Skip Links

Network World

  • Social Web 
  • Email 
  • Close

Control collaboration — don’t inhibit

By Kurt Johnson , Network World , 01/10/2008
This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter's approach.

Web 2.0-inspired communities and social-networking tools are migrating into the enterprise and bringing with them risks that many organizations are unprepared to address. The challenge is to balance the business value of the new tools with the reality of risk management and compliance.

The market for enterprise collaboration tools will increase as organizations continue to seek the associated benefits of improved communication, content management and context-driven information sharing. However, without the proper framework to enforce procedures, the resulting shared workspaces can quickly become unmanageable, increasing the risk of sensitive content being disseminated outside of its intended audience.

From a compliance perspective, much of the technology focus has been on ensuring that users can get access to data and resources, with less thought about whether or not users should have that access. Organizations must establish risk-based governance and controls to ensure sensitive corporate or consumer data is not getting into the wrong hands, thus ensuring long-term security and compliance with security policy and industry regulations.

The responsibility is even greater as business managers assume more accountability for compliance with business policy and regulations such as Basel II, the Health Insurance Portability and Accountability Act, Payment Card Industry standards and the Sarbanes-Oxley Act. They need to be able to answer questions associated with what data is being shared, who has access, who needs access, and who is ultimately responsible for managing the information.

For example, popular collaboration tools such as Microsoft SharePoint bring new levels of exposure that have yet to be addressed by regulations or best practice company policies. Given the viral nature of SharePoint environments, organizations can be faced with responsibility for thousands of employee portals — all operating without any formal checks and balances, and virtually no oversight in terms of compliance or security exposure.

With sensitive documents being posted and shared, companies need controls that ensure only employees with proper access can view certain information. Improved levels of access control will allow better management over who is collaborating with potentially sensitive data, and whether or not they should be.

Partner Content

Brilliantly simple security and control solutions for email, web and endpoint

www.sophos.com

Stopping data leakage

Learn how to exploit your current security investment to control the information that flows into, through and out of your network.

Download the white paper.

Why detection rates aren't enough

Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask to prospective vendors to get the right endpoint solution.

Download the white paper.

Unauthorized applications: Taking back control

Employees installing and using unauthorized applications like IM, VoIP, games and peer-to-peer file-sharing applications cause many businesses serious concern. How do you control these applications?

Download the white paper.

Comment
Login
Forgot your account info?
Add comment
Anonymous comments subject to moderator approval. Register here for member benefits.
Have a NetworkWorld account? Log in here. Register now for a free account.

Videos

rssRss Feed
Save The Date!
What They Are Saying

Investment of a Technology should be 'held off' because there hasn't been enough investment in it yet? Is...- Anonymous

Join the Discussion