exit sign

How to Protect Workflows When They Cross Enterprise Boundaries

5 minute read
Andy Feit avatar

Back in the day, content-driven workflows were easy. Your collaborators were all part of your organization and editing rights were determined by a user’s application credentials or LDAP profile. 

The people involved in your business workflow had a secure local connection to your network, or came in using a VPN while remote. If roles changed or users left the company, their accounts were deleted and they could no longer access the information. 

It was a simpler time.

Access Without Compromise 

Today, by contrast, it is common practice to provide non-employees involved in your core business processes with access to content, including highly sensitive information. So, the challenge becomes providing access to multiple outside parties without compromising information security and availability — and without stretching your IT department’s resources and budget too thin. 

Fortunately, a new class of secure content collaboration solutions allows organizations to incorporate the outside world easily into their key business workflows.

One Workflow, Multiple Users 

Even seemingly everyday tasks can require the assistance of multiple outsiders. Consider a bank that receives a loan application: it must be routed to multiple third parties, one to conduct a background and credit check, another for property appraisal and a third for tax and lien history. 

Similarly, in a hospital setting, a physician may forward a patient’s medical records to a consulting doctor for a second opinion, and once a treatment plan has been recommended, send it to the insurance company for approval. 

Necessary Workflow Risks

In fact, nearly every industry has use cases proving that business cannot get done today without granting partners and other third-party service providers access to confidential data.

And regardless of the precise scenario, after content has been reviewed, annotated and potentially modified, the files must then be placed back into an enterprise’s own system of record to trigger the next step in the workflow.

The Limitations of Traditional Data Sharing Options

When that content includes sensitive information, enterprises have traditionally had three options for sharing it with external parties:

1. Provide access to external users

Providing external users with access to employee content collaboration applications and systems may require creating accounts for additional users and deleting them when the collaboration is completed. Training outside users on how to use your system is also required, and can sometimes be complicated by the fact that many third-party vendors work with multiple companies and must master numerous applications. 

Opening access to your corporate network to outside personnel and their devices also introduces a host of security risks. Your IT department must now administer, manage, monitor and troubleshoot external users, potentially stretching your resources and budgets. 

Learning Opportunities

On the plus side though, your workflow integration won’t have to be modified if everyone is using the same system.

2. Reduce workflows using cloud storage

Workflow interactions can be reduced to basic functions such as sharing files via some form of cloud-based storage. Purely from a content collaboration perspective, some applications can follow this path. However, this not only risks duplication of content but also presents the challenge of updating copies to maintain synchronization and version control.

In addition, the context of the overall business workflow can often be lost, making it impossible to know what has happened to a given file before it arrived, who should get it next and what each user’s role should be in reviewing, approving or editing it. 

What’s more, this approach raises significant concerns about security and compliance, especially where PII or PHI are involved. The issues around governance, risk and compliance, coupled with the lack of true workflow integration, limit the value of this option.

3. Use the cloud to redesign workflows

Some organizations are opting to move their content collaboration applications to the cloud, while redesigning their workflows in the process to make them more open to external participants. 

While this can be a viable solution, the cost and disruption of such an approach is generally beyond the scope of most businesses. Unless you are already planning to re-architect your platform, the time and resources required are likely to be too great.

Key Considerations for Securing Your Content

Moving past the limitations described above, a new class of secure content collaboration solutions is now available that enables organizations to overcome the limitations of the more traditional approaches to working with outside partners. Here are some key considerations to keep in mind in implementing these solutions:

  • Provide a consistent user interface to your content: Providing all users with an intuitive experience from any device, regardless of the application generating the content, enables even external parties to participate in existing workflows without significant training.
  • Dual deployment between cloud and local: The ability to deploy either on-premises or in a private cloud enables you to meet even the most demanding security requirements by knowing exactly where your data resides.
  • Create detailed audit logs that show all content activity: Knowing exactly who accessed your content, when they accessed it and whether they viewed it, downloaded it or forwarded it, will put you in the strongest possible position to demonstrate your organization’s compliance with rigorous industry regulations.
  • Keep content where it belongs: Instead of creating duplicate copies of content for the purposes of collaboration, integrate with the applications that create the content to manage the associated workflows. 

Safe, Yet Open

With these key elements in place, you’ll be able to safely open your workflows to the outside world, while avoiding unnecessary disruptions and ensuring you maintain a strong information security posture.

About the author

Andy Feit

Andy Feit is CMO of Accellion, a provider of secure file sharing and collaboration solutions in the private cloud. He has over 25 years of marketing and general management experience in the enterprise software industry, including content management and security markets.

About CMSWire

For nearly two decades CMSWire, produced by Simpler Media Group, has been the world's leading community of customer experience professionals.


Today the CMSWire community consists of over 5 million influential customer experience, digital experience and customer service leaders, the majority of whom are based in North America and employed by medium to large organizations. Our sister community, Reworked gathers the world's leading employee experience and digital workplace professionals.

Join the Community

Get the CMSWire Mobile App

Download App Store
Download google play