Safeguarding Critical E-Documents - Implementing a Program for Securing Confidential Information Assets

Ulteriori informazioni

Informationen zum Autor ROBERT F. SMALLWOOD is a Partner and Executive Director of the E-Records Institute at IMERGE Consulting. One of the world's most respected authorities on e-records and document management, he has published more research reports on e-records, e-documents, and e-mail security issues over the past five years than any other person or organization. His research and consulting clients include Johnson & Johnson, IBM, Apple, MillerCoors, Ricoh Americas Corporation, South Carolina Retirement Systems, Dallas Independent School District, U.S. FDA, National Archives and Records Administration, Transportation Safety Board of Canada, Canadian Parliament, Supreme Court of Canada, Canada Mortgage and Housing Corporation, and National Archives of Australia, among others. Klappentext Practical, step-by-step guidance for corporations, universities and government agencies to protect and secure confidential documents and business recordsManagers and public officials are looking for technology and information governance solutions to "information leakage" in an understandable, concise format. Safeguarding Critical E-Documents provides a road map for corporations, governments, financial services firms, hospitals, law firms, universities and other organizations to safeguard their internal electronic documents and private communications.* Provides practical, step-by-step guidance on protecting sensitive and confidential documents--even if they leave the organization electronically or on portable devices* Presents a blueprint for corporations, governments, financial services firms, hospitals, law firms, universities and other organizations to safeguard internal electronic documents and private communications* Offers a concise format for securing your organizations from information leakageIn light of the recent WikiLeaks revelations, governments and businesses have heightened awareness of the vulnerability of confidential internal documents and communications. Timely and relevant, Safeguarding Critical E-Documents shows how to keep internal documents from getting into the wrong hands and weakening your competitive position, or possible damaging your organization's reputation and leading to costly investigations. Zusammenfassung Practical, step-by-step guidance for corporations, universities and government agencies to protect and secure confidential documents and business records Managers and public officials are looking for technology and information governance solutions to "information leakage" in an understandable, concise format. Inhaltsverzeichnis Foreword xiii Preface xv Acknowledgments xvii Part I The Problem and Basic Tools Chapter 1 The Problem: Securing Confidential Electronic Documents 3 WikiLeaks: A Wake-Up Call 3 U.S. Government Attempts to Protect Intellectual Property 5 Threats Persist across the Pond: U.K. Companies on Guard 5 Increase in Corporate and Industrial Espionage 6 Risks of Medical Identity Theft 7 Why Don't Organizations Safeguard Their Information Assets? 8 The Blame Game: Where Does Fault Lie When Information Is Leaked? 9 Consequences of Not Employing E-Document Security 10 Notes 11 Chapter 2 Information Governance: The Crucial First Step 13 First, Better Policies; Then, Better Technology for Better Enforcement 13 Defining Information Governance 14 Accountability Is Key 16 Why IG Is Good Business 17 Impact of a Successful IG Program 18 Critical Factors in an IG Program 19 Who Should Determine IG Policies? 22 Notes 23 Part II Information Platform Risks and Countermeasures Chapter 3 Managing E-Documents and Records 27 Enterprise Content Management 27 Document Management Principles 28 The Go...

Sommario

Foreword xiii
 
Preface xv
 
Acknowledgments xvii
 
PART I THE PROBLEM AND BASIC TOOLS
 
CHAPTER 1 The Problem: Securing Confidential Electronic Documents 3
 
WikiLeaks: A Wake-Up Call 3
 
U.S. Government Attempts to Protect Intellectual Property 5
 
Threats Persist across the Pond: U.K. Companies on Guard 5
 
Increase in Corporate and Industrial Espionage 6
 
Risks of Medical Identity Theft 7
 
Why Don't Organizations Safeguard Their Information Assets? 8
 
The Blame Game: Where Does Fault Lie When Information Is Leaked? 9
 
Consequences of Not Employing E-Document Security 10
 
Notes 11
 
CHAPTER 2 Information Governance: The Crucial First Step 13
 
First, Better Policies; Then, Better Technology for Better Enforcement 13
 
Defining Information Governance 14
 
Accountability Is Key 16
 
Why IG Is Good Business 17
 
Impact of a Successful IG Program 18
 
Critical Factors in an IG Program 19
 
Who Should Determine IG Policies? 22
 
Notes 23
 
PART II INFORMATION PLATFORM RISKS AND COUNTERMEASURES
 
CHAPTER 3 Managing E-Documents and Records 27
 
Enterprise Content Management 27
 
Document Management Principles 28
 
The Goal: Document Lifecycle Security 29
 
Electronic Document Management Systems 29
 
Records Management Principles 31
 
Electronic Records Management 31
 
Notes 33
 
CHAPTER 4 Information Governance and Security for E-mail Messages 35
 
Employees Regularly Expose Organizations to E-mail Risk 36
 
E-mail Policies Should Be Realistic and Technology Agnostic 37
 
Is E-mail Encryption the Answer? 38
 
Common E-mail Security Mistakes 39
 
E-mail Security Myths 40
 
E-record Retention: Fundamentally a Legal Issue 41
 
Preserve E-mail Integrity and Admissibility with Automatic Archiving 42
 
Notes 46
 
CHAPTER 5 Information Governance and Security for Instant Messaging 49
 
Instant Messaging Security Threats 50
 
Best Practices for Business IM Use 51
 
Technology to Monitor IM 53
 
Tips for Safer IM 53
 
Notes 55
 
CHAPTER 6 Information Governance and Security for Social Media 57
 
Types of Social Media in Web 2.0 57
 
Social Media in the Enterprise 59
 
Key Ways Social Media Is Different from E-mail and Instant Messaging 60
 
Biggest Security Threats of Social Media 60
 
Legal Risks of Social Media Posts 63
 
Tools to Archive Facebook and Twitter 64
 
IG Considerations for Social Media 65
 
Notes 66
 
CHAPTER 7 Information Governance and Security for Mobile Devices 69
 
Current Trends in Mobile Computing 71
 
Security Risks of Mobile Computing 72
 
Securing Mobile Data 73
 
IG for Mobile Computing 73
 
Building Security into Mobile Applications 75
 
Best Practices to Secure Mobile Applications 78
 
Notes 80
 
CHAPTER 8 Information Governance and Security for Cloud Computing Use 83
 
Defining Cloud Computing 84
 
Key Characteristics of Cloud Computing 85
 
What Cloud Computing Really Means 86
 
Cloud Deployment Models 87
 
Greatest Security Threats to Cloud Computing 87
 
IG Guidelines: Managing Documents and Records in the Cloud 94
 
Managing E-Docs and Records in the Cloud: A Practical Approach 95
 
Notes 97
 
PART III E-RECORDS CONSIDERATIONS
 
CHAPTER 9 Information Governance and Security for Vital Records 101