Robert F. Smallwood

Safeguarding Critical E-Docume

Mitarbeit: Blair, Barclay T.

• Gebundenes Buch

Produktbeschreibung

Practical, step-by-step guidance for corporations, universities and government agencies to protect and secure confidential documents and business records

Managers and public officials are looking for technology and information governance solutions to "information leakage" in an understandable, concise format. Safeguarding Critical E-Documents provides a road map for corporations, governments, financial services firms, hospitals, law firms, universities and other organizations to safeguard their internal electronic documents and private communications.
Provides practical, step-by-step guidance on protecting sensitive and confidential documents--even if they leave the organization electronically or on portable devices
Presents a blueprint for corporations, governments, financial services firms, hospitals, law firms, universities and other organizations to safeguard internal electronic documents and private communications
Offers a concise format for securing your organizations from information leakage

In light of the recent WikiLeaks revelations, governments and businesses have heightened awareness of the vulnerability of confidential internal documents and communications. Timely and relevant, Safeguarding Critical E-Documents shows how to keep internal documents from getting into the wrong hands and weakening your competitive position, or possible damaging your organization's reputation and leading to costly investigations.

Produktdetails

• Verlag: Wiley & Sons
• 1. Auflage
• Seitenzahl: 288
• Erscheinungstermin: 31. Juli 2012
• Englisch
• Abmessung: 235mm x 157mm x 20mm
• Gewicht: 573g
• ISBN-13: 9781118159088
• ISBN-10: 111815908X
• Artikelnr.: 34447037

Autorenporträt

ROBERT F. SMALLWOOD is a Partner and Executive Director of the E-Records Institute at IMERGE Consulting. One of the world's most respected authorities on e-records and document management, he has published more research reports on e-records, e-documents, and e-mail security issues over the past five years than any other person or organization. His research and consulting clients include Johnson & Johnson, IBM, Apple, MillerCoors, Ricoh Americas Corporation, South Carolina Retirement Systems, Dallas Independent School District, U.S. FDA, National Archives and Records Administration, Transportation Safety Board of Canada, Canadian Parliament, Supreme Court of Canada, Canada Mortgage and Housing Corporation, and National Archives of Australia, among others.

Inhaltsangabe

Foreword xiii Preface xv Acknowledgments xvii PART I THE PROBLEM AND BASIC
TOOLS CHAPTER 1 The Problem: Securing Confidential Electronic Documents 3
WikiLeaks: A Wake-Up Call 3 U.S. Government Attempts to Protect
Intellectual Property 5 Threats Persist across the Pond: U.K. Companies on
Guard 5 Increase in Corporate and Industrial Espionage 6 Risks of Medical
Identity Theft 7 Why Don't Organizations Safeguard Their Information
Assets? 8 The Blame Game: Where Does Fault Lie When Information Is Leaked?
9 Consequences of Not Employing E-Document Security 10 Notes 11 CHAPTER 2
Information Governance: The Crucial First Step 13 First, Better Policies;
Then, Better Technology for Better Enforcement 13 Defining Information
Governance 14 Accountability Is Key 16 Why IG Is Good Business 17 Impact of
a Successful IG Program 18 Critical Factors in an IG Program 19 Who Should
Determine IG Policies? 22 Notes 23 PART II INFORMATION PLATFORM RISKS AND
COUNTERMEASURES CHAPTER 3 Managing E-Documents and Records 27 Enterprise
Content Management 27 Document Management Principles 28 The Goal: Document
Lifecycle Security 29 Electronic Document Management Systems 29 Records
Management Principles 31 Electronic Records Management 31 Notes 33 CHAPTER
4 Information Governance and Security for E-mail Messages 35 Employees
Regularly Expose Organizations to E-mail Risk 36 E-mail Policies Should Be
Realistic and Technology Agnostic 37 Is E-mail Encryption the Answer? 38
Common E-mail Security Mistakes 39 E-mail Security Myths 40 E-record
Retention: Fundamentally a Legal Issue 41 Preserve E-mail Integrity and
Admissibility with Automatic Archiving 42 Notes 46 CHAPTER 5 Information
Governance and Security for Instant Messaging 49 Instant Messaging Security
Threats 50 Best Practices for Business IM Use 51 Technology to Monitor IM
53 Tips for Safer IM 53 Notes 55 CHAPTER 6 Information Governance and
Security for Social Media 57 Types of Social Media in Web 2.0 57 Social
Media in the Enterprise 59 Key Ways Social Media Is Different from E-mail
and Instant Messaging 60 Biggest Security Threats of Social Media 60 Legal
Risks of Social Media Posts 63 Tools to Archive Facebook and Twitter 64 IG
Considerations for Social Media 65 Notes 66 CHAPTER 7 Information
Governance and Security for Mobile Devices 69 Current Trends in Mobile
Computing 71 Security Risks of Mobile Computing 72 Securing Mobile Data 73
IG for Mobile Computing 73 Building Security into Mobile Applications 75
Best Practices to Secure Mobile Applications 78 Notes 80 CHAPTER 8
Information Governance and Security for Cloud Computing Use 83 Defining
Cloud Computing 84 Key Characteristics of Cloud Computing 85 What Cloud
Computing Really Means 86 Cloud Deployment Models 87 Greatest Security
Threats to Cloud Computing 87 IG Guidelines: Managing Documents and Records
in the Cloud 94 Managing E-Docs and Records in the Cloud: A Practical
Approach 95 Notes 97 PART III E-RECORDS CONSIDERATIONS CHAPTER 9
Information Governance and Security for Vital Records 101 Defining Vital
Records 101 Types of Vital Records 103 Impact of Losing Vital Records 104
Creating, Implementing, and Maintaining a Vital Records Program 105
Implementing Protective Procedures 108 Auditing the Vital Records Program
111 Notes 113 CHAPTER 10 Long-Term Preservation of E-Records 115 Defining
Long-Term Digital Preservation 115 Key Factors in LTDP 116 Electronic
Records Preservation Processes 118 Controlling the Process of Preserving
Records 118 Notes 121 PART IV INFORMATION TECHNOLOGY CONSIDERATIONS CHAPTER
11 Technologies That Can Help Secure E-Documents 125 Challenge of Securing
E-Documents 125 Apply Better Technology for Better Enforcement in the
Extended Enterprise 128 Controlling Access to Documents Using Identity
Access Management 131 Enforcing IG: Protect Files with Rules and
Permissions 133 Data Governance Software to Manage Information Access 133
E-mail Encryption 134 Secure Communications Using Record-Free E-mail 134
Digital Signatures 135 Document Encryption 137 Data Loss Prevention
Technology 137 The Missing Piece: Information Rights Management 139 Notes
144 CHAPTER 12 Safeguarding Confidential Information Assets 147 Cyber
Attacks Proliferate 147 The Insider Threat: Malicious or Not 148 Critical
Technologies for Securing Confidential Documents 150 A Hybrid Approach:
Combining DLP and IRM Technologies 154 Securing Trade Secrets after Layoffs
and Terminations 155 Persistently Protecting Blueprints and CAD Documents
156 Securing Internal Price Lists 157 Approaches for Securing Data Once It
Leaves the Organization 157 Document Labeling 159 Document Analytics 161
Confidential Stream Messaging 161 Notes 164 PART V ROLLING IT OUT: PROJECT
AND PROGRAM ISSUES CHAPTER 13 Building the Business Case to Justify the
Program 169 Determine What Will Fly in Your Organization 169 Strategic
Business Drivers for Project Justification 170 Benefits of Electronic
Records Management 173 Presenting the Business Case 176 Notes 177 CHAPTER
14 Securing Executive Sponsorship 179 Executive Sponsor Role 180 Project
Manager: Key Tasks 181 It's the Little Things 183 Evolving Role of the
Executive Sponsor 183 Notes 185 CHAPTER 15 Safeguarding Confidential
Information Assets: Where Do You Start? 187 Business Driver Approach 187
Classification 188 Document Survey Methodology 189 Interviewing Staff in
the Target Area 190 Preparing Interview Questions 192 Prioritizing:
Document and Records Value Assessment 193 Second Phase of Implementation
194 Notes 195 CHAPTER 16 Procurement: The Buying Process 197 Evaluation and
Selection Process: RFI, RFP, or RFQ? 197 Evaluating Software Providers: Key
Criteria 202 Negotiating Contracts: Ensuring the Decision 207 More Contract
Caveats 210 How to Pick a Consulting Firm: Evaluation Criteria 211 CHAPTER
17 Maintaining a Secure Environment for Information Assets 215 Monitoring
and Accountability 215 Continuous Process Improvement 216 Why Continuous
Improvement Is Needed 216 Notes 218 Conclusion 219 Appendix A: Digital
Signature Standard 221 Appendix B: Regulations Related to Records
Management 223 Appendix C: Listing of Technology and Service Providers 227
Glossary 241 About the Author 247 Index 249