Posts

4 Pillars for Integrated Security

All of us have data and services in the cloud and on-site. Whether we have local servers or just our laptops, securing your business means an integrated security strategy. These 4 pillars for integrated security create a foundation that can be applied and adapted for your business.

4 Pillars for Integrated Security

1Identity and Access Management (IAM)

IAM protects users’ identities and controls access to valuable resources based on user roles and responsibilities, risk levels, and regulatory (or policy) requirements. IAM solutions are often a collection of logins, each with their own requirements and processes, such as multi-factor authentication.  Integrated IAM solutions simplify the user experience, improve security, and lower hard and soft costs.

2Advanced Threat Protection (ATP)

ATP protects against advanced threats and, if done well, helps you recovery quickly when attacked.  ATP is more than “next gen” email protection.  ATP applies to threats from infected websites and human behavior exploits. Integrating ATP into your security architecture helps prevent increasingly sophisticated attacks from succeeding.

3Information Protection (IP)

Information Protection shares the same acronym, IP, as intellectual property.  This fits well as Information Protection ensures your documents, emails, and other communications are seen only by those authorized to do so. IP uses encryption, advanced access controls, recipient validation, and other services to manage data visibility. Integrated Information Protection is key to security hybrid cloud/on-site environments effectively.

4Security Management

Security Management gives you visibility and control over your security tools, processes, and activities. As part of an integrated security architecture, Security Management empowers you to assess risk and compliance, manage services, and respond effectively.

Make it Happen

How do you know if your security architecture is up to stuff?  Do you have opportunities to simplify security for your team?  To save money?  Here is a roadmap.

ASSESS

Assess your current security architecture against your regulatory, industry, and business requirements. Ensure you have the necessary components, policies, and procedures. Assess the “user experience” and look for ways to simplify. If security is a burden, users will finds ways to sidestep the protections.

PLAN

Plan you updated security integration. Understand the impact on your systems, and your people, and how you will make the changes. Communicate your needs and plans, as communications is key to success.

EXECUTE

Make the changes.  Too often, needed solutions get delayed or dropped as other issues arise.

Next Step

Security, Privacy, and Compliance is a cornerstone of what we do. Contact us to speak with a Cloud Advisor; we are here to help.

Tuesday Take-Away: 6 Ways to Protect IP within Google Apps

While some remain suspect of security and privacy with cloud computing, Google Apps actually offers ways to help protect and preserve a company’s Intellectual Property (“IP”) that are not readily available in traditional, in-house systems.  Why worry about IP? Because as business becomes more electronic, your contracts, agreements, change orders, and work product are more likely to be written, reviewed, updated, and negotiated on-line. Protecting your documents, data, and information means protecting your business.

Let’s Get Technical

Google Apps’ underlying data management is Write Once; Ready Many (aka “WORM”). In other words, once information is saved in Google’s system it cannot be altered.  Unlike MS Exchange or a Windows File Server on which a Domain Administrator can alter any existing content anywhere, once data is saved in Google Apps, it cannot be modified.

Granted, you can reply to an email and modify the embedded copy of the original message. But, the original message is still saved as it was received.  Similarly, you can open a Google Doc and modify the content, but the revision history is there and you can go back to a prior versions.

The big risk to WORM is the power to delete … but we have a solution for that too.

Here are Six Ways To Protect Your IP with Google Apps:

 

1) Comments in Google Docs

Even if you switch to MS Word for your final formatting, draft your documents in Google Docs using the “Insert Comment” feature.  By keeping editing writes to yourself and giving comments only permission to your associates, you have full control of the document’s contents.  You associates — be they co-workers, a client, or opposing council — have the ability to highlight portions of the document and comment.  Whether they ask questions or suggest alternate wording, you can reply in-kind via comment as you edit the document.

Once final agreement is reached, you can “resolve” the comment.  While it disappears from view, it is part of the permanent history of the document.

Imagine two lawyers discussing and agreeing to the intent of a contract clause.  If an issue were to come up at some point in the future, any discussion of the ‘original intent’ of the clause would be cut short by the comment thread saved at the time.

2) Message Discovery (now); Google Vault (soon)

As noted above, the big risk to IP in Google Docs is deletion.  Google Message Discovery (GMD) available to all Google Apps users,  provide a secure, compliant archive of all inbound, outbound, and internal email messages with retention of up to 10 years.  The service provides search and e-discovery tools as well.

Imagine a client refusing to pay for work that was not “officially authorized”.  With GMD in place, you can produce the email thread discussing the work and providing the authorization.

Google Vault, available to new Google Apps customers now and all Google Apps users in the near future, extends the archiving ability of Google Apps in several ways.   Google Vault recognizes that you IP is not just in email and that your retention needs will vary.  Google Vault lets you:

  • Archive email, instant messages, and documents
  • Provide unlimited retention of archived information
  • Take advantage of the WORM underpinnings of Google Apps to maintain and protect your IP.

3) Google Drive and Docs

In our increasingly electronic world, more work gets done on the go.  By implementing Google Drive, your users have the ability to work locally while synchronizing and saving files automatically in Google Docs.  Beyond providing a convenient way to work — online or offline — Google Drive provides a level of protection for your IP from local hardware issues.  Combined with a backup/recovery strategy (see below), you have even better data protection.

Also, by adding additional space, you can also strategically create a secure file sharing structure where ownership of folders and files mimics traditional file server models.

4) Protected Folders

One way to protect IP is to ensure that final documents are tamper-proof and protected from deletion.  You can prevent critical documents from being editing or deleted by setting up protected folders.  These folders provide defined view permission, but will prevent users from tampering or removing critical information from within Google Docs.

CloudLock is one such service that lets you create protected folders.  In doing so, you can also determine who can add files to these folders, who can view folder content, and which administrative account manages the folders.

5) Backup / Restore

While Google Apps prevents data loss from hardware/software issues and provides version histories, Google Apps cannot prevent user mistakes or acts of malice.  Files not protected from deletion (see above) are vulnerable.  Additionally, you still need to protect against problems that can occur on any file server, such as uploading and sharing virus-infected files.

Given that in users have critical data in each of the Google Apps services, tools like Backupify offer a broad range of protection.  Backupify protects user content in email, calendar, contacts, docs, and sites.

6) Permissions Monitoring

Google Apps makes collaboration easy.  And, while you can restrict users ability to share to some extent, understanding the visibility of IP within and outside your business, and monitoring your documents for changes in exposure is an emerging best practice.

A key element of the CloudLock service are the ability to monitor changes in document permissions, the ability to change document ownership, and the emerging ability to set alerts based on keywords and business rules.

Wrap Up

When moving your data from in-house systems to Google Apps or other cloud services, you want and need to make sure that your data is at least, if not more, secure and private. Just as with in-house systems, you have tools and services available to manage and protect your intellectual property when using cloud solutions.  Google Apps provides a great foundation with an infrastructure designed to protect data with every save.  Integrated, third party tools like CloudLock and Backupify, along with new features in Google Apps itself, provide a manageable, secure, ecosystem.