Adobe are often keen to suggest that they have been the primary innovator in developing the digital rights management space. Although there is speculation as to extent of which they have contributed, there can be little doubt as to whether or not their file format – PDF – is considered to be the logical common output for documents across many platforms where copy protection is needed.
While many companies have claimed to have had an input into the file security solutions that we find ourselves using today, such as XrML for example, only Adobe have managed to lead with the sheer scale and reach to make their solution resonate and be considered the global standard. With the evolution of on-line retailing environments, the lack of barriers to entry, and other digital communication advancements; it is now more necessary than ever to ensure that digital rights management tackles copyright theft through adding complications and difficulties to the processes used to steal content. Indeed, it is widely acknowledged that DRM software can only stop copyright theft at some levels – for example, DRM cannot stop manual replication (writing your own copy) in the case of ebook copy prevention.
It is said that the primary functions of DRM security software are controlling copying/extraction, printing functionality management and changing after a subsequent save. Such functions are always going to needed where copyright is not surrendered upon receipt of the document. Watermarking – as a copy control and digital rights management solution – is often considered to be surrounded with some uncertainty. In the case of ebook copy prevention, for example, publishers are faced with making a decision where the implementation of watermarking can leave their customers having to sacrifice appearance and usability in return for prevention of black-market distribution. Although the value of this is disputed, we can at least agree that while advancements are under way, such as identifying the purchaser, the video, music and broadcast business do not appear to be moving away from watermarking in a hurry!
As electronic learning methods advance, Adobe have been careful to facilitate comment authoring in tandem with document security, to allow both collaboration and copyright implementation. This is something which is unlikely to have much value in commercial publishing, however Adobe would not want to allow any competitors to eat away at a sub-niche and innovate across the board at the same time.
The middle ground between practicality, reasonableness, and implementation of the rights that come along with copyright assets, can be best depicted by the situation where the 2000 publication of Lewis Carroll's Alice in Wonderland, which did not allow the book to be read aloud – a feature which is widely considered to be an advantage of PDF documents, and an assumed feature when purchasing a digital document. Some claim that such behaviour goes against accessibility initiatives, while others suggest that the necessity for document security, coupled with the associated disadvantages of market forces, mean that the decision is one which should be made at the free will of the copyright holder. Some find that the controls made available by innovators such as LockLizard – www.locklizard.com - suit them better.
Leak Prevention: Data Security in the Digital Age
With a recent spate of high-profile data leaks, the need for reliable data security is top-of-mind for many business owners and administrators. And whether the leaks are intentional, unintentional or malicious in nature, an information leak can cost companies millions of dollars – and the trust of their clients or partners. In fact, according to the 2006 Cost of Data Breach Study from The Ponemon Institute, in 2006, data breaches cost companies an average total of $4.7, or $182 per customer record lost.
"The burden companies must bear as a result of a data breach are significant, making a strong case for more strategic investments in preventative measures such as encryption and data loss prevention," said Dr. Larry Ponemon, chairman and founder of The Ponemon Institute, in a written statement. "Tough laws and intense public scrutiny mean the consequences of poor (data) security are steep – and growing steeper for companies entrusted with managing stores of consumer data."
Among the 31 companies that participated in the study (which all experienced security breaches) the breaches occurred as a result of the following:
• 45% of the data security breaches were a result of lost or stolen laptops, desktops, PDAs, or thumb drives
• 29% were caused by lost or stolen files acquired or used by a third-party
• 26% of the breaches were caused by lost or stolen electronic backups
• 13% were caused by lost or stolen paper records or files
• 10% involved hacked electronic systems
• 6% were caused by malicious insiders
• 6% were caused by malware
• 3% of the data security breaches were caused by a misplaced network or enterprise storage device due to a natural disaster
Data Protection: How to Increase Your Data Security
To diminish the risk of a data security breach, companies need an information-centric solution with proven coverage, simplicity, and data protection capabilities. And whether you choose a product like the Websense Content Protection Suite or another information leak prevention (ILP) solution, there are steps you can take to reduce your risk of losing valuable data. These include:
• Using an ILP tool to discover where the sensitive data resides. This will help you not only inventory the data you have, but help you understand how you can develop a data protection plan to suit your needs.
• Monitor the data on the network and watch how it’s used. This will reveal the risks and (perhaps) the broken business processes that exist.
• Set up data protection policies and assign a value to each piece of sensitive information. Once it is determined how sensitive the data is, you can determine the cost-benefit of protecting the data and the value of the data to your organization. With that in mind, you can set parameters for how the data will be accessed, who may access it – and for how long.
• Once the data protection policy has been developed, it’s important to educate your employees and explain the consequences that not following the policy will carry.
Unfortunately, no data security plan is foolproof – especially when employees carry laptops from place to place. But with an ILP solution and a data protection policy firmly in place, your chances of experiencing a data leak can significantly decrease.
---
About the Author: David Meizlik is the Product Marketing Manager for Security Solutions at Websense, Inc., the leading provider of web and content security solutions based in San Diego, California. His responsibilities include product positioning, go-to-market strategy and development, market and competitive analysis, program development, and management of all outbound marketing activities for Websense security products. Meizlik served as the marketing manager for emerging business opportunities, and the technology partner marketing manager building the Websense Web Security Ecosystem, an alliance of over 38 technology and distribution partners. For more information about Websense, visit Websense.com.
Protecting Your Business from Today’s Computer Security Threats
The internet security landscape continues to evolve because the threats against computer security keep changing and adapting to the industry’s defense tactics.
From computer viruses to malicious software, the methods used to launch these attacks has increased significantly over the years – so staying up-to-date on the types of internet security threats – and how you can protect your company against them – is imperative.
Internet Security Threats: An Overview
Malicious users make a profession out of hacking and creating software that can be harmful to your security. Some of the most common internet security threats include:
• Spyware. This is any software that secretly gathers information about the user while monitoring what the user is doing on the internet. Spyware transports that information to a malicious user, which can have potentially damaging consequences. Spyware applications are usually downloaded onto a computer with a freeware or shareware program. Once installed, keyloggers are used to monitor a user’s keystrokes and online activity – which is how sensitive information, such as bank account numbers, often make their way into the wrong hands.
• Malicious Software. Often known as malware or simply as a computer virus, malicious software is any type of software that is designed to penetrate or damage a computer system without the consent of the user. Because of its invasive nature, malware often jeopardizes the security of the entire system and is well worth protecting against.
• Phishing. This type of internet security threat, involves a malicious user who tricks someone into giving them confidential information. More advanced malicious users will do something called “pharming,” which uses virus technology to attack the internet browser address bar, so the next time a website URL is typed in, the victim is directed to the criminal’s imposter website instead of the true website.
How to Protect Yourself
In the past, in order to protect your computer and network from malicious activity, you would have had to find a separate solution for each threat. For instance you would have had to purchase computer security software to protect against malware, as well as another solution to protect you against spyware applications.
Fortunately, today security providers like Websense offer security suites that not only protect against a variety of spyware, malware and phishing, but the software will also identify new and evolving threats.
When researching a computer security option, there are a few things you should look for before you buy. For instance, a security solution should:
• Block internet threats such as malicious websites, protocols, applications etc., before they can access the internet gateway and cause damage to your system. You should also find one that will identify e-mail-borne worms in the network and present them to the administrator.
• Proactively find new internet security threats. Make sure your security includes regular scanning of millions of websites so you can stay ahead of the game when new threats arise.
• Monitor activity on e-mail, IM attachments and file transfers to identify threats that could result in intellectual property theft.
• Watch your web server closely and alerts you to possible vulnerabilities.
• Immediately report web server attacks to the administrator and include information about the type of attack while providing recommended actions.
With the right information and resources, you will have the knowledge you need to make an informed decision regarding a computer security solution that works for your organization.
---
About the Author: Chip Epps is the Senior Product Marketing Manager of Websense, Inc. He is responsible for providing strategic marketing direction for Websense products, and evangelizing the effectiveness of its security solutions including Websense Web Security Suite and Websense Express. He is also responsible for developing and directing go-to-market activity (working with local marketing teams and partners) to achieve planned business objectives and growth. Chip writes informational online articles sharing his knowledge and expertise in the fields of software, engineering, internet security and more. For more information about Websense, visit Websense.com.
