Managing Information Risk in the Extended Enterprise: Why Corporate Compliance and IT Security Must Join Forces

Jan 01, 2012

Download It's no secret: end users take huge security risks in order to get their jobs done. One of the biggest sources of information risk companies face is collaboration with externals. Companies can't operate without sharing sensitive information with strategic partners, regulatory authorities, board members, consultants, acquisition partners, contractors and legions of other individuals outside the corporate network.

But without a safe means to do so, how do employees share sensitive documents? Too often, by sending email attachments or by signing up for online collaboration portals without regard to data protection, access control, service level, or security certification.

How does business take advantage of the wealth of benefits that online document collaboration promises, while avoiding the compromise of confidentiality, integrity, and availability of critical business information?

This white paper by Michael Rasmussen, J.D., CCEP, OCEG Fellow, describes the risks introduced by current document sharing practices, and how compliance and IT security must work together to mitigate information risk while improving their organizations' efficiency and competitiveness.