 |
ECM TrendWatch, by Alan Pelz-Sharpe
Alan Pelz-Sharpe is a principal and analyst at CMS Watch, covering enterprise content management technologies and practices. An 18-year veteran of the document technology industry, we was formerly a strategist at Wipro and VP North America for analyst firm Ovum. See More by Alan Pelz-Sharpe Access Vs. Delivery: Two Views of Content Security
James Governer has prompted an important discussion on his popular blog regarding ECM and Security. He raises some very good questions while lobbying enterprise buyers to team with him to pressure ECM vendors to respond. I'm sure many ECM vendors will be secretly annoyed about this, for they pride themselves on their security capabilities. But it points to two different perspectives around security. The Architect views security as stopping bad guys from getting in (the Firewall Syndrome). The Document Management view casts security as assigning permissions (the ACL syndrome). They are two sides of the same coin, on the surface seeming similar but nonetheless remaining quite different. One is about putting up barriers, the other about ensuring that the right information is delivered to the right person at the right time. A vendor told me today they had 57 different types of permission levels, managing security not just from an object access viewpoint, but also via state and lifecycle of that object or group....now that is security DM style! It is quite different from (though compatible with) the Architect's world of Indentity Management, Encryption, and Electronic Signatures. My suspicion is that many of James' (very valid) requests will be met by the emerging ECM platform vendors at the platform level, but not by application providers (bulk of the current ECM crop) who will more rightly focus on their need to manage tight control of content objects. Enterprise Security and ECM Security do indeed need to work in harmony and more standardized platform elements will help this, but two very distinct views of Security will remain: one at the enterprise level, and one at the document administration level. Alan Pelz-Sharpe is a principle analyst at CMS Watch. Write him at aps@cmswatch.com  E-MAIL | SLASHDOT | DIGG This is a public forum. CMP Technology and its affiliates are not responsible for and do not control what is posted herein. CMP Technology makes no warranties or guarantees concerning any advice dispensed by its staff members or readers. Community standards in this comment area do not permit hate language, excessive profanity, or other patently offensive language. Please be aware that all information posted to this comment area becomes the property of CMP Media LLC and may be edited and republished in print or electronic format as outlined in CMP Technology's Terms of Service. Important Note: This comment area is NOT intended for commercial messages or solicitations of business.
|
|
Blog Channels
Cindi Howson on Business Intelligence The Brain Food Blogger Tony Byrne on Content Management SQL Puzzlers by Joe Celko Rajan Chandras on IT & Information Management Seth Grimes on Analytics In Context by Doug Henschen Phil Kemelor on Web Analytics Sandy Kemsley's Column Two Nelson King on Enterprise App Development David Linthicum on Software as a Service Natural Insight, By Mark Madsen Alan Pelz-Sharpe on Content Management Mark Smith on Performance Management Neil Raden on Business Intelligence Bruce Silver on Business Process Management Product Maven  Subscribe to RSS Archives
|
|
|