This week, there are number of issues dear to the GRC heart. First, OpenText is offering a secure large file transfer application, Symantec has identified what happens to data on smartphones when the smartphones get lost, we take a look at SharePoint governance and content migration, while Canon secures information captured through printers.

OpenText’s Secure File Transfer

OpenText has been busy again and announced a solution for managing the fast and secure exchange of large files inside and outside enterprises.

Easy-to-use and deploy, OpenText Managed File Transfer (MFT) integrates with Microsoft Outlook, reduces file attachment size concerns and provides a platform for the secure and auditable exchange of rich digital content including sensitive intellectual property among employees and third-parties. Key features include:

  • Content delivery based on file acceleration technology
  • Intuitive user experience through Microsoft Outlook or a Web browser
  • Encryption of content-in-transit and authentication against the enterprise directory
  • End-to-end audit trail
  • File delivery with auto-resume, QoS support and network conditions adaptability

In most organizations, the average file attachment size allowed within Microsoft Outlook is 10 megabytes, a real problem if you’re trying to exchange rich media content.

To overcome the 10 MB restriction, employees often resort to risky or cumbersome file exchange methods such as FTP, physical media or cloud-based public storage sites.

MFT unburdens users from file size limitations while providing usability comparable to email attachments. With support for a wide range of industry standard encryption types and the included OpenText FIPS 140-2 certified cryptography module, OpenText Managed File Transfer helps ensure the safe and compliant exchange of intellectual property. On the receiving end, files are available from any browser or email system. It is available now.

SharePoint Governance, Content Migration

Earlier in the week, we looked at governance in SharePoint when migrating content into hybrid environments. There is anecdotal evidence that enterprises will continue to use hybrid SharePoint environments until they are sure about data security in the cloud.

The result is a workspace where business applications will be spread across on-premise and cloud environments, which by their nature require a strong IT governance model.

A recent white paper by Chris Beckett, an information systems architect and SharePoint specialist, entitled "A Governance Guide for Hybrid SharePoint Migrations," looks at content migration policies and governance for those that are considering the hybrid route. 

Symantec, Smartphone Data Problems

You can show anything with statistics, which is why, when possible, we avoid vendor surveys. However, one survey caught our attention this week, not just because it contains an important lesson for smartphone users, but also because it demonstrates just how much people love looking after and into other people’s business.

The survey was carried out by Symantec and aimed to find out what happens to lost, or stolen smartphones and the data on them.

Carried out with the help of Scott Wright of Security Perspectives the Symantec Smartphone, Honey Stick Project “lost” 50 smartphones containing deliberately placed corporate information as well as the usual personal information that is contained on smartphones.

They were placed in five different cities: New York City; Washington D.C.; Los Angeles; San Francisco and Ottawa, Canada. They were left in high-traffic public places such as elevators, malls, food courts and public transit stops.

The results are interesting -- and sorry, yes I found it funny -- but even in the case of people who attempted to return the phones, the majority made attempts to view the data on them. In fact, 96% of the lost smartphones were accessed by their finders. Specifically

  • Six out of 10 finders attempted to view social media information and email.
  • Eight out of 10 finders tried to access corporate information, including files clearly marked as "HR Salaries," "HR Cases," and other types of corporate information.

The “honey stick" smartphones also had an application that appeared to allow access to a remote computer or network, and sure enough one out of every two finders tried to run the "Remote Admin" app. There are a lot more “shocking” statistics here, but it really shows the danger of not having adequate security for your smartphone. We’ll probably take a more in-depth look at this later, but in the meantime, check out the report here.

Canon’s Secure Document Capture

Meanwhile, digital imaging solutions provider Canon has announced the introduction of imageWARE Secure Audit Manager Express, an information security software solution that provides capture, archive and audit capabilities of activities performed on Canon imageRUNNER ADVANCE MFPs along with other Canon MEAP-enabled devices such as print, scan, fax, copy and send jobs.

Because imageWARE Secure Audit Manager Express exports audit data to a Windows folder as opposed to using a centralized database to store job information, it fits into IT infrastructures of practically all sizes.

The software stores job attribute information from printed or scanned documents, such as who sent it, when it was sent and a copy of the actual document image.

In the event that important information is lost, crucial data including user ID, time/date, send/receive and a searchable record of what was sent can be retrieved by searching archived data of all document processing activities.

As imageWARE Secure Audit Manager is a scalable solution, enterprises of all sizes can benefit from its ability to deter information leaks.