Archive

Posts Tagged ‘enterprise-it’

Missing data: An opportunity for Enterprise DRM?

December 13, 2007 Leave a comment

The recent spate of missing computer discs containing personal details of very many individuals, (first by the HMRC and, more recently, by the DVLA), has crystallised the need for better protection schemes around personal data. This could be a golden opportunity for Enterprise DRM solutions, but how…?

The story so far: Last month saw wide coverage of the fact that two HMRC computer discs, containing some 25 Million user details had been lost in the post; and this month, according to BBC News article, the DVLA also admitted the loss of computer discs, with over 6000 driver details, sent via postal courier services. The common theme seems to be around the transportation of computer records on physical media. In this day and age you might wonder why the data was not simply transferred over some sort of secure network, but that would be too easy. In any case, regardless of transportation method or format, the protection scheme used for such valuable personal information should be both effective and comprehensive enough to prevent unauthorised access / use of protected information. This is where Enterprise DRM solutions could excel for the following reasons:

  1. Enterprise DRM provides persistent protection for content both within, and outside, traditional corporate security boundaries (i.e. even on missing computer discs)
  2. It prevents unauthorised access to protected data, and can make it extremely difficult to use or manipulate content without proper authorisation based on positive user identification
  3. It also has facilities to track and stop further access to, and use of, protected content even ‘in the wild’ so to speak.

Essentially, a properly implemented Enterprise DRM solution would play a significant role in mitigating the risk around misuse of protected data in any future scenarios involving missing discs. However, it can be argued that one obvious weakness would be the complicity of an authorised user in accessing the data, but even that can be easily traced with the built-in forensic capabilities found in some of these solutions. In conclusion therefore, I suspect that these two incidents will help bring home the message that the future of DRM does not lie solely in consumer oriented content or media industries, but that it may also be used to enhance existing security for sensitive content in the enterprise space as well. What do you think?

Advertisements

The CTO has spoken!

October 16, 2007 Leave a comment

Those of you that attended yesterday’s CTO talk by Capgemini’s Andy Mulholland will agree with me that it was well worth it. And for those that couldn’t make it there will be an opportunity to download the whitepaper and slides when they become available on the BCS North London Branch’s website. Who says you can’t get value for nothing these days?

And that is the crux of the matter. The fact that much valuable information and knowledge has now become readily and ‘freely’ available means that we have to rethink how much emphasis we place on controlling access and restrictions to it. This is where mash-ups come into its own, because those individuals and organisations that understand and seize the opportunity to dynamically connect and repurpose content across several domains will effectively open themselves up to limitless possibilities in their connected future.

However there is something to be said for taking pains to explore these opportunities in an organised and coordinated manner. This would explain the emerging trend for MBAs to include enterprise architecture course choices in the leading business schools, according to Andy.

So what has this got to do with DRM? Why, everything. I like to think of DRM as an early recognition of the need to translate extant content business models into a content rich digital environment; however as we all know, this does not work if the business models are out-of-step with the times. Just ask Radiohead and the music industry!

Anyway I’ll leave that discussion for my upcoming talk next Tuesday (23rd of October). I hope to see you there.

Mashups incorporated

October 2, 2007 Leave a comment

A major forthcoming event in the BCS North London Branch’s calendar is the CTO Talk by Andy Mulholland, Global CTO of Capgemini. This event provides a unique look at the concept of Mashups in the corporate world. Baffled? Read on to find out more…

First of all, a definition of the term ‘Mashup’ is in order. For those two readers who do not know the meaning of the phrase, a mashup refers to ‘a mixture of content or elements‘ that are combined to create a new (and often innovative) service from multiple sources. The application of mashups in the corporate world is so very ‘2.0’ (amazing how everything now gets that label don’t you think?).

Anyway, this talk will focus on how the rapid evolution of technology and business models are now making it imperative for corporations to make bold decisions in order to adapt and survive ‘the end of business as usual’.

Andy Mulholland is co-author of the book Mashup Corporations, and an expert with many years experience in this field. I will be attending this event with an eye to understanding how this mashup concept can be applied to the use of DRM in the corporate environment.

(Disclosure: I am a consultant and architect in Capgemini, and also a committee member of the BCS North London Branch as well as coordinator for this event!)