maxkabakov - Fotolia
How do AI tools such as Box Shield enhance content security?
Programs such as Box Shield use machine learning to better secure content, as it monitors existing content continually to learn about new cybersecurity threats over time.
A house needs a strong foundation to build a new addition. Similarly, a company needs a strong foundation to build upon content security. Without a solid framework, details may slip through the cracks and increase the possibility of problems down the road.
AI tools such as Box Shield can strengthen enterprise content management systems, but they won't reach their full potential unless a structured framework is in place.
Content security begins by securing access to a shared repository, and then to particular folders and even to individual files stored within it. An enterprise CMS typically provides security features and basic functionalities for maintaining access controls, where only predefined people and groups have permission to access certain sets of files.
Content-based security extends the protection perimeter to particular tasks that occur on the network -- such as restricting who can view, edit, email, download or print a piece of content, or placing a time limit on the access rights and permissions. Team collaboration promotes ad hoc sharing of messages, documents, images and other kinds of content within a predefined work group, and it restricts access by outsiders.
Artificial intelligence can enhance content security by monitoring data flows and recognizing anomalies. But the underlying framework is primarily an operational concern, beginning with how networks and systems are managed both on premises and in the cloud. AI tools and technologies can then manage the repetitive and time-consuming tasks of continuous effective monitoring and threat detection.
Operational activities
Before incorporating AI into content security, companies should focus on their operational activities -- specifically policies, procedures and operational-level business rules. It is essential to invest the time and effort to describe these operational activities, as well as define how content should securely flow across an extended enterprise. A security audit can assess capabilities of existing system- and network-level services. Consider, for example, how unsecured endpoints such as mobile devices and web browsers pose risks to end-to-end content flows.
When it comes to content security, there are multiple legal, compliance, risk management and business concerns. For instance, a business might restrict drafts of a proposal to members of the bid team, and once the team captain approves them, they can be made available to other company leaders. Organizations rely on business processes to ensure the availability, usability, consistency, integrity and security of the information they collect and maintain to run their businesses. It's important to categorize business content in a systematic manner based on its sensitivity and business risk, and to have operational processes in place to keep these classifications current.
Within data-savvy organizations, data stewards have well-established operational roles. They ensure that all employees follow data governance processes and also enforce guidelines when managing structured data within databases. Content stewards should have comparable roles enforcing procedures related to documents, email messages, digital assets and other kinds of digitized information that businesses manage within various types of content repositories. Content stewards should be able to track end-to-end content flows for sensitive business documents and describe the risks that innovative security technologies can address.
Signals and patterns
Signals and patterns also matter for content security. It's no longer enough for organizations to rely on identity management, authorization and access controls -- conventional ways of securing content managed within shared repositories. The spread of connected devices and processes within an enterprise adds to security risks, which businesses can mitigate by using AI in content security.
Suppose a company is monitoring document downloads from a shared repository. Threat hunters assess risks to events in the cloud while classifiers automatically recognize items that require content protection. If the person or process requesting a download is in a remote location where the organization does not have a business presence, then something may be amiss. Box Shield offers content security controls that rely on machine learning to detect discrepancies in content usage patterns and take predefined actions -- perhaps automatically shutting down the access port or notifying an administrator.
Box Shield monitors the flow of content among authenticated users within the Box platform, identifies anomalous activities and alerts enterprise security staffers about potential problems, providing them with contextual explanations about suspicious activities. Rather than enforce predefined and inflexible rules, the machine learning algorithms are context-specific -- first setting a user- or group-specific baseline, then flagging events that occur outside the baseline.
Microsoft also tackles these kinds of distributed risks within its cloud services. In particular, Azure Sentinel includes enhanced threat hunting capabilities for detecting suspicious network events, such as logins from anomalous IP addresses. The compliance center within Microsoft 365 can track content flowing through SharePoint and Outlook repositories by sensitivity level and uses machine learning to train classifiers by categories that are unique to an organization. Not surprisingly, Microsoft demonstrates how a cloud-powered repository provides the foundation for content security and governance across the extended enterprise.
How artificial intelligence makes a difference
It is still the early days for applying AI to content security, but today's digital workplace demands a greater degree of intelligence and intuition due to the number of endpoints that now exist. AI tools -- powered by natural language processing, machine learning and even image recognition algorithms -- can ensure new levels of content security by managing content in context and detecting anomalous patterns in content flows. Organizations should consider using cloud services to power content security and embed it within digital experiences, whether the content itself is at rest or in motion.
Businesses can expect these inferencing capabilities to become more intelligent with the addition of advanced algorithms. But first, companies need to define the dots and map how they relate to content security. They need to ensure that operational activities -- including people and processes -- reinforce enabling security technologies.
Content security relies on smart categories. When developing an enterprise information architecture, organizations should include metadata for governance and content security. AI tools enable businesses to more precisely monitor embedded signals about the security of content flows.