A recent report unveiled at the RSA Conference showed that 54% of organizations cite security concerns as their biggest barrier to adopting cloud services. Highly regulated industries, such as financial services for example, also have greater compliance concerns when it comes to “tracibility” – that is, being able to account for where a document lives online.
In response, SpringCM, a provider of content cloud services for the enterprise, has enhanced security capabilities across its cloud application and infrastructure. These changes are designed to allow users to manage secure, synchronized access to content from any mobile device or application. They also provide enterprises control over critical-path content and prevent sensitive data from “walking out the door.”
“Last year companies were saying, ‘I’ve got a lot of content in old school systems, hard drives, shared drives, laptops, you name it, and now I’m discovering I’ve got content in Dropbox, Box, Yousendit?" said Ben Kiker, Spring CMO, to Mobile Enterprise. The response from business admins, he said, becomes, "I have to get my arms around this.”
The security model now includes:
Mobile Device Management: IT can control which devices – iOS, Android, Windows or Mac – are allowed to store content and to instantly wipe files, revoke a device, or all devices at once, when lost or when an employee is terminated. Admins can also see what activities their mobile users perform inside the app on their devices and take proactive action.
Secure Content Synchronization: Enterprises can control which content can and cannot be synced based on file, folder or attribute value.
Protocol Compliance: SpringCM received audit reports for both the Statement on Standards for Attestation Engagements (SSAE) 16 Type II and for the Service Organization Controls (SOC) 2 Type II. SOC 2 compliance was reviewed under all five principles, including availability and processing integrity.
Going forward, SpringCM is currently investing in implementing more advanced capabilities, including multi-factor authentication, role-based content access controls and others that will be available in the near future.