Get Aligned!

Sharing sensitive information with people that are supposed to have it, while at the same time keeping it from people that aren’t, has been one of the toughest problems facing white-collar workers for as long as anyone can remember.  Since the 1960’s, the concept of a having a multilevel security system (MLS) in place to outline the ‘need to know’ matrix for controlling use of sensitive data has been considered a must-have process. Under an MLS structure, both people and information are classified into different levels of clearance (people) and sensitivity (information).  As a result, data classification schemes such as “Public”, “Internal Use Only”, “Confidential”, “Secret”, and “Top Secret”, along with restricted access to those levels based on clearance, have become the baseline of most world-class information security policies.

According to an MLS-based security policy, before users are allowed to look at classified information they must have the right clearance to enable them to use that sensitive data. As an example, users with a “Confidential” clearance are authorized to see documents classified as “Confidential”, but they can’t see/use “Secret” or “Top Secret” information (just like any outsider wouldn’t be able to do so without clearance).

To make this paradigm accessible to virtually any organization, RightsWATCH delivers the complete data-centric information security spectrum of dynamically identifying sensitive/confidential information, classifying it into the right level (according to policy), marking/tagging that information, and encrypting it with the world-class encryption technology in Microsoft’s Azure Rights Management Services so that only those who have express authority to use that information can do so.  All without user involvement required.  With RightsWATCH and Azure RMS, even if sensitive data is somehow leaked, it is totally un-useable by any unauthorized parties into whose hands it may fall.

RightsWATCH enforces your custom MLS data classification model, providing access to data based on its level of sensitivity matched with a user’s credentials to ensure a “need-to-know” basis for sensitive data.  With this approach, you are assured of protecting data privacy and achieving regulatory compliance.  RightsWATCH delivers the ability to grant or revoke each user’s access with multiple security clearances at a given moment in time or based on a specific role performed.

Since each organization is different in its MLS definition and approach, RightsWATCH enables customized and granular definition of your MLS, classifying data not only into levels of sensitivity but also segmenting access by ‘scope of reference’ such as by department (HR, Finance, R&D, etc.) or by project (M&A, product launch, etc.).  With RightsWATCH, the organization has the ability to define multiple levels of segmentation of classification such as “Scope” and “Level” in establishing a rich, automated classification system.  Users are then granted role-based access to the company, scope, and levels of information appropriate to their functions.

Leveraging data classification and information rights management in a single solution, RightsWATCH keeps sensitive data safe and secure independent of its state: at rest, in motion, or in use. Further, sensitive data is always protected, even if it exists totally outside your ‘secure’ network perimeter.


Back to List

Related Stories

Security on the move

Security on the move

The ability to stay secure and productive anywhere, on any device is of great and growing importance to all businesses.

We look at the fi…

Read Post

Business Benefits of Microsoft Azure

Business Benefits of Microsoft Azure

Connecting Clouds: The growing pains of cloud adoption continue as organisations realise that a single solution of either Private Cloud, Dat…

Read Post

Understand & improve your security posture

Understand & improve your security posture

Gain deeper visibility into and take control of your security.

Assessing your security posture is an ongoing challenge. Increasingly soph…

Read Post

Artificial Intelligence

Artificial Intelligence

Artificial Intelligence (AI) and Machine Learning (ML) are fast becoming important pillars of many organisations’ digital transformation s…

Read Post

IT Risk Management

IT Risk Management

With today’s pressures of compliance, cybercrime and customer demands organisations can no longer afford to have ad-hoc IT Policies and IT…

Read Post

Team Talk

Team Talk

Whether you use Office 365 or not; Microsoft Teams is free. That’s right, free. As in £0. Microsoft Teams is a hub for teamwork. Keep all…

Read Post

Office 365 Powers Ahead

Office 365 Powers Ahead

Microsoft release a quarterly report each month and within the latest quarter (April, Q3 2019) of the Earnings Call section it’s more good…

Read Post

Protecting Your .UK Presence

Protecting Your .UK Presence

The clock is ticking on who can register a .UK domain in your name.

Nominet, the governing body of UK domain names, released shorter .UK …

Read Post

Checklist to Digital Transformation

Checklist to Digital Transformation

Digital Transformation is the novel use of digital technology to solve traditional problems.

It’s about finding new ways to deliver valu…

Read Post

AWS, Azure & Google: A Public Cloud Comparison Report

AWS, Azure & Google: A Public Cloud Comparison Rep…

The three leading cloud computing vendors, AWS, Microsoft Azure and Google Cloud, each have their own strengths and weaknesses that make the…

Read Post