IBM FileNet and IRM SECURE FileSecure

Once the document is downloaded, the FileNet system loses complete control on the document and cannot do any kind of audit tracking on the document afterwards. Also, FileNet can make changes to the access control policies only after the document is uploaded back into the FileNet system. These changes cannot be enforced on the documents that are already downloaded or forwarded by the FileNet-user. Thus, protection of FileNet documents outside of the FileNet system becomes a serious concern to many organizations using FileNet.

IBM Filenet can control security policies of a document only until the time the document is within the system. This means that FileNet only provides “access control” to its information.

IRM SECURE FileSecure protects the document and restricts usage to only specific users or groups (WHO), specific actions such as view, print, edit, copy, download, forward (WHAT) and specific time of usage. For example, the document can only be viewed “until the15th of August 2013” or “3 days” (WHEN), and it also restrict the usage to specific computers and network IP addresses (WHERE) thus providing an additional layer of control and security when providing access to information outside of IBM FileNet. IRM SECURE FileSecure’s IRM protection for FileNet ensures that security of information outside of FileNet is not breached during the entire lifecycle (creation, storage, versioning, archival, deletion) of the document.

IRM SECURE FileSecure also provides history tracking of the usage of the information once it leaves FileNet. This helps companies comply with regulatory and compliance frameworks like ISO, Sarbanes-Oxley & HIPPA. More importantly it enables organizations to trace and perform forensics on any data breaches that occur inside and outside of the organization

IBM FileNet and IRM SECURE FileSecure presentation

View more presentations from IRM SECURE,India | Download

From a technology perspective, various deployment models are available. The following diagram shows the most common deployed architecture.

FileNet + IRM SECURE FileSecure
Access Control
Can provide control while the information is within the system only

Can provide control even after the information is downloaded from the system

Usage Control (View, Edit, Print, etc)
Does not provide usage control
Can provide usage control persistently within & outside the system
Policy changes

Can reflect changes in policies while the information is within the system

Can reflect changes in policies while the information is outside the system & in real time

Audit trail
Can provide audit trails for information before download only
Can track all authorized and unauthorized attempts on information before and after download