Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

3/13/2013
12:08 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

SpringCM Delivers More Security For Enterprises Moving Beyond Content Sharing Platforms

SpringCM beefs up granular and flexible control of content across all devices, including iOS and Android

Chicago, IL – March 13, 2013 – SpringCM®, the leader in Content Cloud Services for the enterprise, announced today that it has delivered enhanced security capabilities across its cloud application and infrastructure to support rapidly growing demand for its Content Cloud Services from enterprises. These enhancements enable SpringCM customers to efficiently manage secure, synchronized access to content from any mobile device or application. They also provide enterprises greater control over critical-path content and prevent sensitive data from "walking out the door".

Overcoming the Final Hurdle to the Cloud

A recent report unveiled at the RSA Conference showed that 54% of organizations cite security concerns as their biggest barrier to adopting cloud services. Today, enterprises want to free themselves from old-school enterprise content management (ECM) systems that are avoided by users and IT alike. Enterprises also want to move beyond simple storing and sharing of documents in the cloud. To do so they require a level of enterprise-class security and compliance not offered by cloud sharing platforms. This includes the security to power multi-step workflow processes and to protect distributed groups using mobile devices to access and work with content. Today, only SpringCM delivers this level of security along with enterprise-class functionality and a great user experience.

SpringCM's Content Cloud Services were built for business from day one with an enterprise approach to security. As a result, SpringCM offers a flexible security model unmatched by content sharing platforms. Rather than an "all or nothing" approach, SpringCM supports granular security settings for all content at every level and for any device. Today's announcement extends that security model, and now includes:

Mobile Device Management – Most Control over Mobile Users

SpringCM enables IT to control which devices – iOS, Android, Windows or Mac – are allowed to store content and to instantly wipe files, revoke a device - or all devices at once - when lost or when an employee is terminated. Furthermore, IT and business admins can now see what activities their mobile users perform inside the SpringCM app on their devices and take proactive action.

Secure Content Synchronization – Most Control over Content

SpringCM now gives enterprises greater control over which content can and cannot be synced based on file, folder or attribute value. This is SpringCM's latest Data Loss Prevention (DLP) enhancement that arms enterprises with the leading internal controls and audits to reduce the risk of data leakage.

Protocol Compliance – Most Comprehensive in Content Cloud Services

SpringCM was recently audited by the top security compliance organizations and received audit reports for both the Statement on Standards for Attestation Engagements (SSAE) 16 Type II and for the Service Organization Controls (SOC) 2 Type II. SpringCM's SOC 2 compliance was reviewed under all five principles, including availability and processing integrity, which is critical to management of this specific risk. SpringCM has also earned TRUSTe Trusted Cloud and TRUSTe Mobile Seals of Approval. SpringCM is a member of (CSA) Cloud Security Alliance, is an active member of OWASP (Open Web Application Security Project), and integrates the controls, vulnerability assessments, and training initiatives of both groups into its security program.

SpringCM has consistently implemented the most advanced security capabilities, procedures and protocols that are especially relevant to Global 1000 corporations and government agencies that automate business processes around documents in the cloud. Unlike content sharing platforms, SpringCM anticipates potential user mistakes and misconduct, and has automated protocols to ensure an enterprise's content remains safe. Furthermore SpringCM has spent the last five years ensuring that customer data is properly secured. This includes securing interfaces and APIs, delivering capabilities to prevent data loss and leakage and constantly monitoring to reduce the chance of services hijacking.

"Today's announcement gives enterprises an even greater level of comfort in moving content and business processes to the cloud," said Dr. Antonis Papatsaras, CTO of SpringCM. "With enterprise demand for Content Cloud Services expected to grow substantially over the next two years, we are committed to delivering clearly more application and infrastructure security to our customers."

SpringCM is committed to delivering the most cutting-edge security features in Content Cloud Services for the enterprise, including expanding its delivery strategy to include SuperNAP from Switch Communications, widely regarded as the world's largest and most powerful datacenter. SpringCM is currently investing in implementing more advanced capabilities, including multi-factor authentication, role-based content access controls and others that will be available in the near future. And SpringCM will continue to invest in security that ensures the confidentiality of process-intensive content – including contracts, employee records, medical documentation, loan applications and more – the lifeblood of enterprises.

About SpringCM

SpringCM is the leader in Content Cloud Services for the enterprise. Enterprises need to do more than store and share content--they need to put content to work to accelerate business outcomes. SpringCM helps global brands and public sector agencies--Google, Facebook and the Commonwealth of Virginia, among others--solve content-related problems that stand in the way of optimizing revenues, cutting costs, mitigating risk and engaging customers and employees.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Why Cyber-Risk Is a C-Suite Issue
Marc Wilczek, Digital Strategist & CIO Advisor,  11/12/2019
DevSecOps: The Answer to the Cloud Security Skills Gap
Lamont Orange, Chief Information Security Officer at Netskope,  11/15/2019
Attackers' Costs Increasing as Businesses Focus on Security
Robert Lemos, Contributing Writer,  11/15/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Navigating the Deluge of Security Data
In this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-5118
PUBLISHED: 2019-11-18
A Security Bypass Vulnerability exists in TBOOT before 1.8.2 in the boot loader module when measuring commandline parameters.
CVE-2019-12422
PUBLISHED: 2019-11-18
Apache Shiro before 1.4.2, when using the default "remember me" configuration, cookies could be susceptible to a padding attack.
CVE-2012-4441
PUBLISHED: 2019-11-18
Cross-site Scripting (XSS) in Jenkins main before 1.482 and LTS before 1.466.2 allows remote attackers to inject arbitrary web script or HTML in the CI game plugin.
CVE-2019-10764
PUBLISHED: 2019-11-18
In elliptic-php versions priot to 1.0.6, Timing attacks might be possible which can result in practical recovery of the long-term private key generated by the library under certain conditions. Leakage of a bit-length of the scalar during scalar multiplication is possible on an elliptic curve which m...
CVE-2019-19117
PUBLISHED: 2019-11-18
/usr/lib/lua/luci/controller/admin/autoupgrade.lua on PHICOMM K2(PSG1218) V22.5.9.163 devices allows remote authenticated users to execute any command via shell metacharacters in the cgi-bin/luci autoUpTime parameter.