Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

3/13/2013
12:08 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

SpringCM Delivers More Security For Enterprises Moving Beyond Content Sharing Platforms

SpringCM beefs up granular and flexible control of content across all devices, including iOS and Android

Chicago, IL – March 13, 2013 – SpringCM®, the leader in Content Cloud Services for the enterprise, announced today that it has delivered enhanced security capabilities across its cloud application and infrastructure to support rapidly growing demand for its Content Cloud Services from enterprises. These enhancements enable SpringCM customers to efficiently manage secure, synchronized access to content from any mobile device or application. They also provide enterprises greater control over critical-path content and prevent sensitive data from "walking out the door".

Overcoming the Final Hurdle to the Cloud

A recent report unveiled at the RSA Conference showed that 54% of organizations cite security concerns as their biggest barrier to adopting cloud services. Today, enterprises want to free themselves from old-school enterprise content management (ECM) systems that are avoided by users and IT alike. Enterprises also want to move beyond simple storing and sharing of documents in the cloud. To do so they require a level of enterprise-class security and compliance not offered by cloud sharing platforms. This includes the security to power multi-step workflow processes and to protect distributed groups using mobile devices to access and work with content. Today, only SpringCM delivers this level of security along with enterprise-class functionality and a great user experience.

SpringCM's Content Cloud Services were built for business from day one with an enterprise approach to security. As a result, SpringCM offers a flexible security model unmatched by content sharing platforms. Rather than an "all or nothing" approach, SpringCM supports granular security settings for all content at every level and for any device. Today's announcement extends that security model, and now includes:

Mobile Device Management – Most Control over Mobile Users

SpringCM enables IT to control which devices – iOS, Android, Windows or Mac – are allowed to store content and to instantly wipe files, revoke a device - or all devices at once - when lost or when an employee is terminated. Furthermore, IT and business admins can now see what activities their mobile users perform inside the SpringCM app on their devices and take proactive action.

Secure Content Synchronization – Most Control over Content

SpringCM now gives enterprises greater control over which content can and cannot be synced based on file, folder or attribute value. This is SpringCM's latest Data Loss Prevention (DLP) enhancement that arms enterprises with the leading internal controls and audits to reduce the risk of data leakage.

Protocol Compliance – Most Comprehensive in Content Cloud Services

SpringCM was recently audited by the top security compliance organizations and received audit reports for both the Statement on Standards for Attestation Engagements (SSAE) 16 Type II and for the Service Organization Controls (SOC) 2 Type II. SpringCM's SOC 2 compliance was reviewed under all five principles, including availability and processing integrity, which is critical to management of this specific risk. SpringCM has also earned TRUSTe Trusted Cloud and TRUSTe Mobile Seals of Approval. SpringCM is a member of (CSA) Cloud Security Alliance, is an active member of OWASP (Open Web Application Security Project), and integrates the controls, vulnerability assessments, and training initiatives of both groups into its security program.

SpringCM has consistently implemented the most advanced security capabilities, procedures and protocols that are especially relevant to Global 1000 corporations and government agencies that automate business processes around documents in the cloud. Unlike content sharing platforms, SpringCM anticipates potential user mistakes and misconduct, and has automated protocols to ensure an enterprise's content remains safe. Furthermore SpringCM has spent the last five years ensuring that customer data is properly secured. This includes securing interfaces and APIs, delivering capabilities to prevent data loss and leakage and constantly monitoring to reduce the chance of services hijacking.

"Today's announcement gives enterprises an even greater level of comfort in moving content and business processes to the cloud," said Dr. Antonis Papatsaras, CTO of SpringCM. "With enterprise demand for Content Cloud Services expected to grow substantially over the next two years, we are committed to delivering clearly more application and infrastructure security to our customers."

SpringCM is committed to delivering the most cutting-edge security features in Content Cloud Services for the enterprise, including expanding its delivery strategy to include SuperNAP from Switch Communications, widely regarded as the world's largest and most powerful datacenter. SpringCM is currently investing in implementing more advanced capabilities, including multi-factor authentication, role-based content access controls and others that will be available in the near future. And SpringCM will continue to invest in security that ensures the confidentiality of process-intensive content – including contracts, employee records, medical documentation, loan applications and more – the lifeblood of enterprises.

About SpringCM

SpringCM is the leader in Content Cloud Services for the enterprise. Enterprises need to do more than store and share content--they need to put content to work to accelerate business outcomes. SpringCM helps global brands and public sector agencies--Google, Facebook and the Commonwealth of Virginia, among others--solve content-related problems that stand in the way of optimizing revenues, cutting costs, mitigating risk and engaging customers and employees.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 9/17/2020
APT Groups Set Sights on Linux Targets: Inside the Trend
Kelly Sheridan, Staff Editor, Dark Reading,  9/11/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-5605
PUBLISHED: 2020-09-18
Directory traversal vulnerability in WHR-G54S firmware 1.43 and earlier allows an attacker to access sensitive information such as setting values via unspecified vectors.
CVE-2020-5606
PUBLISHED: 2020-09-18
Cross-site scripting vulnerability in WHR-G54S firmware 1.43 and earlier allows remote attackers to inject arbitrary script via a specially crafted page.
CVE-2020-5628
PUBLISHED: 2020-09-18
UNIQLO App for Android versions 7.3.3 and earlier allows remote attackers to lead a user to access an arbitrary website via the vulnerable App. As a result, if the access destination is a malicious website, the user may fall victim to the social engineering attack.
CVE-2020-5629
PUBLISHED: 2020-09-18
UNIQLO App for Android versions 7.3.3 and earlier allows remote attackers to lead a user to access an arbitrary website via a malicious App created by the third party. As a result, if the access destination is a malicious website, the user may fall victim to the social engineering attack.
CVE-2020-25756
PUBLISHED: 2020-09-18
** DISPUTED ** A buffer overflow vulnerability exists in the mg_get_http_header function in Cesanta Mongoose 6.18 due to a lack of bounds checking. A crafted HTTP header can exploit this bug. NOTE: a committer has stated "this will not happen in practice."