Enterprise Digital Rights Management, Solution: How To Avoid The ACS:Law Data Breach

Solution: How To Avoid The ACS:Law Data Breach

After last week’s high-profile data breach at ACS:Law, BT wants to halt legal applications to obtain customer details of people alleged to have take part in illegal online file sharing. The telecoms company called for the moratorium and it is likely that other telecoms companies will follow the same route.

This really should not be a big issue since the solution to solve this problem has been around for a while. It is called Enterprise Rights Management and works on the principle of persistent security which means the data cannot be used beyond what has been specified by the data owner, whether the data is in use, at rest or in motion.

So lets get down to practicalities by asking “How would this work for BT when it comes to sharing confidential data with law firms as a matter of compliance?” The information that BT sends to ACS:Law is most likely to be in a file format sent via email. The enterprise rights management solution chosen will ensure that file sent can be packaged with your own security policy that describes who can open the files for what purpose, e.g. view, print, save, edit, etc.

BT will also be able to monitor the use of the file through an audit log and will be able to withdraw access to the file no matter where the file is located. You can also set up the system so that you are notified by email when anyone accesses the file. So the moment ACS:Law and BT become aware of a data breach the file is immediately disabled by issuing a “no access” on the file.

This solution is so simple to implement and can save a lot of companies from heart ache and potential litigation, at the same time companies like BT are able to fulfil their legal requirements with assurance that it still controls and owns the data.

If you are looking for solution like the one described above contact me and we could work together to put a solution in place to make your data safer. Enterprise Rights Management also has other solutions from controlling the print of documents to ensuring that files in document management systems are encrypted immediately they are checked-out of the system. Act now to prevent recurrence of the ACS:Law data breach.

blog comments powered by Disqus

Welcome to the Enterprise Rights Management space (Also known as Information Rights Management). My name is Peter Abatan, an advisor in Enterprise Rights Management. I believe the potential for Rights Management is still greatly unknown, my prediction is that it will become the security tool that both businesses and individuals embrace.

Watch this space for ideas on how Enterprise Rights Management will become the key to driving new innovations on the web and within organisations.

In this space I would be evaluating software from all vendors namely:-

If you are an Enterprise Rights Management Software vendor and want to be listed please or need help with advice on Enterprise Rights Management click on the contact button on the right hand side of your screen.