twixx - Fotolia

Why data protection shifted from the network to content-based security

Information security used to focus on securing a company's network. But cloud computing and mobility have blown traditional models wide open.

Information security used to focus on securing a company’s network -- protecting the perimeter of a company's four walls. But cloud computing and mobility have blown traditional models of security wide open. How can companies adjust by employing content-based security, or asset-based security?

The idea is to control the content. It doesn't matter if somebody can get past your other defenses, if you can control access to that content, you have control of your intellectual property.

Several companies have been trying to attack this problem. What does it mean? It means controlling things like who can edit, who can share (copying and pasting), and being able to expire documents; so, you can say that you can look at it for this period of time, but after that period of time is over the document is no longer accessible. Or you can just shut down immediate access to documents, say 'This document is no longer accessible,' and it's like it doesn't exist. If you click the link to the document, nothing happens.

Back in the day, there was this idea of document rights management, and it was a bit kludgy. But today, with the cloud, you can set up content-level security and you can basically control every aspect of how people use that content.

To give you a couple of examples, MobileIron just released a content security service that gives control of content at that kind of granular level but across a number of services. Right now it's like Box and Dropbox, I think, but over time they plan to layer on other services and layer on APIs to more obscure services.

If you know that people are using a service, rather than try to control what they can and can't do, you control the content wherever it goes and it's a pretty smart approach, I think.

Next Steps

Report reveals enterprise social media threats may be growing

Taking a content-based approach to security

Weaknessess that leave organizations vulnerable to an attack

Dig Deeper on Information governance management