Presentation on theme: "Compliance storyboard: Classifying & controlling content at the input device."— Presentation transcript:
Compliance storyboard: Classifying & controlling content at the input device
Application Areas: Companies wishing to: Prevent redistribution of valuable information including Intellectual Property (IP), Patent, Financial and Personnel information Achieving ISO 27001 Accreditation Merger & Acquisition activity Knowledge Management Records Management & Archiving using the ISO 19005 (PDF/A) archive-compliant standard. Secure Collaboration Projects Risk Management related to company information Enforcing Quality Assurance procedures, such as ISO 9000 and Six Sigma
Target Audience Head of Compliance Head of Information Security Chief Information Officer Company Secretary/COO Head of Internal Audit CEO CFO
Application Scenario This storyboard is based around Classifying, at the input device, key business documents. Based upon the ISO 27001 Information Classification selected, the scanned document will be stamped and the appropriate internal controls will be applied, as per the corporate document classification policy. An end user is presented with the Classification options that are mapped to their role, and authority, within a company. For example, the CFO may have access to a wider range of classification options than those presented to the Office Clerk. This has a five-tier classification model.
Authenticating The user is required to authenticate to the network, using Windows or biometric authentication. This action is recorded and logged.
The user is presented with the options applicable to their Role and level of authority within the company. Main Screen
The selected classification Top Secret is embedded in the document, and the appropriate business controls enforced. Preview
Intelligent document routing will initiate the selected business process, generating an audit trail. Destination
You can enforce your corporate security policies at the input device. In this example, the end-user MUST select a policy. Apply security
Classification of Top Secret requires encryption and routes a second archive copy to the Records Management System. Top Secret Classification
Controlled functionality When a document is classified as Top Secret, the User cannot print or edit the controlled document..
Information can also be protected before its distributed externally Destination options
eCopy can interface with corporate e-mail systems
From the device, an e-mail can be created and sent; a copy can also be sent to the Head of Compliance. Delivery options
Audit trail A detailed Audit Trail is recorded and can be integrated with existing management and reporting tools, such as Business Objects, SAS, and Actuate. The Audit Trail can also be stored within the Records Management system, with the archived documents.
eCopy summary eCopy can help companies achieve audited compliance through enforcing ISO 27001 classification for their key paper based information. As the information is classified at the point of entry, eCopy minimizes possible failures to follow the business process. eCopy can generate an ISO 19005 (PDF/A) archive-compliant copy of a document, together with a detailed audit trail, including authentication details, to prove compliance and to guarantee the integrity of the information through its lifecycle. eCopy enables Intelligent Document Routing, based upon the business process, to protect and control the distribution of business information. eCopy provides an intuitive user interface that displays the classification options mapped to the end user profile. –For example, Highly Confidential, selected by R&D staff, may generate an ISO 19005 archive copy. Highly Confidential, selected by Sales staff, may require different intelligent document routing and controls.