Read the original press release
This article is also featured in Lanline and IT Daily.
The digital working world is hardly imaginable without content collaboration. However, when working together on documents, companies are subject to numerous regulatory requirements. The GDPR obliges them to protect personal information, and the upcoming NIS-2 directive imposes strict data security requirements on operators of critical infrastructures. In addition, companies must adhere to agreements with customers, partners and suppliers to handle sensitive data confidentially.
To meet these requirements, organizations should develop a comprehensive data strategy and derive policies for managing and protecting data throughout its lifecycle. Their content collaboration platform should then efficiently support the technical implementation of these policies. To do this, it must meet several key requirements. Content collaboration specialist ownCloud explains what matters:
Control of access rights. Which users are allowed to access which files? The platform should make it possible to automatically classify documents based on corporate policies and assign them the appropriate release settings. It should also take into account the evolution of documents. A file that is not critical when it is created can become relevant to the GDPR during the course of the collaboration because an employee adds personal information.
Enrichment with metadata. In content collaboration, users mostly edit files with unstructured data. In order for such files to be analyzable and thus also automatically classifiable, they require metadata. The platform should therefore offer as many ways as possible to enrich files with metadata: from derivation from the file itself, to automatic generation using image recognition, OCR or AI, to manual assignment.
Retention management. Many files are subject to retention requirements. Some may not be stored at all, others must be deleted as soon as their processing purpose ceases, while still others must be retained for decades. Companies should have lifecycle management in place to ensure compliance with all retention and deletion requirements.
Control of storage locations. When employees store files locally on their endpoints, organizations can no longer oversee them. Most of the time this is not a problem, but for sensitive files it is a risk. That’s why companies should be able to control local storage and prevent it if necessary. In the case of particularly sensitive documents, it may even be necessary to ensure that they never leave the server and that only watermarked images of them are streamed to users’ browsers.
File recovery. A content collaboration platform can be a powerful tool to defend against ransomware attacks – if its versioning allows any file to be restored to any point in time. Then, organizations can restore files to the state they were in immediately before the ransomware encrypted them.
“In addition to technical features, companies should also pay attention to the future viability of the platform,” explains Holger Dyroff, co-founder and COO of ownCloud.
“For example, Microsoft will soon discontinue support for the on-premises version of SharePoint and will only offer the content collaboration tool from the public cloud. At that point, it will no longer be able to adequately support many strategies for protecting sensitive data. If companies opt for a solution that gives them freedom of choice in the operating model, they keep all options open for the future.”