|
I think part of the way forward on this is to realise that you don't actually have that control, even today. We touched on this in our Be2Camp North presentation: http://www.ustream.tv/recorded/1509410 (it's about 20 minutes long - there are a bunch of other presentations in the same stream, after ours). When you send a file to someone, anyone, you are trusting that person with your file. They can send it on to anyone else they want. They can burn it to a CD. They can print it out and leave it lying around. They can show it to someone at the wrong time. Etc. When people need to send a file to someone, they will - no matter what barriers you put in their way. If you put barriers, they will always go around them some way, either by burning a CD, sending an email, or printing it out. The more disorganised your modes of communications, the more likely that is to happen by mistake rather than intentionally. And the more disorganised and ad-hoc your communications the least visibility you have over all this. To your colleagues, I would say, perhaps bluntly, that the control they feel they have is an illusion. There is no control, once you send a file to someone else - there is only trust. The nearest thing to control you might have is visibility - to be able to at least see who downloaded what when. And that, you can get through the Woobius audit log. Does this help? |
None of those tasks are trivial and all of them can be worked around. You aren't building a military grade secure system, so, perhaps what you are doing is good enough. I'd start with Access Management and add visibility controls on documents.