November 28, 2016 | Written by: Clay Turner
Share this post:
As cognition makes its way into cars, devices, buildings, business processes and more, securing all transactions and sensitive data is even more essential to ensure trust in our systems of commerce and to reduce risk to every party involved. Business content often contains Personally Identifiable Information (PII) like social security numbers and credit card numbers, which are especially critical to protect. With that in mind, IBM Enterprise Content Management has prepared a new strategy for customers to protect sensitive data – automated, role-based redaction.
By integrating cognitive capture analytics and a dynamic user interface, the solution automatically detects sensitive data as it’s captured, encodes user access privileges, and permanently redacts PII data on-the-fly, based on the role of the requesting business user.
Beginning with the release of IBM Content Navigator V3.0, IBM Daeja ViewONE Virtual Module for Permanent Redaction V5.0, and IBM Datacap Insight Edition V9.1, these three products will work together to deliver this powerful role-based redaction use case to IBM Content Foundation customers.
Role-based redaction is achieved in just 5 steps:
- IBM Content Navigator is pre-configured with redaction reasons, each representing one or more types of sensitive data that the customer regularly redacts (i.e. Social Security Number, First Name, Last Name, Patient ID, Signature Field, or Street Address).
- IBM Content Navigator is pre-configured with user group permissions, each identifying the redaction reasons for which the users in the role can view sensitive data (i.e. A call center worker may be permitted to view sensitive data marked with the ‘Customer Phone Number’ redaction reason, but not the sensitive data marked with the ‘Social Security Number’ redaction reason).
- IBM Datacap Insight Edition performs optical character recognition at the point of capture and uses cognitive capture analytics to identify any sensitive data on every page of business content. It then registers each piece of sensitive data with a relevant redaction reason with each document managed within IBM Content Foundation.
- A single copy of the content is stored within IBM Content Foundation, where users are permitted to view, print, email, or download through the IBM Content Navigator interface.
- When a user requests the document, their role within IBM Content Navigator dictates which sensitive data should be redacted before the document is delivered to their care. The IBM Daeja ViewONE Virtual Module for Permanent Redaction is used to permanently burn-in those redactions on-the-fly, before the user is allowed to view, print, email, or download the content.
Role-based redaction ensures that content consumers only see the information that they need to see, while redacting content that is inappropriate for their role or level of security clearance. As a result, fewer copies of sensitive data are circulated within the organization and the onus of redaction is automated by the system, rather than left to each individual, leading to reduced overall risk.
If you are interested in learning more about automated role-based redaction, stay tuned for our formal announcements of IBM Content Navigator V3.0, IBM Daeja ViewONE Virtual Module for Permanent Redaction V5.0, and IBM Datacap Insight Edition V9.1 very soon on the IBM Offering Information page.
If you have any comments or future feature requests for these products, find me on Twitter @ClaySTurner or LinkedIn /in/clayturner– I always like to hear your thoughts.