Frequently Asked Questions
Answers to commonly asked questions about InstaSecure
Q. What is InstaSecure?
Brought to you by Sabeer Bhatia’s InstaColl, InstaSecure is innovative software that acts like a private security guard, traveling with information to enforce policies, prevent unauthorized access and monitor usage of protected information. For the first time, companies can share information without impacting user productivity while retaining complete control over how that information is used.
InstaSecure allows organizations to apply content-level access and usage controls through policies applied directly to a broad range of business documents that contain sensitive information. The policies control who has access to a protected document, for how long, and what can be done with the document.
Q. Is information control that big of a problem?
The loss of sensitive corporate data has always been a big issue for companies. Over and above well-publicized cases of leakage of sensitive information, recent studies by Gartner Research and other reputed analyst estimates intellectual property leakage costs companies more than $200 billion per year. There are also non-tangible losses when employees leaving the company or other stakeholders take with them confidential information about the company that compromises the enterprise’s competitive advantage or harms company reputation.
Q. Why is information hard to control?
Traditional security technologies such as firewalls and VPNs do a good job at protecting information within the secure network. But unlike network pathways and physical servers, information has no perimeter. It's constantly in motion across companies, users and applications.
To stop the problem, companies need to turn their security practices inside out, bringing security right down to the data itself. That's where InstaSecure comes in.
Q. What is unique about InstaSecure?
Unlike existing security solutions such as firewalls, VPNs, Intranets and Network authentication where security is imposed only for initial access, InstaSecure ensures that your data is secured at all times – at rest, during transit and even while it is being used by recipients. This ensures that protection is persistent and always “on”.
Q. What is so revolutionary about InstaSecure?
InstaSecure is the first solution that was designed to support the business. Users work within existing applications such as Microsoft Word and Excel using existing functions such as Save and Print. Using InstaSecure, policies can easily be created from within the productivity application and dynamically, yet persistently, control protected information. Detailed audit information is available for compliance reports.
Q. What document formats does InstaSecure support?
InstaSecure currently support Microsoft Word and Excel (all major versions – 2000, XP, 2003 and 2007). Forthcoming releases will support additional formats.
Q. Does using InstaSecure alter the format of the documents in any way?
No, the documents are retained in their native formats at all times.
Q. What are the system requirements for InstaSecure?
InstaSecure works as a plug-in within familiar Microsoft productivity applications such as Word and Excel running on Microsoft Windows (2000 and above).
Q. To use InstaSecure, do I need to upload my documents to a server?
NO. Your documents are always with you and don’t need to be uploaded to a server. InstaSecure transparently applies access control restrictions and policies on your documents even though they reside on your system.
Q. What can I do with InstaSecure?
InstaSecure’s unique technology helps you define various rights pertaining to the documents. You have control of the documents even after you have sent them to various recipients in the form of tracking of information with regards to these rights.
Advanced additional functionality such as workflow management and electronic signatures can be layered on top of the core security platform to support document-centric business processes.
Q. What are the various document rights that I can define with InstaSecure?
You can assign read, edit, print and copy rights to each recipient that you share your document with. You can also specify access options to determine if a recipient can access content without a connection to the InstaSecure server and from a single or multiple machines. In addition, you can set a “shred-by” expiry date beyond which a document cannot be accessed.
Q. Can I alter the access rights of the documents after sending them out?
With InstaSecure, you can alter the various access rights set by you for the recipients at any point of time. You can dynamically add or delete authorized users or modify existing permissions.
Q: What are the benefits of InstaSecure?
The key benefits of InstaSecure are as follows:
More effective protection and control of sensitive information
Engage in sensitive business electronically with confidence — persistent protection and dynamic control of documents means that only authorized recipients can access and use a rights-protected document, regardless of how the document is distributed (for example, by e-mail, on CD, or through FTP download) or where it is stored.
Greater assurance of persistent document protection
Share protected content with customers, suppliers, partners, the government, the media, and other authorized recipients, and have greater assurance that only designated individuals will have access to the information. These access rights can be revoked at any time.
Greater assurance of compliance with security and data privacy regulations
Comply more effectively with government regulations governing information security and protection of consumer data through the adoption of system-based preventive controls. Demonstrate compliance with confidence through the use of audit trails of document-level activity.
Reduced document delivery costs
Reduce the use of couriers, certified postal services, and other costly delivery services — with InstaSecure, you can transmit and share confidential files and documents more cost-effectively.
Reduced cost and complexity of implementing information security
Use a simplified method for encrypting documents that does not require users to obtain digital certificates or manage encryption keys.
Ability to extend the manageability of documents outside the information system
Use dynamic document management controls to extend version control capabilities of existing content or product lifecycle management systems beyond the firewall, by allowing out-of-date documents to be revoked and updated with more current versions, regardless of how the information has been distributed or where it is stored.
Q. Is InstaSecure an Enterprise Content Management system?
No. InstaSecure does not seek to replace intranets and other enterprise content/document management systems but rather complements these systems by providing means to extend document protection beyond the perimeter of these centralized systems.
Q: How can the InstaSecure solution enhance our company's existing document management systems?
Enterprise content management (ECM) systems only protect files within the security parameter of the existing system; when the files are distributed outside the system, they are no longer protected. With InstaSecure, your files are protected no matter where they are distributed or stored. This protection outside the ECM is extremely important, especially for documents that include sensitive information such as customer information, financial information, patient records, and so on.
Q. Does this really work as advertised?
It does. InstaSecure is a brand new product that uses a brand new approach to a long-standing problem, i.e. information control, but behind it is years of expertise, hard work and lessons learned! Also, we are offering a risk-free pilot to enable you to try the solution and confirm this for yourself!
Q: What makes InstaSecure the best-in-class document security solution?
Apart from being location-agnostic, InstaSecure is multiformat in addition to being cross-platform and supporting a range of application servers, databases, and authentication systems (including Active Directory and LDAP). Policies are dynamic and can be changed after publishing and distribution, which is essential for version control. In addition to document security, InstaSecure offers powerful collaboration capabilities ranging from workflow management to embedded discussion forums to electronic signatures. It also enables partners and customers to extend the existing functionality to complement their enterprise applications and solutions.
Microsoft Rights Management Services (RMS) is not cross-platform on the desktop or server. It supports only Microsoft Office 2003 Professional (not Standard), Active Directory, Windows Server® 2003, and SQL Server 2003. Documents cannot be dynamically updated, audited, or easily shared outside the firewall. RMS does not currently offer workflow, electronic signatures and other collaboration capabilities.
Adobe Live Policy Server requires documents to be converted to PDF format prior to being shared. Documents secured using Adobe Live Policy are not editable which makes the solution inappropriate within a document lifecycle. Adobe Live Policy does not allow sharing of documents outside the firewall and does not offer advanced collaborative capabilities.
Q. How does the software work?
InstaSecure encrypts information to provide persistent protection and policy enforcement, no matter where the information resides. InstaSecure allows or prevents actions such as reading, altering, copying and printing information according to a user's privileges defined in the policy.
In addition, InstaSecure makes information protection a seamless part of the way work is done. For enterprises and users, InstaSecure automates policy enforcement and hides the complexity of secure collaboration, working behind the scenes of every day business processes. Unlike other approaches to information security, InstaSecure does not require users to modify or upgrade applications, change their work habits or move data.
Q. How is this different than access control?
Access control is applied either on a folder or document by a file system or a document management system. It works well for users within the enterprise but it is unable to protect information once it leaves the secured environment. For example, one a file is emailed, it is accessible to anyone.
Q. How is this different than PKI?
PKI applies a protective layer to the document, ensuring that it may travel outside the trusted environment and remain secure in transit. However, once the protection is removed (which is required to use the document), the control vanishes. Further, key management is onerous for the enterprise and users.
Q. What type of security does InstaSecure use?
InstaSecure encrypts data from end to end. The contents of the documents are secured using a variety of encryption schemes – ranging from Blowfish to AES (advanced encryption standard) with 256-bit keys. The choice of the actual mechanism used is configurable by the administrator and can be congruent to end-customer requirements. Advanced extensions such as smart card authentication can also be supported on demand.
Q. How is InstaSecure licensed?
InstaSecure is a licensed based on the number of named system users. InstaSecure can be purchased as an in-premise server solution, a managed hosted solution or a subscription-based software-on-demand service.
Q. How long does it take to implement InstaSecure within my organization?
Our client services organization can usually have InstaSecure up and running for a client in just one working day. Unlike other software solutions, where consulting and implementation charges are quantum times higher that license fees, we include the initial implementation and first-year support in the price of the software. Because of this, our product needs to be easy to install, maintain and be very, very reliable (it is!).
Q. Where can I get more information about InstaSecure and its extended capabilities?
For more information about how InstaSecure can help you and your organization, contact us at sales@instacoll.com.
