Modern IRM: Securing the future of work

Prakash Linga, CTO at Vera

No matter what business you’re in, the one thing you produce more than anything else is text. Every day, you and your colleagues are creating, discussing, and documenting valuable intellectual property. But in order for it to reach its potential, it must be shared.

That’s the challenge that modern enterprises face: to be competitive in a dynamic market, you have to enable teams to share fluidly and efficiently, and often across borders. But protecting critical business information as it travels is increasingly difficult, and can quickly become a liability.

The good news is that the same infrastructure that’s accelerating these challenges – public cloud platforms – can provide a workable solution, if we can learn from the limitations of legacy security solutions.

According to a recent Rightscale survey, we’re reaching full saturation of cloud adoption, with 93% of organizations choosing the cloud for core business processes. That’s a big swing in two short years – in 2013 less than half of the businesses surveyed were beginning to “experiment” with cloud.

The future of work that pundits have been talking about for years is here: it’s open, dynamic, demands rapid sharing of information, and the statistics prove it. Moreover, more than a billion Microsoft Office users worldwide generate half a trillion documents, emailed, downloaded, and shared annually. That’s 500 documents, per person, per year. Tracking all that data – let alone securing it – is a monumental task.

Despite rapid cloud adoption, security tools haven’t kept up with the pace of our increasingly collaborative environments. The same Rightscale survey found that the majority of businesses (82%) use multiple platforms and storage solutions to quarantine information into different locations, hoping to contain confidential data on-premises or stored in a private cloud (e.g., legal, financials, human resources files) while allowing non-sensitive information to move into the public cloud. Unfortunately, in a collaborative enterprise, this kind of physical classification breaks down quickly.

It’s not surprising many have taken this approach. Traditional security and rights-management tools aren’t designed to secure data that’s continuously being created, shared, and edited across multiple applications and devices. For IT, that increases the pressure to find better ways to secure information without impacting collaboration.

Legacy rights-management tools were built to address a different problem – keeping classified data from leaving a managed network. These limitations simply can’t adapt to a business ecosystem that is fundamentally more dynamic, interconnected, collaborative. When it’s no longer prudent to assume that every collaborator is part of a homogeneous organization and uses only a sanctioned set of tools, it logically follows that it’s equally unworkable to require someone to download additional software to interact with secure files. Forcing end-users to work around their productivity tools of choice to act securely encourages the opposite: risky workarounds, and low adoption.

Classic IRM also limits protections to a small set of file types (e.g., Office and PDF documents), leaving a universe of other modern data types (medical images, images, videos) exposed to risk. And even worse, it’s limited in its ability to protect, track and control data, as it moves across cloud services, on-premise locations and devices. Classic IRM is restrictive as it is unscalable.

Introducing Modern IRM

A better, more secure model understands this balance. It’s a model where teams are empowered to work on their own terms with tools that accelerate productivity and efficiency, and at the same time gives IT and security leaders complete visibility and control over any data, anywhere it moves, regardless of who has it. Modern IRM is designed with the end-user in mind, making interacting with secure data transparent and seamless, invisibly enforcing a company’s access controls anywhere the file lives — offline, on-premises and cloud applications.

In order to adapt your security to the future of work, you need to identify strategies and tools that drive widespread adoption of security. We need a model that allows for complete control over any type of information, no matter where it lives, moves or where it’s stored. In doing so, we gain the opportunity to accelerate collaboration and work in a more trust-based model.

If businesses in highly-regulated industries really want to invest in security, they should begin by choosing a solution that supports an infinite set of content and file types. This way, organizations in the financial, healthcare, manufacturing, and professional services industries can protect their most precious data, with zero impact to the user experience. By embracing a Modern IRM approach and incorporating these new tools into their core workflows, these firms can ensure rapid collaboration across their ecosystem, but remain confident that their most important information stays in their control.