Did you get the alert? Why you should know about registered users’ unusual ECM activity

44% are very concerned about unusual activity from registered users. 42% feel it is important to monitor mobile access. – AIIM survey

What do LeBron James, Miley Cyrus, and Edward Snowden have in common? Only ONE of them has [athletic] talent, so that’s not it. Well, they all have mobile devices and you never know what they are going to do with them (or where they might leave them). In at least one case, access to critical systems AND content led to a rather significant security breach THAT EVERY MAJOR ORGANIZATION ON THE PLANET WORRIES ABOUT. And to top it off, Mr. Snowden was an authorized contractor with a security clearance. So what’s a secure organization (like the NSA or a bank) supposed to do?

I’ve been working in the content space for some years and both structured and unstructured data in all forms represent the digital currency of our age. From patient files, to financial information, to R&D projects, securing the access to critical content by authorized users remains a high priority that will never go away. But let’s face it, the productivity pay-offs from increased mobility and access models are too great to let security concerns slow down the adoption of these models and technologies.

To that end, I believe there is a balance that can be achieved by monitoring and measuring user activity that establishes normative baselines and sets the stage for quickly identifying activity that is outside the norm, and can provide the optics quickly enough to avert a disaster. The same application performance data that can be harvested with content management systems service levels can be utilized to analyze user activity that falls outside the norm. The implications of utilizing this user performance data with a security lens can touch both ends of the spectrum of both retaining user data for audits as well as executing alerts to deal with a breach in real-time.