|
Enterprise Information Protection (EIP) is an emerging, fast-growing market driven by a new wave of technology, business, and regulatory trends as well as new threats such as APT. EIP’s essential difference from what came before lies in EIP’s shift from infrastructure-centric to data-centric security supported by effective enterprise-wide processes. Rather than continue in the old and inadequate tradition of protecting disparate infrastructure elements, EIP focuses on:
- Discovering and classifying sensitive data by context and content to gain visibility into how it is used by end users including employees, contractors, partners, and outsourcers.
- Providing actionable decision support for assessing the risk associated with the sharing of sensitive data, enabling managers to make informed business decisions and creating effective data security policies
- Implementing automated policy-driven information protection and driving accountability down to the user, resulting in voluntary compliance and increased risk-aware behavior
- Alerting, blocking, and recording high-risk behavior, ultimately preventing costly and damaging data loss incidents
EIP looks holistically at defining and mitigating the risk to sensitive information moving across complete business processes and multitudes of end-users worldwide as part of a strategic and unified information governance program. It moves beyond the walls of a conventional enterprise to include knowledge sharing across joint ventures, supply chains, and partnership and outsourced environments, enforcing the proper, secure, and compliant use of information. EIP solutions enable global companies to create and deploy effective strategic information governance programs that improve business agility while reducing overall costs and risks by:
- Enabling secure knowledge-based collaboration
- Reducing IT infrastructure and operational costs
- Reducing the frequency and amounts of data and transactional losses
- Improving the risk posture and compliance level of an enterprise
EIP technology is designed to create a foundation on which processes can be developed that will ultimately become a critical element in the overall data security program of a large global enterprise. This integration of technology and process is essential to fostering organizational behavior that supports the protection of the enterprise’s most sensitive data and creates an environment that offers a real solution to mitigate existing and emerging threats to data including APT and other advanced cyber attacks.
Next: EIP Methodology |
