Aberdeen has previously described how enterprise content management (ECM) solutions can help organisations drive business value from its unstructured data by integrating enterprise content into essential applications and workflows. In this report, Aberdeen explores the security and compliance capabilities that companies should look for in ECM solutions to sustain and manage risk.
Security and Compliance Capabilities for Enterprise Content Provide an Essential Foundation for Trust, and Reduce the Risk of Data Loss or Exposure
Foundational Information Security Capabilities: The C.I.A. Triad
ECM solutions that include the foundational capabilities of confidentiality, integrity and availability not only help to satisfy the requirements from regulators, auditors, partners and customers (compliance), but also help to reduce both the likelihood and impact of a potential compromise of sensitive business data (risk).
Additional capabilities to look for from ECM solutions include discovery, classification, governance, and technical controls. Aberdeen’s research has shown that only a minority of survey respondents have currently implemented all of these capabilities (see Figure 1).
Safeguarding Sensitive Data: Six Basic Strategies
There are six basic strategies when it comes to addressing the challenges of simultaneously sharing and protecting an organisation’s sensitive data:
Putting it All Together: Security Capabilities to Look for in the Context of Enterprise Content Management Solutions
At a high level, ECM solutions are commonly described in terms of “action verbs”: capture, manage, store, preserve, and deliver. In Table 2 Aberdeen highlights some of the capabilities that enterprises should look for from its ECM solution providers.
Enterprise content management solutions that include fundamental security capabilities not only meet compliance requirements but reduce the risk of sensitive business data being compromised. For new ECM initiatives, security capabilities are a significant consideration for differentiation – and for the majority of existing ECM implementations, security represents an incremental improvement.
Aberdeen Group has been an international research partner of Nebula since 2010. With thousands of research documents, growing daily, Aberdeen’s research library helps enterprises and service providers discover the priorities and strategies of best-in-class enterprises.
Besides Nebula’s insight and research services, we also provide services to help large enterprises assess, optimise and manage their enterprise ICT environments.
Should you be interested in finding out more about Nebula’s services or discussing this research, please send us an email indicating your requirements to ContactUs@nebula.co.za.