​Fasoo eyes enterprise DRM resurgence in the US

A reignited interest in enterprise digital rights management while New York passes stricter cybersecurity laws will likely be a boon to information security firm Fasoo.
Written by Cho Mu-Hyun, Contributing Writer

A renewed interest in enterprise digital rights management (DRM) as the best data-centric security practice going forward in the United States following a string of high-profile data breaches will be a boon to Fasoo's global business, its CEO has said.

Fasoo chief executive Kyugon Cho told ZDNet that there is a strong interest in enterprise DRM.

"Many have expressed, and I concur, that enterprise DRM will be facing a renaissance through a 'second wave' of adoption," Cho said at the Gartner Security and Risk Management Summit 2017.

Enterprise DRM protects data on the file level and gives policy makers greater options around who has access to that data.

Files are encrypted whether they are in employee devices, servers, or third-party devices, while policy makers can grant permissions by organisation, team, or projects, and set valid access dates and location.

Theoretically, a smooth-running enterprise DRM program will allow companies to share protected data anywhere and at any time, but implementation has proven to be difficult over the years.

"Complexity and cost has been drastically reduced since DRM was first introduced in the early 2000s," Cho said. "And today, information security is really about the data."

The New York State Department of Financial Services' (NYDFS) final cybersecurity regulations for banks and insurers, which came into effect on March 1, enforces stricter accountability to senior executives within a company, especially on chief information security officers, and the encryption of non-public information, including when in transit.

The new rule [PDF] requires banks and insurers to scrutinise third-party vendor security and assess risk beforehand, rather than taking simple, prescriptive measures.

New York state law enforces the encryption of non-public information, limitation of user access privileges, and implementation of audit trails. It also sets limitations on data retention.

Cho believes enterprise DRM and its data security framework solutions suite is the best security measure to cover such "comprehensive" requirements.

"It's ironic, because I've been preaching about enterprise DRM and our six-step approach to scaling up security before the passing of the laws like NYDFS and GDPR [General Data Protection Regulation]," Cho said.

"Define and discover, classify and label, encrypt data, access privileges, audit trail, and data retention: The six-step program for clients."

Gartner believes enterprise digital rights management will be the "only durable, granular, file-level mobile data protection" security by 2020.

Fasoo, founded in 2000, has more than 1,200 customers and has been making inroads into the US, clinching finance and logistic clients.

Editorial standards