Are your digital assets protected?
It should come as no surprise that digital asset management (DAM) and digital rights management (DRM) are quickly emerging as the "have-to-have" content management tools of the year. Considering the implications of everything from RSS feeds (outgoing and incoming) to intranets to portals, efforts to control and protect oneself from liability have become front-of-mind for many information managers.
But are existing content management tools up to the job? Depends on whom you ask, of course. But a recent survey could shine a bright light on the perceived shortcomings of today's standard enterprise content management (ECM) software when it comes to digital rights management.
First of all, what do we mean by "digital rights management"?
Sometimes also known as "digital asset management," it is an additional layer of control and protection above and beyond the standard publish/retrieve/check-in/check-out/retain functions that are presently available from content management systems. DRM implies that the information in question is especially sensitive (such as internal board-of-directors communications), or susceptible to a higher level of regulatory compliance scrutiny (such as Sarbanes-Oxley documentation), or at high risk of becoming part of a legal discovery motion. Other content that may be under DRM control could be revenue-generating content (in the case of an information provider) that is simply too valuable not to apply additional controls to its access and distribution.
Naturally, content management vendors will maintain that their products are adequate to the task. And in fact, much very sensitive documentation--such as contracts, legal proceedings, HR and personal health-related information--ARE regularly trusted to be maintained and controlled by such systems. And records management (RM) software is commonly applied to the retention and disposition of content according to the many regulations and practices associated with RM.
But it's also becoming clear that information professionals feel the need to apply even more stringent controls on their most sensitive content. A February 2006 survey of CIOs commissioned by SealedMedia, a vendor of DRM solutions, indicates that the IT management and staffs at large companies are less than completely comfortable with their enterprise document and content management systems.
According to the survey, most particip ants felt that their respective ECM system meets their basic needs. But 76 percent of participants are seeking additional content protection and control functionality. Moreover, ECM systems are often too complex and expensive for enterprisewide deployment. Some bullet points from the results:
- CIOs revealed that only 45 percent of their employees use ECM systems, leaving 55 percent of employees on their own to deal with content and digital rights management issues.
- About 50 percent of their employees store sensitive information outside the ECM repository, leaving organizations vulnerable to information loss or manipulation.
- Forty-three percent of sensitive corporate information is never intended to reside in the ECM repository, begging the question: Where should it be stored and how should the information be protected?
- Eight out of 10 participants are interested in functionality that would allow them to protect content once it is checked out of the ECM system.
- Sixty-nine percent are more interested than a year ago in protecting content outside the ECM repository.
- Seven out of 10 would like to use their ECM system to protect and control documents outside the repository … but presumably don't feel comfortable doing so.
The survey involved 29 CIOs from companies that have invested $1 million or more in enterprise content management systems. Survey participants represented 12 Global 500 companies and five Fortune 50 companies, with the remainder being from midsize organizations.
On a scale of 1 to 8 (1=least important, 8=most important), CIOs were seeking content management systems that would:
- ensure ISO 17799 compliance (6.03 on a scale from 1 to 8)
- protect intellectual property when outsourcing or offshoring (5.52)
- protect board and executive communications (4.a79) and
- improve workflow process automation (4.41)
Survey respondents were apparently sensitive to the "image" question. According to the replies, CIOs had major concerns about the consequences of leaked enterprise content, and how it can potentially damage the reputations of executive officers and the IT department (6.38 on the scale of 1 to 8). CIOs were also concerned about how leaked information can erode shareholder confidence (5.31) or ultimately cause the loss of trade secrets and intellectual property (5.24).
Overall, says SealedMedia, survey participants were most concerned about information being at risk of improper exposure, manipulation or distribution, while it is being edited or collaborated on (38 percent of respondents) and when the final content is distributed (28 percent).