Upload
kaden-ballard
View
96
Download
3
Embed Size (px)
DESCRIPTION
EMC Documentum Trusted Content Services. EMC Documentum Trusted Content Services. - PowerPoint PPT Presentation
Citation preview
1© Copyright 2008 EMC Corporation. All rights reserved.
EMC Documentum Trusted Content Services
2© Copyright 2008 EMC Corporation. All rights reserved.
EMC Documentum Trusted Content Services
Risk Minimization Information security breaches exposing personal data, classified documents, credit card information, and financial documents can cost a company millions of dollars.
Regulation Compliance Increased regulation around the capture, storage, and retention of information has increased the demands on IT departments to ensure companies are in compliance.
EMC Documentum offers unparalleled protection for the most security-conscious organizations. Trusted Content Services extends the already robust security features of the content server with enhanced access controls and encryption.
2
3© Copyright 2008 EMC Corporation. All rights reserved.
EMC Documentum Trusted Content Services
Encrypted File StoresDocumentum products encrypt all data traffic. With Documentum Trusted Content Services (TCS), the content files can be encrypted as well.
Electronic SignaturesDocumentum Trusted Content Services provides the capability to sign documents electronically.
Logic-Based and Dynamic Access ControlsThe additional access controls in TCS give organizations the ability to define entitlements at a more granular level.
Digital ShreddingTrusted Content Services’ digital shredding irrevocably destroys content at an operating system level by overwriting the data on the storage device.
4© Copyright 2008 EMC Corporation. All rights reserved.
Data Encryption: Content and Communications
Encryption of content files– Algorithm used = 3DES-CBC, Key length = 192-bit (168-bit effective)– Selective by file store– Full-text search still enabled– Accessed by users and applications as if unencrypted
Benefits– Ensures content security even if OS security is compromised– Protects against “rogue” administrators– Secure backups– Secure storage media disposal
Encrypted File StoresDocumentum products encrypt all data traffic. With Documentum Trusted Content Services (TCS), the content files can be encrypted as well.
5© Copyright 2008 EMC Corporation. All rights reserved.
Digital Shredding
Permanently destroys file data as a result of issuing OS delete/unlink command
Shreds content on both file systems and content addressed storage (EMC Centera)
Supports record management applications
Number of overwrites is configurable (default is 3X)
Digital ShreddingTrusted Content Services’ digital shredding irrevocably destroys content at an operating system level by overwriting the data on the storage device.
6© Copyright 2008 EMC Corporation. All rights reserved.
Logic-Based and Dynamic Access Control
TOP SECRET
Dynamic access based on variable parameters such as time, geographic location, and login connection
Multi-dimension groupings– “Top Secret” AND “U.S. Citizens” – “In U.S.” OR “in Japan”
Configurable default to highest or lowest access designation
6
Logic-Based and Dynamic Access ControlsThe additional access controls in TCS give organizations the ability to define entitlements at a more granular level.
7© Copyright 2008 EMC Corporation. All rights reserved.
Logic-Based Access Control Example
M&A Project
Sales OR Services
Vice Presidents
Operations Staff
Executive VPsor Officers
Executive VPs or Officers
Not in Sales and not in Services
VPs who are also members of Operations Staff
Invite all users who are:
8© Copyright 2008 EMC Corporation. All rights reserved.
Electronic Signatures
Approval signatures securely linked to document
Modification attempts invalidate signature
Display signature information when viewed:– Full name– The date and time of the signing– The justification for the signature
Define valid signatories for document types
Compliant with regulatory requirements such as FDA’s 21 CFR Part 11
Electronic SignaturesDocumentum Trusted Content Services provides the capability to sign documents electronically.