for over ten years. Historically, the primary value of SharePoint has been efficient sharing and versioning of documents. Within an enterprise of any significant size, the ability to combine these capabilities is critical. Ease of installation, configuration, customization and use by non-it experts has resulted in a high rate of growth in SharePoint deployments. In recent years, enterprises concerned with exercising good governance and accountability have also seen great value in using SharePoint for document and records management. As a result of these factors, there are now over 100 Million licensed users of SharePoint, globally. While the features of SharePoint can support a secure document management process, SharePoint s basic configuration defaults do not necessarily apply the type of governance model that many organizations may have envisioned at the time of deployment. For example, access controls in SharePoint are typically enforced through folder and library hierarchies. In any number of scenarios, misplaced or mistakenly copied files can result in inappropriate access permissions being applied to a document. As a result, there is a constant need to review where documents are placed within SharePoint, to ensure they are stored in appropriate locations with respect to access permissions. A common observation of SharePoint users and administrators is that collaboration sites quickly grow to a point at which they are out of control. Decentralization of team sites can result in wide variations in security polices and information handling practices. Without a comprehensive, high level model for data governance, it can be difficult to put in place a coordinated set of automated or procedural controls. This paper provides a simple model for Data Governance based on a typical SharePoint content management process. Each section discusses one major activity related to Data Governance within the document management lifecycle, and how it relates to key organizational roles, such as IT Administrators, Corporate Risk/Compliance Officers, Content Owners and Information Workers. This framework ultimately highlights a number of TITUS products that are designed to increase control and consistency of Data Governance within SharePoint environments through automation of security and accountability. The analysis also examines stakeholder awareness of how to work responsibly and efficiently within their part of the process. 2.0 Defining Data Governance for SharePoint Data Governance within the context of a SharePoint environment can be envisioned as a set of processes, activities and procedures for ensuring that important data assets are formally managed throughout the enterprise, and throughout their lifecycles. Increased concerns regarding corporate accountability and compliance, as well as efficiency, are driving the need for organizations to maintain consistent and secure handling of information. www.titus.com Protecting Business Information P a g e 3

The high-profile WikiLeaks incidents demonstrate how data governance lapses can result in serious impacts within the armed forces. Similarly, the 2011 case of a Massachusetts hospital healthcare worker mishandling a sensitive document resulting in a $1 Million penalty 1 is just another example that illustrates the need for data governance within organizations in other sectors. While automation of security is an important aspect of enforcing policies, it can be difficult to automate security enforcement through all phases of a document s lifecycle. SharePoint allows for definition and enforcement of security rules, to some extent. But a governance structure including the following organizational roles provides the human elements required to implement the Data Governance model: Compliance/Risk Officer Executive responsible for ensuring that Data Governance policies are put in place and enforced, using technical, physical and procedural controls, to maintain compliance with regulations and/or manage risk Content Owners Business manager/executives responsible for creation and maintenance of information in support of an internal or external product or service; they understand how content fits into the overall business strategy, and are often responsible for managing policies on their specific site or areas of responsibility Information Workers Employees with a focus on a specific area of expertise who are responsible for content creation related to their specific field IT Administrators Employees responsible for installation, configuration and maintenance of information systems used by Content Owners and Information Workers; they are able to apply controls and configuration to various systems, but do not necessarily have access to or understanding of content within SharePoint An effective data governance model should address the following elements related to the above roles: Security Policies and Audit; Technical Security Controls; and Administrator and User Procedures and Activities Security policies should be defined in a hierarchy, not just for access control, but for all relevant security functions, including data classification, asset marking and security audit. Security technologies can automate many aspects of the document management cycle. However, human users will inevitably play a role in ensuring that the spirit of policies is being upheld, and that technologies are employed appropriately. Each role-holder requires education and guidance pertaining to their responsibilities. A lack of definition and enforcement in any of these areas can put the enterprise at risk of releasing information to unauthorized parties. Even worse, it may not be possible to prove accountability or that the organization was employing responsible practices when an incident does occur. 1 http://www.americanbar.org/content/newsletter/publications/aba_health_esource_home/aba_health _law_esource_1104_salimone.html www.titus.com Protecting Business Information P a g e 4

3.0 The Data Governance Model for SharePoint Figure 3-1 below illustrates a simple Data Governance model that corresponds to the SharePoint document management lifecycle. Each activity can be clearly defined, and associated with particular roles in the process. The degree of automation has a direct impact on the need for more specifically defined administrator or user activities, in order to supplement the automated controls. The following sections describe each activity shown in Figure 3-1, related to SharePoint Data Governance, and its relationship to organizational roles and automated controls. 3.1 Defining Roles/Policies and Stakeholder Agreements Without policies that define roles and responsibilities, as well as monitoring and reporting activities, it is difficult to arbitrarily put the appropriate controls in place. Business management functions typically play a key role in extending high level corporate policies such as information and risk management down into system level policies that support their business function. At the system level, these policies can be very helpful in delineating responsibilities for maintaining the technology and business processes on a day-to-day basis. Since there are typically many SharePoint Team Sites deployed in larger organizations, all stakeholders should ideally be actively involved in the definition of those policies. www.titus.com Protecting Business Information P a g e 5

Automation Opportunities The opportunity for automation of policy definition activities could take the form of a Policy Wizard that walks business management through the decisions that are relevant to SharePoint data governance settings. This kind of tool might produce a human-readable policy document with a standardized format. Alternatively, a tool might generate a formatted file that is suitable for importing into software. At the time of this publication, we are not aware of such a tool in the SharePoint context. However, a tool could be written in-house or contracted, if no Commercial-Off-The-Shelf (COTS) tools exist. The advantage of this approach is that all stakeholders can be guided consistently through the process, and the output would be in a consistent format for translation into the other activities in the data lifecycle. Once the high level policy for Data Governance is defined within the organization, a role should be defined to take responsibility for updating and maintaining those policies. It makes sense for such a role to be held within the Information Management or Compliance organization. Content Owners may also need to delegate responsibilities for management of data. Delegation of authority and responsibility must be clearly defined and communicated throughout the organization to avoid conflicts or gaps in controls. 3.2 Apply Security Settings Once the policies are defined appropriately at the Data Governance Level, responsibility must be assigned to determine which native SharePoint features and settings can provide appropriate enforcement of the policies. Clearly, not every policy can be enforced through technical security controls. However, those policies that map directly to enforcement capabilities in SharePoint and other technical controls must be reflected in the settings of these products. Automation Opportunities Basic security capabilities should be enabled within SharePoint. For example, SharePoint provides the ability to limit access to folders on a per-user or group basis. This would be a starting point for enforcement of access control policies. However, if a sensitive file that should be added to a strictly controlled folder is inadvertently uploaded to a widely shared folder by somebody who has access to both, then a potential security risk appears. As mitigation for this kind of risk, the TITUS Security Suite for SharePoint can be configured to provide fine grained access control for sensitive content, which can enhance the access control model of SharePoint to one which is automated and rule-based. The TITUS Security Suite for SharePoint can leverage an item s metadata and the user s trusted attributes (claims) to ensure appropriate fine grained access control is enforced consistently on sensitive content. Administrators in the IT organization are typically responsible for configuring policies within Microsoft SharePoint, the TITUS Security Suite for SharePoint or other products that can support defined security policies. Where the policies cannot be enforced through automation, the Business Manager or Content Owner must define the manual procedures that will apply during document creation, handling and destruction, in order to comply with approved policies. With the TITUS Security Suite for SharePoint, administration of policies can be delegated to content or site owners. This separation of responsibilities www.titus.com Protecting Business Information P a g e 6

is often employed in very large SharePoint deployments where sites often number in hundreds or thousands. 3.3 Enforce Document Creation Rules The first opportunity to enforce security policies at the Information Worker level comes during document creation or document upload. The rules used in creating or uploading documents often determine the effectiveness of controls later in the document lifecycle. For example, if users are allowed to create Microsoft Word documents in arbitrary formats, without the use of content types or standard templates, then the SharePoint repository will rapidly become not only unmanageable, but potentially less usable. The use of standard formatting conventions and content types, as well as minimum mandatory metadata to be applied to newly created or uploaded documents will make not only Data Governance easier, but will also enable more efficient searching and management of documents. Automation Opportunities Specifying mandatory properties (i.e. metadata) such as Classification or Expiry Date is a simple rule that can be implemented within SharePoint to aid in enforcement of access control or records management policies later in a document s lifecycle. For example, when a file is uploaded, it remains checked out until all the mandatory properties are filled in. This enables IT administrators and Information Workers to verify attributes of the document for releasability or long-term archive management. Additionally, to provide stricter enforcement, TITUS Classification for Microsoft Office guides users at document creation time to apply the required metadata according to prescribed rules. Not only does this ensure that the metadata is complete for all newly created documents, it increases the likelihood that users will apply the appropriate metadata, and that it will be applied easily and consistently. When metadata is not applied at creation or upload time, it puts much more responsibility on Content Owners to perform more thorough and frequent monitoring or auditing. From a Data Governance point of view, this requirement must also have a manual monitoring or auditing provision to prove that these procedures have been undertaken regularly. 3.4 Control Access As one of the most basic Data Governance functions, controlling access to documents is a core element in the document lifecycle. Once a document is created, and its sensitivity has been established, a defined set of processes must continuously ensure that it is appropriately protected against unauthorized disclosure or modification. Automation Opportunities As mentioned above, SharePoint does provide some automatic enforcement of access control, based on inherited permissions granted to users at the folder, library/list or site level. In order to affect any degree of Data Governance, this capability must be utilized for individual documents and list items, based on the metadata properties defined and enforced at creation or upload time. TITUS Metadata Security for SharePoint augments the native SharePoint access control model by enforcing fine grained access control at the document or item level, based on the metadata generated at document creation/upload time. With the TITUS Metadata Security for SharePoint Claims Edition, the solution can also combine document metadata with trusted user claims to determine access. This reduces the risk of accidental or even potentially intentional violation of access policies. As well, the www.titus.com Protecting Business Information P a g e 7

solution allows for items of different sensitivities to reside within the same library or list, enabling users to more easily find content they are permitted to access that is related to their project or job function. TITUS Document Policy Manager for SharePoint automates the creation of PDF documents for all new documents and updated versions. The solution converts documents to the PDF format, a safe and secure format for sharing sensitive content. TITUS Document Policy Manager can also be configured to work with TITUS Metadata Security to automatically convert sensitive content to PDF format, and then automatically set permissions on the original version so that only its author can access it and so that a wider audience can access the PDF version. From a Data Governance point of view, without the appropriate security automation processes in place, audits must be conducted on a periodic basis by IT administrators or Content Owners to check for inappropriate content placed in libraries or lists. This can identify any unauthorized changes to folder or document permissions schemes. When only basic SharePoint inherited permissions are used, it becomes critical that IT administrators or Content Owners perform frequent maintenance of libraries and lists to reduce the risk of items ending up in locations that do not provide the appropriate protection for their sensitivity. When access control is automated with third-party solutions like TITUS Metadata Security for SharePoint and TITUS Document Policy Manager for SharePoint, IT Administrators and Content Owners can be confident that appropriate data governance policies are applied consistently throughout their SharePoint sites. This allows these roles to focus on higher value projects and other critical aspects of their day to day work. 3.5 Raise Awareness of Data Sensitivity As authorized Information Workers access and use documents, they need to keep in mind the sensitivity and releasability of the data contained within them. At this point, humans are primarily in control of the information, and can only be guided by visible labels on the document. Employees require a combination of awareness of the sensitivity of information they are handling, together with knowledge of the proper handling procedure for each level of sensitivity. For Content Owners, this means applying the proper labels to the content that they and their Information Workers produce. This may include identifying the sensitivity of the information, to whom it can be released, and even the retention period of the document. Automation Opportunities TITUS Document Policy Manager for SharePoint produces consistent, customized headers, footers and watermarks for all Office documents, according to the global policy settings defined by administrators. Because TITUS Document Policy Manager can leverage SharePoint metadata to accommodate complex classification schemes, labeling can be specific to a document s intended purpose, and can provide detailed guidance for workers handling sensitive documents on a daily basis. Information Workers must always be educated on how to handle, control and release documents based on their sensitivity markings. The more markings and reminders that are apparent on each document, the more obvious the responsibility becomes to Information Workers. Once again, audits and even www.titus.com Protecting Business Information P a g e 8

security checkpoints may be required to demonstrate that workers are handling electronic and paper documents appropriately when they are not protected by the SharePoint collaboration environment. 3.6 Promote End-User Accountability Maintaining document integrity is often a key element of Data Governance. Unauthorized editing of sensitive documents can present real issues to enterprises depending on the nature of their content. Detecting modifications to Microsoft Office documents can be done, although it is often a timeconsuming activity, even with available tools. As well, end users must be made accountable for the actions they perform with content downloaded from SharePoint, whether it be printed or emailed to other people. Accidentally leaving printed copies of documents in public areas, or inadvertently including external recipients on internal emails containing sensitive attachments can lead to costly and embarrassing data breaches. Once end users are made aware of what content is sensitive with visual labels and are educated in how sensitive content should be handled, they must be accountable for the actions they perform with those documents. Opportunities for Automation Microsoft Word has a document comparison feature that can be used to detect changes between document versions. Microsoft SharePoint also has a limited document comparison capability that can be used. TITUS Document Policy Manager can be used to automatically generate locked down PDF versions of Microsoft Office documents upon upload to SharePoint. This creates an un-editable baseline for documents that can be distributed without the risk of unauthorized changes being made to them. In addition, TITUS Document Policy Manager can automatically apply visual labels to PDF documents upon download. When those labels include things like the username of the person downloading the document, along with the date and timestamp, enterprises can automatically enforce end user accountability on printed or downloaded content. A user s name and the download date/time applied to a sensitive PDF document not only encourages employees to act responsibly with sensitive content, but it also gives the enterprise some level of traceability should sensitive content leak outside the organization. Without some degree of automatic integrity control, it can be difficult to assert that an official document version has not been altered. Employees must be made aware of their accountability for handling sensitive content, and the consequences of accountability failures. As well, time-consuming manual processes may be required by Content Owners to track documents distributed to Information Workers. 3.7 Manage and Log Document Lifecycle Events Although prevention is the preferred approach to securing information against unauthorized access, it s not always possible or practical to prevent unauthorized access or misuse of documents. A mature active defense strategy demands complementary measures that can detect if a policy has been violated. This may require that every access granted to a document is logged at the user and administration levels. If an investigation is undertaken, it is essential to be able to identify which documents were accessed by whom, and when. www.titus.com Protecting Business Information P a g e 9

Based on available document metadata, reports should be generated at the administration level on a periodic basis to identify items that have reached the end of their retention period. Metadata can also be used to identify documents that should be moved to less costly off-line storage media. Automation Opportunities Upon checking documents in and out for edits, SharePoint can maintain major and minor version numbers, as well as check in comments. Also, SharePoint can log all activity occurring on any piece of content. Under various audit conditions, this can provide evidence of modifications to official documents in the repository. Predefined SharePoint queries can also be used to filter documents that meet specific criteria for reporting and for changes in state within their lifecycles. Several third party solutions exist which can enhance and extend SharePoint s logging support, providing human readable and compliant reports along with configurable alerts when various actions occur. The TITUS Security Suite for SharePoint can also log all actions performed by the software and TITUS administrators, including the creation, deletion or editing of security policies. TITUS logging is integrated with standard SharePoint auditing and diagnostic capabilities. As an alternative to reviewing long and tedious automated log files, it is often the responsibility of the Content Owner to ensure that procedures are in place to track editing and access to sensitive documents, especially when edits to the official version of a document is involved. Content Owners will have to spend more time manually reviewing content within the SharePoint repository to identify documents that should be archived or destroyed, according to the organization s Document Retention Policy. IT administrators may also have to spend more time analyzing content and consulting with Content Owners to determine which documents should be archived due to low utilization or age. 3.8 Auditing and Reporting At the Data Governance Level, the Risk/Compliance Officer requires a high level view of content state and history within SharePoint across the organization. It is important to have substantial evidence that all of the activities supporting the Data Governance Model can be verified. Annual (or sometimes quarterly) audits involve checking logs for completeness and sampling of content to ensure that documents are properly protected, processes have been followed and that changes in document state have been logged. Outputs from audit reports and investigations should be used as input in periodic policy reviews conducted by the Risk/Compliance Officers. This allows the Data Governance Model to incorporate a feedback loop that supports continuous improvement of the data governance policies, and specifically improvement of security policy enforcement. Ultimately, the policies should be refined to maintain alignment with the corporate mission, mandate and business policies. Automation Opportunities The ability to generate predefined queries on document statuses based on metadata provides consistent audit data. It can also be extremely useful to provide ad-hoc querying capabilities to search for answers to specific audit questions and to support security investigations. www.titus.com Protecting Business Information P a g e 10

As previously mentioned, the TITUS Security Suite for SharePoint can log all actions performed by the TITUS software and administrators. TITUS provides some basic reports to audit current policies and software status, and organizations can also use third-party reporting solutions for more detailed reports. Without automated queries for audit purposes, the Risk/Compliance Officer will likely require significant assistance from IT administrators and Content Owners to conduct audits and investigations. 4.0 Summary Putting a Data Governance process in place for Microsoft SharePoint deployments involves integrating the responsibilities of various stakeholders to support the organization s objectives. With this in mind, the Risk/Compliance Officer can assess the strategic value provided by technologies that can automate the Data Governance process for your organization. In addition to putting SharePoint security features in context, this paper has shown how the TITUS family of products can automate technical security controls through fine-grained access control, document conversion to PDF, and labeling of documents. While automated security controls are always a preferred approach, human decisions will always be required for handling some content. These decisions must also be supported and guided throughout the document lifecycle. To learn how TITUS can help your organization protect its business information, please visit: http://www.titus.com www.titus.com Protecting Business Information P a g e 11

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information