Enterprise DRM products protect documents from prying eyes
Liquid Machines, SealedMedia secure enterprise perimeter by controlling document access, compliance
Click for larger view.
This solution relies on a fundamental Context, which defines a group of documents, the people who can use the documents, and the roles those people can perform, such as opening, printing, or annotating documents. This strategy allows you to set up a full-scale system and manage thousands of documents and users in short order -- typically a day or so -- which would be impractical if you had to attach rights to each document and user individually.
SealedMedia offers pre-configured Context roles and associated workflows appropriate for Board Communications, Mergers and Acquisitions, Protecting Intellectual Property, Regulatory Compliance, and Secure Third-Party Collaboration. SealedMedia follows ISO17799 security-level mappings in these setups, which should help greatly in proving ISO17799 compliance.
Similarly, you can comply with Sarbanes-Oxley regulations for securing and maintaining the integrity of digital records. SealedMedia will restrict and track access to spreadsheets and other financial data, too.
I successfully used the M&A setup and didn’t have any trouble taking the five standard out-of-the-box roles -- contributor, reviewer, reader, no-print reader, and item reader -- and employing them in various Contexts of my own.
Using the system’s management features, I created the initial Context -- unannounced products for a marketing department -- and owners to share administration responsibilities. Owners then assigned roles: for example, who can create, edit, and e-mail documents; who has read access; and those with no access.
End-users perform a one-time install of the Desktop Sealer application, which opens sealed documents either after asking for a log-in or automatically based on existing Windows NT domain credentials. Installing Desktop Sealer also embeds its functions into Office applications, which allowed me to use various security features with minimal added work. For example, to seal a document to a particular Context, I merely used a toolbar button or the File/Save menu and chose the appropriate Context name. The sealing cryptography has very little overhead, typically enlarging a document by less than 1 percent.
When I mailed this sealed document to a colleague who had appropriate read-edit rights, it opened without requiring any extra steps. If someone else attempts to open the document, SealedMedia provides a clear status message indicating why the operation failed and whom to contact for assistance. Additionally, SealedMedia prevented users from extracting the temporarily unsealed data by disabling copy/paste and many other application functions.