News   Features   White Papers   Research Reports   Web Events   Conferences  
September 14, 2011

Table of Contents

Enterprise Search Summit Expands to Europe
Securing documents in the WikiLeaks era, Part 2
Coveo extends apps to mobile users
ISYS Document Filters for Attensity
Attivio for big data
Improved legal hold from StoredIQ
ESI forensic services and appliances from Integreon
Cutting through content clutter
Law firm eases the search for information

Enterprise Search Summit Expands to Europe

Join us in London this October for two days of plenary and panel sessions, technical and implementation tracks, and case studies from corporate, public sector and not-for-profit organisations, supported by a range of networking opportunities to promote debate and dialogue and help you to learn from your peers.

Topics covered include:

  • multilingual search
  • open source search applications
  • federated search
  • search centres of excellence
  • search business case development
  • mobile search
  • SharePoint search
  • technology trends
  • enterprise search analytics
  • search based applications
Enterprise Search Europe, 24-25 October 2011, Hilton London Olympia.

Back to Contents...

Securing documents in the WikiLeaks era, Part 2

[Editor's Note: In the first installment of this two-part series in the June 2011 issue of KMWorld, author Robert Smallwood wrote about the critical nature of electronic document security, the use of enterprise rights management (ERM) software in safeguarding information and Microsoft's role in the ERM market. The second part of this series includes a sampling of other vendors in the e-document security space.]

In addition to Microsoft, Adobe is a major player in enterprise rights management (ERM). Adobe has a large installed presence of its LiveCycle Rights Management, which provides data-centric security with user access and control policies to documents. It supports various types of data including PDF and Flash Video-and also native formats including Word, Excel, PowerPoint and select computer-aided design (CAD) and computer-aided three-dimensional interactive application (CATIA, marketed by IBM) output formats. This is done by the client software that authenticates users with the server when opening up a document. It can provide protections without server interaction over a specified period of time. LiveCycle Rights Management includes detailed audit trail reporting for rights protected information, document version control and expiration, and dynamic watermarking.

Early entrants into the enterprise rights management marketplace included Sealed Media, which was acquired by Oracle ( in its early 2006 acquisition of Stellent, and Authentica, which was purchased by EMC later that year. But the promised integrations and additional development have apparently been slow to arrive.

Steve Coplan, a senior analyst at The 451 Group, says, "Looking at the ERM technology acquisitions that Oracle and EMC made, they really haven't done much additional development or integration, and, in fact, most of the original development teams have moved on. As a result, the technology has gotten a little long in the tooth, and they're falling behind, compared to the competitive field."

Brian Hill, senior analyst with Forrester Research, agrees, "It's fair to say that some of the infrastructure vendors who acquired ERM companies have fallen short on the promise of integration with their enterprise content management offerings and improved ease of deployment, which would allow for more widespread adoption. This has opened the door for other players in the market."

Rising stars and additional players

Some of the rising stars and additional players in the enterprise rights management market include:

Avoco Secure offers enterprise rights management software to link security policies to an individual's or group's identity to enforce the access to and use of digital assets, but it goes further, offering digital signing and information card provisioning linked to digital identities. The software uses an individual's (or group's) identity and other forms of authentication to enforce security policies for access control or verified digital signatures. The software encrypts content and authenticates users to control what they are allowed to do with that content. Customers are able to design completely electronic steps for processing transactions.

The company began with supplying the software to the defense sector and expanded into commercial applications. It reaches its customers through a partner network. Avoco Secure's suite of products allows digital signatures to be added to content (a digital signature is the equivalent of a handwritten signature that can be used to sign a digital document on a computer or online, so that documents no longer need to be printed, signed and mailed or faxed back-making it possible to create workflow systems that push documents along the signing process, while maintaining an audit trail of signatures).

Its product, secure2sign for Word, allows users to digitally sign a MS Word document or form using a digital certificate to identify the signatory. It supports multiple signatures on a document as well as sectional signing--both features are requirements if a document is to be part of a workflow process involving multiple parties. In addition, it allows signatories to apply a time-stamp, at the time of signing. Avoco Secure also offers that capability for MS Excel documents, and HTML or xHTML web forms, which is useful in applications such as insurance claim submission and mortgage loan applications.

Check Point Software Technologies has an appetite for acquisitions: Last year it purchased an early entrant in the enterprise rights management market, Liquid Machines. In 2009, it bought FaceTime Communications' application database and Nokia's Security Appliance business. In response to an inquiry, the firm issued the following statement: "In order to protect corporate data, computers, devices and infrastructure, organizations need to deploy a holistic and multilayered security approach. The first step is to define and implement strong data security policies. Businesses need to establish the appropriate privacy settings and clearly define who is entitled to access specific types of information, as well as what confidential data is visible and to whom. Second, businesses need to implement specific data security solutions that secure their sensitive data in multiple forms and throughout its life cycle: data at rest, data in motion and data in use. They must choose an approach that can effectively prevent data loss before it occurs, rather than just detect it, after it occurs."

Covertix is led by CEO Alon Samia, who says, "Our software is next-generation enterprise rights management, as compared to the offerings of the major infrastructure and content management vendors." When asked to define which features set his firm's software apart from established players, Samia replies, "We do content- and context-based policy assignment. The owner of the document can decide context level rules, which means not just who, but where--that is, it's not just who you are, but where you are. So, for instance, you may be able to print a financial document in the accounting department, but not in the IT department. Or you may access a file on your desktop, but not on your laptop. Everyone now knows that even authorized users can go bad and misuse internal documents, or leave the organization and take them with them. It happens every day."

Samia believes that part of the problem with flagging ERM implementations lies not only in the complexity of policy management, but in the actual approach to ERM projects, "Implementing this type of security requires a phased approach," he says. "You have to pilot and fine-tune. For instance, some ‘violations' are actual valid uses, so you have to go back and refine your policies. And you continue to do that as you roll out the system to handle more document types and departments."

FileOpen Systems is an early provider of rights management, with deep Adobe roots. It delivered protections for Adobe products initially in 1997. Since then, the firm has added support for MS Office, BlackBerry and other formats. Although noted analysts assert that Microsoft leads this market, FileOpen may be flying underneath their radar, claiming to have millions of users in more than 1,000 corporations. Customers have the choice from toolkit, server or hosted options. The software utilizes its own proprietary viewer, which obviates the need for client software.

Elizabeth Murphy, VP of sales and marketing, says, "We've experienced a significant sea change in recent years caused by high-profile security leaks and loss of revenue due to piracy of intellectual property and online document sales. What's becoming more and more apparent is that the exchange of electronic data is so widespread and so easy that it's impossible for most companies to protect without implementing security tools."

GigaTrust has close ties to Microsoft, stating it is "the only provider of ‘intelligent rights management' that extends and enhances the capabilities of Microsoft's RMS." GigaTrust's technology is based on XrML (extensible rights markup language), although that standard "never really went anywhere," according to Coplan at The 451 Group. He describes GigaTrust as "a pure-play ERM provider." The ERM software is deployed through Microsoft Windows and Microsoft Office. The company did not respond to press inquiries, but according to its website, GigaTrust's client-server architecture automatically applies policies to Outlook-based e-mail and desktop files, including non-Microsoft Office documents on PCs running Office 2000 or Office 2007. The GigaTrust Web filter software dynamically applies the same policies to content delivered from databases, Windows, SharePoint Services portals and websites using Internet Information Services (IIS).

InDorse Technologies has caught the eye of some leading industry analysts with its ability to make file protection simple and scalable in an increasingly Web 2.0-enabled, device-agnostic, cloud-based business environment. Rob Marano, president and CEO, says, "Our company was founded to provide solutions that protect a company's important files without disrupting business flow or requiring intensive network configuration. In today's increasingly cloud-based and SaaS-based business environment, files are being shared more and more to conduct business. However, traditional information security solutions are unable to handle the move from silo-based IT security to the cloud. Given the shift away from internal servers, it was important to create a solution that was in lockstep with this trend. InDorse was built with the mindset that no software would be required and users would not be forced to change their daily routine."

When InDorse's ERM software is deployed, even authorized users are stopped from downloading large quantities of files in limited settings from remote locations. A trail of forensic data that captures who is downloading or opening files provides immediate accountability--before files can be leaked. What sets the company apart? Marano says, "InDorse products do not require any client software, automatically enforce usage and protection policies for sensitive business files, and actively and passively track and trace the files for life."

NextLabs began as a provider of data loss prevention (DLP) solutions, then moved upstream into enterprise rights management to offer a more complete security solution, which it terms "information  risk management." The software is based on eXtensible Access Control Markup Language (XACML) from the standards body OASIS ( XACML is a way of articulating policy, a core XML schema for representing authorization and entitlement policies, which allows standardization of access control routines across platforms.

Although players like Oracle are involved in XACML, NextLabs is currently the only company offering ERM based on the standard. That standardization and simplification allows for a drastic reduction in policy creation and maintenance. What else is unique about the firm's approach? Andy Han, VP and GM of products with NextLabs, says, "We offer transparent rights management, and we're able to apply rights to any file type or any application. We have ‘content awareness' built in, so based on the context of the file, we can determine rights. Also, we don't base policies on individual user identities, but base them on attributes and roles, so it is much more flexible and easier to maintain."

Zafesoft offers "the only solution that provides content security with edit," according to the website. "Users can edit, copy, paste, etc. All information remains ‘zafe' (fully secure), including copy of copies and derivatives taken from one file to another." ‘Zafed' content looks and behaves like the original, and is encrypted locally. Sandeep Tiwari, CEO, says, "We secure information in its native format, allow users to access and edit documents in their native format--we don't force them to use a proprietary viewer." The solution is cross-platform, supporting Windows, Mac and Linux. Presently, Zafesoft has fewer than 10 customers, but it had only been marketing the product for several months at press time. The Autonomy pattern search engine is used to search content for patterns and to secure the content.

Forrester's Hill sums up the enterprise rights management marketplace this way: "ERM products are still mostly geared toward protecting documents inside an enterprise. Our customers tell us it's still just too difficult to share documents across company boundaries, even with enhancements like MS Active Directory federation services. We expect new lightweight collaboration features will allow for more casual business-to-business collaboration, without requiring armies of lawyers and IT staff. In our view, purchases of one-off ERM solutions will trail off, in favor of more complete solutions, such as those integrated with DLP technology, content management infrastructure and other risk mitigation solutions."

Organizations will struggle with securing internal documents and sifting through the myriad of security solutions available, but the bestsecurity tool is to make information governance a priority, a part of the organization's culture.  

Back to Contents...

Coveo extends apps to mobile users

Coveo has unveiled mobile versions of its Knowledge 360 Solutions and Enterprise Search 2.0 platform via mobile smartphones and tablet PCs. The offering now supports BlackBerry OS 6.0, the iPhone, iPad and Android.

Coveo explains its new mobile solutions give field service and sales organizations access information on customers, cases, solutions, prospects, etc., from nearly any enterprise system—including e-mails and files from offline PCs—directly from their mobile devices.

The company also highlights the new apps’ ease of use, offering document quick views, business analytics and guided navigation, which, it says, dynamically computes sums, averages, minimum and maximum values, numerical ranges, etc.

Back to Contents...

ISYS Document Filters for Attensity

ISYS Search Software reports Attensity has selected ISYS Document Filters to provide embedded text extraction capabilities for its suite of customer experience management solutions.

Attensity says its applications are designed to help companies “listen, analyze, relate and act” on customer intelligence, which it says is often found in silos across the enterprise or dispersed among online channels such as blogs and social media networks. By selecting ISYS Document Filters, Attensity’s solutions can extract full text and make meaning of content found in these unstructured sources.

ISYS highlights the following capabilities of Document Filters:

  • enterprise format support—more than 400 common and legacy file and e-mail formats supported, plus archives and containers such as ZIPs and MSGs;
  • deep inspection of content—mine previously hidden content, including Tracked Changes, Comments, Notes, Annotations and Embedded Web Links;
  • comprehensive platform coverage—Windows, Linux, Mac OS, Solaris, HP-UX and AIX; and
  • full support—high-definition rendering of text and coverage of all character sets and encodings, including Unicode.

Back to Contents...

Attivio for big data

Attivio has released Active Intelligence Engine (AIE) Extreme (XT) Modules for big data, which are designed to provide customers with greater access and contextual insight into the skyrocketing volume of data facing today’s organizations.

AIE XT deploys advanced text analytics, such as entity extraction, key phrase detection, ontology support and sentiment analysis to discover vital business signals from unstructured content such as documents, e-mails, SharePoint, Web content, surveys and call logs. Attivio says AIE's schema-less design integrates those signals with a wide variety of big data sources, including Hadoop, HP Vertica, EMC Greenplum, Oracle Exadata, IBM Netezza and more.

Attivio reports the AIE XT Modules include:

  • AIE Recommendation Engine—drives increased online buying and consumption by analyzing behavior to identify items that others who followed a similar path ultimately purchased or read, or to identify relationships based on metadata (genre, author, concepts, people, etc.);
  • AIE Classification Engine—adds intelligence to content by automatically categorizing documents according to pre-built classifications or custom models;
  • Cloudera connectors package;
  • individual Hive, HDFS and Hbase connectors; and
  • XT Services & Assessment Pack.

Back to Contents...

Improved legal hold from StoredIQ

StoredIQ has announced an enhanced release of StoredIQ Legal Hold, a solution for managing the entire legal hold process. From notification, to tracking acknowledgement, to analyzing custodial data, and finally collection and preservation, legal and IT users can gain complete control and insight into the duty to preserve process with a reliable, repeatable and auditable solution that seamlessly integrates hold notifications with the collection and preservation of data.

Fully integrated with DiscoveryIQ, StoredIQ's e-discovery application, companies can ensure compliance with case law, the company claims. Organizations can initiate hold notifications, track acknowledgements, perform early case assessment across all matter relevant data, and perform single-instance collection to a secure retention platform.

Back to Contents...

ESI forensic services and appliances from Integreon

Integreon has unveiled an enhanced version of its Seek & Collect service and appliances. The company reports Seek & Collect captures electronically stored information (ESI) from remote locations in a forensically sound manner without the need for physical collection by forensic experts. Version 2.0 builds on V. 1.0 and features multiplatform support, collection for much larger data sets, stronger encryption technology and a simpler, more flexible configuration utility, according to Integreon.

The company adds that its “plug-and-play” Seek & Collect appliances have been designed to simplify the e-discovery collection process and provide Integreon clients with targeted, defensible data collection from multiple unique data custodians across their global enterprises. The Seek & Collect technology, which can be installed on a wide range of storage media including USB memory sticks and external hard drives, executes automatically when connected to a computer to capture ESI.

Integreon explains that Seek & Collect works by making logical copies of specified files and their directories without altering dates or metadata to avoid data spoliation, while creating a unique hash value for each collected file (using MD5 hashing algorithms). The entire dataset is copied into an encrypted archive container for secure transport, and the container is then returned to Integreon’s evidence labs via courier.

The captured ESI is stored in Integreon’s highly secure evidence room with a closed IT network. Throughout the entire process, Integreon strictly adheres to the standards set forth by the National Institute of Justice for preserving the authenticity and integrity of evidence, and follows Integreon’s own strict methodology for preserving data integrity and chain of custody.

Back to Contents...

Cutting through content clutter

As part of its Pervasive Engagement Management initiative, SDL has announced targeting, profiling and personalization (TPP) tools for marketers. The company says from the initial click, TPP begins building a holistic view of the visitor on any channel, offering the most relevant and engaging content. TPP is integrated with SDL Tridion, a targeting, multi-site and multilingual site management solution.

SDL says personalization has changed throughout the years from user-driven preferences to a more dynamic TPP model that incorporates various sources such as user input and behavior monitoring. The company says its TPP solution is an organic approach to profiling relevant data from a vast array of data sources, ranging from leading CRM systems, search information, Web analytics and e-commerce applications.

Back to Contents...

Law firm eases the search for information

To enhance its knowledge management and enterprise search functionality, the international law firm Allens Arthur Robinson has deployed several offerings from Recommind. The firm has chosen Recommind’s Decisiv Search, Matters & Expertise and the QwikFind toolbar, based on its CORE (Context Optimized Relevancy Engine) platform. The deployment is intended to provide law firm employees with more sophisticated information management capabilities.

According to a press release from Recommind, its predictive information management software will be available to Allens Arthur Robinson’s 1,800 employees in 14 offices throughout Australia and Asia. At first, Decisiv Search will be run over the firm’s existing knowledge repository. Later, the Matters & Expertise module will be added, to overhaul the enterprise search process. With the module, employees can easily locate colleagues with the most relevant experience and knowledge to answer a specific question, regardless of where they are based.

Rachel O’Connor, director of knowledge services at Allens Arthur Robinson, says, “During our evaluation, we were extremely impressed with the capabilities of Recommind’s solutions. It was clear that the company really understood our requirements, and the performance of the technology demonstrated that it was tailored to our needs as a law firm. The collaboration, the wealth of experience and the ease of implementation that were offered were very attractive.”

Back to Contents...
[Newsletters] [Home]

Problems with this site? Please contact the webmaster. | About ITI | Privacy Policy