Jenna Hafey, sales manager of the Adobe team at Carahsoft, wrote in a blog entry posted Friday that she believes public sector organizations should incorporate security into their content creation, collaboration and consumption processes.
“Data-centric security should be the default approach in the public sector, especially to protect personally identifiable or classified data that will inevitably be on the move in today’s interconnected and mobile world,” she said.
Adobe identified content management, digital rights management and continuous monitoring as three key dimensions to “holistic” data protection that Hafey believes can work to help organizations to comply with the White House’s Cybersecurity National Action Plan and the Office of Management and Budget‘s Circular A-130.
Hafey noted that data-centric security and content management efforts should include strong authentication, metadata, object level access and audit logs to help organizations minimize the risk of threats.
She cited persistent protection of access at the file layer, access control, access revocation, audit logs and authentication as essential elements of a digital management program.
She added a continuous monitoring program that features visualization, anomalies, affinity and notifications can help organizations to reduce opportunities for employees to purposely or accidentally compromise data.