Content Management

Enterprise Collaboration

Web-based content management system (CMS) solutions have revolutionized how organizations share information with all their stakeholders, both internally and externally. These highly accessible mechanisms for publishing web-based content have made it incredibly easy for organizations to manage and distribute information, for consumption on any browser-enabled device. Popular corporate CMS solutions like Adobe AEM and Microsoft SharePoint also come with a wide range of built-in themes, and a variety of out-of-the-box web components — including blog, wiki, document library, list management, and calendaring elements. And advanced capabilities such as versioning and workflow approval allow companies to curate content with a high degree of fidelity.

Meaningful Risks

With organizations relying so heavily on content management system implementations to manage all aspects of their business, there is a strong need to ensure that these systems are secure. There are a number of cybersecurity issues that must be addressed with any CMS implementation:

• Data in Motion. It is critical to differentiate between sensitive and non-sensitive data, and to ensure that any sensitive data (PII, classified materials, payment information, etc.) are encrypted in motion.
• Data at Rest. Sensitive information must also be encrypted at the back end, and potentially stored on dedicated spindles to maintain operational security.
• System Architecture. For client-facing or partner-facing solutions, a proper n-tier architecture must be validated — ensuring that only the presentation layer (i.e., web services) are directly accessible in a DMZ, and that application and database tier systems are secured on the private corporate network.
• Access Control. Noting that it might not be appropriate to grant all users access to all information, a role-based (RBAC) or attribute-based (ABAC) solution may be necessary.
• Content Tagging. Of course, access control only works when content is tagged appropriately. Aerstone Labs SIFT™ is an automated content-tagging solution that integrates with Adobe AEM and Microsoft SharePoint, to ensure that all artifacts (both searchable and non-searchable) are tagged correctly, based on extracted file content.
• Authentication.  Enterprise CMS solutions can be integrated with Microsoft Active Directory, to provide single-sign on (SSO) capabilities. This integration must be planned carefully, so as to facilitate the desired authorization scheme.
• Endpoint Security. With the growing need to access and manage content on any device, mobile and otherwise, addressing endpoint security is a critical piece of any CMS security architecture.