Continuous Data Security & Data Protection

Using DRM software for continuous data protection & data security

When you are looking for continuous data protection, you soon discover that this tends to mean related to backup and long term storage, and not to information currently in use. Typical security ‘controls’ do not apply continuous data protection to files. So if a file is transferred to another computer or storage device the data protection ceases. It can also happen that the user, while using a document, can make a copy or send a copy to someone else by email.

These problems also exist for continuous data security. It seems that data security mechanisms are all focused on stopping access rather than controlling use.

One of the big advantages of Digital Rights Management (DRM) as against ordinary security is the continuous data protection aspect of its controls.  DRM controls are continuous, so they support continuous data protection and continuous data security.

Generally, DRM controls are applied at a document level rather than to specific data within the document.  Although in theory you could label all individual data items for individual protection, in practice the administration becomes rapidly very complex and the management of data within a document cumbersome.  There has been work on this concept in Multi-level Security (MLS) but it has not been satisfactory in various information sharing scenarios.

DRM controls at a document level can be made to persist because they contain active components that prevent control removal. For instance, a user can be prevented from removing the controls, and thus be prevented from bypassing the continuous data protection being provided.  So, for instance, an authorized user is prevented from breaking the continuous data protection of personal information by passing to an unauthorized third party.

Using DRM controls you can allow the addition of watermarking protected information, which may be used (as it is with banknotes) to authenticate the information as part of data security protection – demonstrating that it has not been forged.

So continuous data protection and data security protection are more readily achieved through DRM controls (that enforce overall document security labels) than by other techniques.