Blackstone needed tofacilitate global communication between executives, partners and clients on a secure platform upon which sensitive documents could be distributed and shared among various internal and external parties. Data security was imperative, but so was the communication flow among stakeholders and board members and the usability of the interface for non-technical collaborators. The level of security Blackstone sought included methods for tracking the lifecycle of a document and the ability to erase data in the event of accidental or malicious leakage.
To accomplish this, Blackstone deployed a data-centric solution that lets the firm control and track who accesses information, when the information is viewed and how frequently recipients use it. If sensitive documents are ever inadvertently shared, Blackstone can easily revoke rights and disable anybody from accessing data – even after it has left the company.
Just as important, Blackstone relies on document-level encryptionto facilitate the appropriate sharing of critical information with internal and external parties and extend safeguards to mobile devices, like iPhones and iPads.
In a business in which the value of proprietary information cannot be overstated, Blackstone has found that wrapping a security blanket around every document is a competitive advantage. Productivity and collaboration among team members is up, and the concern over the “what-ifs” of document-based collaboration is gone.
A more effective approach to document security
As global investment firms reevaluate their document security plans, they should ask these five questions:
Can we comply with Sarbanes-Oxley and other regulatory standards if we don’t know whether unpublished financial results are being shared or lost?
Can we quantify costs and legal risk if our BYOD program means that data on all employee-owned devices needs to be discoverable in the case of litigation?
Can we maintain control over our data if company-owned mobile devices are lost?
Can we maintain control over our data if it resides on employee-owned mobile devices that are lost?
Are our employees sharing files via public cloud services like Dropbox?
The reflexive response to those questions might be to ban employee-owned mobile devices and consumer-grade cloud services, but enforcing such a ban is nearly impossible. Instead, global investment firms should focus on implementing data protection at the document level and delivering enterprise-quality syncing capabilities, so users won’t be tempted by Dropbox or other applications outside the enterprise’s control.
To cure document security headaches, investment firms can leverage enterprise-grade document security that mimics consumer-style interfaces; this creates higher employee adoption rates and gives firms the power to enforce document-level controls on desktop computers and mobile devices. When these controls are dynamic, organizations can easily revoke access to specific documents if a business relationship ends or an employee loses a device.
Investment firms need document-level protection, tracking and control that cures security headaches, stops Dropbox Syndrome before it starts and accommodates the pervasive BYOD trend in the market. Such capabilities ensure that clients are protected and firms remain competitive.
Moti Rafalin is the co-founder and CEO of WatchDox, a provider of secure access, file sync and collaboration solutionsthat enable the confidential sharing of sensitive documents.