Part 4 of 4 posts discussing the Ponemon Institute’s study on “The State of Data-Centric Security.”
Policy workflow automation tools promise greater compliance amongst employees and stakeholders by seamlessly enforcing company rules for data storage and collaboration from behind the scenes, without extra time or effort from the end user.
In a recent survey of over 1,500 global IT and IT security practitioners, the Ponemon Institute has revealed that implementing a comprehensive policy workflow automation tool is a top priority for a majority of IT professionals. If you haven’t yet considered a policy workflow automation tool, evaluating these tools can be surprisingly simple as long as you’re vetting them for the right principles. The following are fundamental capabilities you should be looking for when evaluating policy workflow automation tools.
Control who has access to shared documents
Establishing who can access sensitive documents is a key component of any good policy workflow automation tool. Define roles and responsibilities by user type and seniority to ensure greater compliance from day one.
Control conditions under which users have access
Whether a document is shared inside or outside of the organization, rules must be in place governing how long that file is accessible by an outside party and what he or she is able to do with that file. Any changes should be automatically logged and attached to a specific user.
Identify secure documents with watermarking
Documents are often printed, screen-captured, or otherwise taken outside of a policy workflow automation tool without permission or any sort of audit record. Automatically assigning traceable watermarks to each and every document that is shared inside or outside of the organization can help track down and plug leaks in the event that a policy is violated.
Stay abreast of sensitive access
Receiving regular updates via email or SMS when specific conditions are met (for example, if a specific file is uploaded or downloaded) provides not only peace of mind, but more importantly, the opportunity to quickly respond to sensitive data being altered or shared. The value of policy workflow automation lies in an “always on” approach to policy management.
Make the process seamless for the end user
Lastly, and perhaps most importantly, a great policy workflow automation tool helps users collaborate on and share documents without adding tasks to their workflows. Policies for data storage and sharing can be complex to the average corporate user trying to get things done, which means they’ll be less likely to adopt those policies for the long-term. Seamless integration means built-in features that are almost invisible, allowing an employee or stakeholder to stay compliant while easily getting their work done.