Orchestria adds controls to the dark matter

"Intelligent electronic control software" doesn't exactly roll off the tongue. It sounds like a concept from past decades used to describe robotic arms on factory floors or SCADA systems. Orchestria has applied the term or phrase to characterize its enterprise solution, which applies policies to messages at rest and those heading for transit as well as Web and file activity to prevent data leakage and ensure corporate governance and compliance with all regulatory and corporate policies.

"As a CIO or chief compiance officer at a company like GM, GE or a major governmental agency, you have rich controls for who access what on an ERP system like SAP,"Christopher Lochhead, an Orchestria board member and a sometime ZDNet blogger, told me. "However, if you look at the number one application employees use--email, instant messaging, blogs and unstructured applications like Microsoft Office--those apps are nearly 100 percent control free. It's a gaping hole."

It's actually more of a black hole than a gaping hole, the unstructured, so called 'dark' matter that tends to go unmanaged.

Rather than protecting from the perimeters, Orchestria starts at the source material, applying policies prior encrypt and send. For example, in the screen shot below someone attempted to send out a research without the proper disclaimer. Orchestria detects the policy violation (an agent is embedded in the client system) and the send command is stopped in its tracks. An alert pops up stating the violation and offering a remedy. Similarly, documents can be tagged so they cannot be printed or transfered.

Lochhead also gave an example of sales rep sending an email about a contract to a customer, with a money-back guarantee, but the CFO, purchasing, legal and accounts receivable who should be involved with the contract have zero visibility in the specific transaction terms. If the workflow touched the ERP system, it would be recorded and noted accordingly, but in the email flow it sidesteps the proper systems and potentially puts the company out of regulatory compliance.

Orchestria's software layers in monitoring, detection and policies to provide control mechanisms, using contextual analysis to parse the contents of messages, pages and files. Browser activity can also be monitored, and companies can set up escalating policies, first interacting with users in real-time depending on the policies. It also offers tagging and integrates with various storage management solutions for electronic discovery investigations.

Orchestria recently introduced a set of Electronic Control Foundation Policies, a subset of Orchestria’s 250 best practice policies, that the company said provide a base level of control for enterprises. "There is an element of stopping good people from doing careless thing, such as sending files to the wrong person," Lochhead said. "Within five years no big corporation or government agency won't have it in place."

Given that prediction, Orchestria will have much more competition going forward. Orchestria claims that it has 250 customers solutions and protects more than 50 million electronic actions every day. The software is sold on seat basis per user per application. Orchestria deployments start at around $150,000.

See also Infoworld's review of Orchestria 4.7 and comparative analysis