Details

Safeguarding Critical E-Documents


Safeguarding Critical E-Documents

Implementing a Program for Securing Confidential Information Assets
1. Aufl.

von: Robert F. Smallwood, Barclay T. Blair

48,99 €

Verlag: Wiley
Format: EPUB
Veröffentl.: 20.06.2012
ISBN/EAN: 9781118282274
Sprache: englisch
Anzahl Seiten: 288

DRM-geschütztes eBook, Sie benötigen z.B. Adobe Digital Editions und eine Adobe ID zum Lesen.

Beschreibungen

<b>Practical, step-by-step guidance for corporations, universities and government agencies to protect and secure confidential documents and business records</b> <p>Managers and public officials are looking for technology and information governance solutions to "information leakage" in an understandable, concise format. <i>Safeguarding Critical E-Documents</i> provides a road map for corporations, governments, financial services firms, hospitals, law firms, universities and other organizations to safeguard their internal electronic documents and private communications.</p> <ul> <li>Provides practical, step-by-step guidance on protecting sensitive and confidential documents—even if they leave the organization electronically or on portable devices</li> <li>Presents a blueprint for corporations, governments, financial services firms, hospitals, law firms, universities and other organizations to safeguard internal electronic documents and private communications</li> <li>Offers a concise format for securing your organizations from information leakage</li> </ul> <p>In light of the recent WikiLeaks revelations, governments and businesses have heightened awareness of the vulnerability of confidential internal documents and communications. Timely and relevant, <i>Safeguarding Critical E-Documents</i> shows how to keep internal documents from getting into the wrong hands and weakening your competitive position, or possible damaging your organization's reputation and leading to costly investigations.</p>
<p>Foreword xiii</p> <p>Preface xv</p> <p>Acknowledgments xvii</p> <p><b>Part I </b><b>The Problem and Basic Tools</b></p> <p><b>Chapter 1 </b><b>The Problem: Securing Confidential Electronic Documents 3</b></p> <p>WikiLeaks: A Wake-Up Call 3</p> <p>U.S. Government Attempts to Protect Intellectual Property 5</p> <p>Threats Persist across the Pond: U.K. Companies on Guard 5</p> <p>Increase in Corporate and Industrial Espionage 6</p> <p>Risks of Medical Identity Theft 7</p> <p>Why Don’t Organizations Safeguard Their Information Assets? 8</p> <p>The Blame Game: Where Does Fault Lie When Information Is Leaked? 9</p> <p>Consequences of Not Employing E-Document Security 10</p> <p>Notes 11</p> <p><b>Chapter 2 </b><b>Information Governance: The Crucial First Step 13</b></p> <p>First, Better Policies; Then, Better Technology for Better Enforcement 13</p> <p>Defining Information Governance 14</p> <p>Accountability Is Key 16</p> <p>Why IG Is Good Business 17</p> <p>Impact of a Successful IG Program 18</p> <p>Critical Factors in an IG Program 19</p> <p>Who Should Determine IG Policies? 22</p> <p>Notes 23</p> <p><b>Part II </b><b>Information Platform Risks and Countermeasures</b></p> <p><b>Chapter 3 </b><b>Managing E-Documents and Records 27</b></p> <p>Enterprise Content Management 27</p> <p>Document Management Principles 28</p> <p>The Goal: Document Lifecycle Security 29</p> <p>Electronic Document Management Systems 29</p> <p>Records Management Principles 31</p> <p>Electronic Records Management 31</p> <p>Notes 33</p> <p><b>Chapter 4 </b><b>Information Governance and Security for E-mail Messages 35</b></p> <p>Employees Regularly Expose Organizations to E-mail Risk 36</p> <p>E-mail Policies Should Be Realistic and Technology Agnostic 37</p> <p>Is E-mail Encryption the Answer? 38</p> <p>Common E-mail Security Mistakes 39</p> <p>E-mail Security Myths 40</p> <p>E-record Retention: Fundamentally a Legal Issue 41</p> <p>Preserve E-mail Integrity and Admissibility with Automatic Archiving 42</p> <p>Notes 46</p> <p><b>Chapter 5 </b><b>Information Governance and Security for Instant Messaging 49</b></p> <p>Instant Messaging Security Threats 50</p> <p>Best Practices for Business IM Use 51</p> <p>Technology to Monitor IM 53</p> <p>Tips for Safer IM 53</p> <p>Notes 55</p> <p><b>Chapter 6 </b><b>Information Governance and Security for Social Media 57</b></p> <p>Types of Social Media in Web 2.0 57</p> <p>Social Media in the Enterprise 59</p> <p>Key Ways Social Media Is Different from E-mail and Instant Messaging 60</p> <p>Biggest Security Threats of Social Media 60</p> <p>Legal Risks of Social Media Posts 63</p> <p>Tools to Archive Facebook and Twitter 64</p> <p>IG Considerations for Social Media 65</p> <p>Notes 66</p> <p><b>Chapter 7 </b><b>Information Governance and Security for Mobile Devices 69</b></p> <p>Current Trends in Mobile Computing 71</p> <p>Security Risks of Mobile Computing 72</p> <p>Securing Mobile Data 73</p> <p>IG for Mobile Computing 73</p> <p>Building Security into Mobile Applications 75</p> <p>Best Practices to Secure Mobile Applications 78</p> <p>Notes 80</p> <p><b>Chapter 8 </b><b>Information Governance and Security for Cloud Computing Use 83</b></p> <p>Defining Cloud Computing 84</p> <p>Key Characteristics of Cloud Computing 85</p> <p>What Cloud Computing Really Means 86</p> <p>Cloud Deployment Models 87</p> <p>Greatest Security Threats to Cloud Computing 87</p> <p>IG Guidelines: Managing Documents and Records in the Cloud 94</p> <p>Managing E-Docs and Records in the Cloud: A Practical Approach 95</p> <p>Notes 97</p> <p><b>Part III </b><b>E-Records Considerations</b></p> <p><b>Chapter 9 </b><b>Information Governance and Security for Vital Records 101</b></p> <p>Defining Vital Records 101</p> <p>Types of Vital Records 103</p> <p>Impact of Losing Vital Records 104</p> <p>Creating, Implementing, and Maintaining a Vital Records Program 105</p> <p>Implementing Protective Procedures 108</p> <p>Auditing the Vital Records Program 111</p> <p>Notes 113</p> <p><b>Chapter 10 </b><b>Long-Term Preservation of E-Records 115</b></p> <p>Defining Long-Term Digital Preservation 115</p> <p>Key Factors in LTDP 116</p> <p>Electronic Records Preservation Processes 118</p> <p>Controlling the Process of Preserving Records 118</p> <p>Notes 121</p> <p><b>Part IV </b><b>Information Technology Considerations</b></p> <p><b>Chapter 11 </b><b>Technologies That Can Help Secure E-Documents 125</b></p> <p>Challenge of Securing E-Documents 125</p> <p>Apply Better Technology for Better Enforcement in the Extended Enterprise 128</p> <p>Controlling Access to Documents Using Identity Access Management 131</p> <p>Enforcing IG: Protect Files with Rules and Permissions 133</p> <p>Data Governance Software to Manage Information Access 133</p> <p>E-mail Encryption 134</p> <p>Secure Communications Using Record-Free E-mail 134</p> <p>Digital Signatures 135</p> <p>Document Encryption 137</p> <p>Data Loss Prevention Technology 137</p> <p>The Missing Piece: Information Rights Management 139</p> <p>Notes 144</p> <p><b>Chapter 12 </b><b>Safeguarding Confidential Information Assets 147</b></p> <p>Cyber Attacks Proliferate 147</p> <p>The Insider Threat: Malicious or Not 148</p> <p>Critical Technologies for Securing Confidential Documents 150</p> <p>A Hybrid Approach: Combining DLP and IRM Technologies 154</p> <p>Securing Trade Secrets after Layoffs and Terminations 155</p> <p>Persistently Protecting Blueprints and CAD Documents 156</p> <p>Securing Internal Price Lists 157</p> <p>Approaches for Securing Data Once It Leaves the Organization 157</p> <p>Document Labeling 159</p> <p>Document Analytics 161</p> <p>Confidential Stream Messaging 161</p> <p>Notes 164</p> <p><b>Part V </b><b>Rolling It Out: Project and Program Issues</b></p> <p><b>Chapter 13 </b><b>Building the Business Case to Justify the Program 169</b></p> <p>Determine What Will Fly in Your Organization 169</p> <p>Strategic Business Drivers for Project Justification 170</p> <p>Benefits of Electronic Records Management 173</p> <p>Presenting the Business Case 176</p> <p>Notes 177</p> <p><b>Chapter 14 </b><b>Securing Executive Sponsorship 179</b></p> <p>Executive Sponsor Role 180</p> <p>Project Manager: Key Tasks 181</p> <p>It’s the Little Things 183</p> <p>Evolving Role of the Executive Sponsor 183</p> <p>Notes 185</p> <p><b>Chapter 15 </b><b>Safeguarding Confidential Information Assets: Where Do You Start? 187</b></p> <p>Business Driver Approach 187</p> <p>Classification 188</p> <p>Document Survey Methodology 189</p> <p>Interviewing Staff in the Target Area 190</p> <p>Preparing Interview Questions 192</p> <p>Prioritizing: Document and Records Value Assessment 193</p> <p>Second Phase of Implementation 194</p> <p>Notes 195</p> <p><b>Chapter 16 </b><b>Procurement: The Buying Process 197</b></p> <p>Evaluation and Selection Process: RFI, RFP, or RFQ? 197</p> <p>Evaluating Software Providers: Key Criteria 202</p> <p>Negotiating Contracts: Ensuring the Decision 207</p> <p>More Contract Caveats 210</p> <p>How to Pick a Consulting Firm: Evaluation Criteria 211</p> <p><b>Chapter 17 </b><b>Maintaining a Secure Environment for Information Assets 215</b></p> <p>Monitoring and Accountability 215</p> <p>Continuous Process Improvement 216</p> <p>Why Continuous Improvement Is Needed 216</p> <p>Notes 218</p> <p>Conclusion 219</p> <p>Appendix A: Digital Signature Standard 221</p> <p>Appendix B: Regulations Related to Records Management 223</p> <p>Appendix C: Listing of Technology and Service Providers 227</p> <p>Glossary 241</p> <p>About the Author 247</p> <p>Index 249</p>
<p><b>ROBERT F. SMALLWOOD</b> is a Partner and Executive Director of the E-Records Institute at IMERGE Consulting. One of the world's most respected authorities on e-records and document management, he has published more research reports on e-records, e-documents, and e-mail security issues over the past five years than any other person or organization. His research and consulting clients include Johnson & Johnson, IBM, Apple, MillerCoors, Ricoh Americas Corporation, South Carolina Retirement Systems, Dallas Independent School District, U.S. FDA, National Archives and Records Administration, Transportation Safety Board of Canada, Canadian Parliament, Supreme Court of Canada, Canada Mortgage and Housing Corporation, and National Archives of Australia, among others.
<p><b>SAFEGUARDING CRITICAL E-DOCUMENTS</b> <p>A Motorola software designer is nabbed at O'Hare Airport with a one-way ticket to Beijing and thousands of pilfered electronic documents containing trade secrets. <p>A Texas physician loses hundreds of confidential hospital patient records when his laptop is stolen from his car. <p>WikiLeaks publishes tens of thousands of highly sensitive corporate, diplomatic, and military e-documents allegedly stolen by a lone Army private. <p>These are just a few of the sensational stories of catastrophic information security breaches that have made headlines in the past few years. So widespread has the problem become that official estimates place the annual cost of "information leakage" in the hundreds of billions of dollars. <p>Despite what you may believe about the integrity of your organization's information security, you already could be hemorrhaging massive amounts of critical information without anyone—including your CIO and CTO—having the slightest idea it's happening. <p>In <i>Safeguarding Critical E-Documents</i>, internationally recognized electronic document management and security expert Robert Smallwood identifies the sources of electronic document leakage in terms non-techies can understand, as well as the many threats to confidential e-documents across a wide range of digital platforms, including e-mail, instant messaging, mobile devices, cloud computing, and social networks. Then he offers proven solutions for proactively defending against each of those threats. <p>While Smallwood describes proven technological fixes that can be implemented right away, he is careful to explain why technology alone cannot fix the problem. Real e-document security, he explains, begins at the top, with clear, rigorously enforced Information Governance (IG) policies. Drawing upon his more than quarter-century of experience, he provides step-by-step guidance on how to establish a set of IG protocols appropriate to your organization and for developing an organization-wide program of total life-cycle security for critical electronic documents, from their creation to their eventual archiving or destruction. <p>Don't let your organization become another casualty of intellectual property theft and information leakage. Read <i>Safeguarding Critical E-Documents</i> and discover how to assure the total security of your company's confidential e-documents.

Diese Produkte könnten Sie auch interessieren:

Visual Six Sigma
Visual Six Sigma
von: Ian Cox, Marie A. Gaudard, Mia L. Stephens
EPUB ebook
52,99 €
Marketing Performance
Marketing Performance
von: Thomas Bauer, Tjark Freundt, Jonathan Gordon, Jesko Perrey, Dennis Spillecke
EPUB ebook
21,99 €
Visual Six Sigma
Visual Six Sigma
von: Ian Cox, Marie A. Gaudard, Mia L. Stephens
PDF ebook
52,99 €