Central ECM Cloud Service for Document Centralization

Selected Features Only!

NetID Co., Ltd.

30 Jan 2012

- 2 -

NetID is based on abundant experience…

Com-pany

NETID Co., Ltd.

Yoo, Sang-Leol

Software SolutionInternet Service

9092 Garden Five, MunJeong-Dong,SongPa-Gu, Seoul, Korea

TEL : 02-588-0708FAX: 02-588-1012

March 6, 2002

March 6, 2002 ~

Plus DiskCentral ECM

Name

CEO

Business

Address

Phone

Founded

Doc Management

Products

Least # of Clicks Employees save files readily Intuitive document categories Improves productivity of corporation

100% Effective, New Device Adaptive…

- 3 -

Our Business Area includes …We are working on solution business, ASP business through construction a wide variety of partnership based on our core technologies like security file server, online PC backup, … And we had been putting in a great deal of efforts to develop overseas market since foundation.

Plus DiskAs a package

Central ECM As a solution

KDISK’s homedrive.co.kr KT SafeDisk Hostway PC Backup LG Dacom Webhard Korea.com Mdisk Nate FileTank SKNetworks UbiHard

LG ElectronicsPlus Disk for NAS

- 4 -

The Goal of Enterprise Cloud Service

1 2 3Establish a secure infra-structure

Provide easy to access user inter-faces

Knowledge Collaboration Environment

Data should be protected from network, stor-age, and em-ployees

Data should be accessed eas-ily from PC, Web, and mo-bile devices

Collaboration environments encourage employees

- 5 -

Cloud Service Positioning

Documents

Applications

O.S.

Terminal

Virtuaization

User Environments

DesktopVirtualization

Documents

Applications

O.S.

Terminal

Virtuaization

User Environments

ApplicationVirtualization

Documents

Applications

O.S.

Terminal

Virtuaization

User Environments

Cloud Storage

Documents

Applications

O.S.

Terminal

User Environments

PersonalComputer

Users will save documents to Cloud storage. Applications are running on their PC as it was. It is the cheap-est one for installation and management. You may easily extend the storage and it is easy to cowork with other systems.

- 6 -

It may run on Cloud Infrastructure(IAAS)

SMB#1

VirtualMachines

Cloud Storage Service(Glus-terFS)

Enterprise#2

University#3

Govern-ment#4

SSL Trans-fer!

20 users100 GB storage

30 users200 GB storage

500 users2 TB storage

2,000 users10 TB storage

Note. IAAS = Infrastructure As A Ser-vice

- 7 -

Why Document Centralization?

Data Leak Criminals70%Current&former em-ployees, Partners

Nowadays, the most important property of corporation is electronic document rather than real estate and machinery. However, the market research firm Gartner published that 90 percent of corporate documents exists on employee PC and the remaining 10 per cent are stored on the server. The Small Business Admin-istration also published that more than 70% criminals of Information Disclosure are current & former em-ployees or partners.

Corporations

Electronic Docu-ments

real estate and machinery

Corporation Documents

90%Personal

Computer

Corporation Documents

10%

- 8 -

Corporation Reactions

Corporate reactions and problems

2. DIsk Re-turned Delete

1. File Encrypted Save

The Problems

To resolve the problem, files are saved encrypted and the hard disk of retired is returned to company. How-ever, some wiped hard drive can prevent the Information Disclosure? File encryption method also hinder the performance of your PC or can protect only the specified version of the program data. So most of appli-cation data can’t be protected.

Disk Wiped and Returned?

Encryption Per-formance and

Effectiveness?

- 9 -

Problems of traditional ECM products

#1. POSCO decided to save all documents to cen-tral server through innovative project. All PC gener-ated documents are stored in server except 100MB local space only. But it made employees complain that PC storage allowance is differentiated for each team. #2. LG display employees created all documents on central servers instead of PC. They built a col-laborative environment. However, the complex classification system and the registration process made their work uncomfortable and their productiv-ity was reduced. LG Display thought the first project failed in fact. They made a new classifica-tion system and registration process also reduced by 20% of the existing.

#3. After document centralization, SK Telecom em-ployees thought it is rather easy to save docu-ments in the server but ‘download to read or edit’ was awesome! They canceled the centralization policy. Now employee PC and server storage are synchronized in real time.“These 1st generation companies of document cen-tralization keeps the document centralization con-cept but the strategy became flexible and user-

friendly. ”

POSCO Research & Development (R & D) team em-ployees were provide gigabit PC capacity. The ca-pacity became different for each team.LG determined that the 1st project were failed. The document categories and registration process were significantly reduced based on user participation.SK Telecom has also guaranteed autonomy. Now saving on PC is free but the capacity on central server is limited. They are monitoring the effective-ness. Currently individual 2GB and departmental 20GB are provided. "Complex user interface and document clas-sification system makes employees com-plain!

NEWSPAPER Oct 31, 2010 ElectronicTimes

- 10 -

Why Central ECM?

Central ECM

What is the best product for corporate documents centralization and prevention of information leakage? The answer is Central ECM. Central ECM is easy, secure and corporate friendly. Let's take a look?

- 11 -

AS-IS

TO-

BE

It blocks file save to local drives. The policy can be set for each applications so that company file assets in-cluding office documents, CAD files, design files and source code can be protected.

Central ECM ServerRemote Drive(X:)

File Save-Block

ed

Employee PC/Notebook

Employee PC/NotebookEmployee PC/Notebook

Employee PC/Notebook

Why Central ECM?

- 12 -

Why Central ECM?This product enables us to use personal and team storage in the central server as if they are local drives. You can edit documents and play video as you do in the C: drive and you may distribute install programs also.Also, you can use the storage in iPhone and Android phones also.

760,50760,50760,50760,50760,50

760,50760,50760,50760,50760,50

1. CAD file editing 2. Document edit-ing 3. Video Play

5. Smart Phone Ap-plications4. Install Programs

- 13 -

Why Central ECM?

128-bit SSLOnline Banking

Central Server

Transferring files from PC to a central server uses 128-bit SSL. This is the same as that used by online banking technology. Works with files on a central server are logged into the database and all files are saved encrypted using the ARIA(a kind of AES) algorithm automatically.

AlgorithmARIA AES based

- 14 -

Why Central ECM?

Central ECMCitrix

Vmware

Central ECM provides personal and team document drives in Citrix and Vmware virtual desktop environ-ment also. In particular, Citrix XenApp logged on user is allowed to read from local disk of the PC but write is prohibited.

- 15 -

Central ECM Traditional ECM

Compared with traditional ECM products

Key features are local drive-based document management and security features (SSL, ARIA, logs).

OCI Company, Samsung Card, Seoul City, … are using.

Opening and saving documents are similar to the local drive (eg. X: drive) way.

All applications in company can use the drive. Response to a new version, such as MS Office

does not need a separate actions. After install, Environments are the same as be-

fore and document is available in high-perfor-mance.

Simple administrative environment makes it easy to manage the documents.

Detailed document category management is provided through a professional document man-agement capabilities.

Posco, Samsung Electronics, LG Display, … are us-ing.

Open and Saving documents involve security and performance issues because they are using temporary files and hooking techniques in em-ployee PC.

it is impossible to apply Hooking for some appli-cations.

The new version of MS Office, and the corre-sponding need a separate budget. It can be a significant burden.

It’s inconvenient and slow. Complex administrative environment.

“We purchased expensive SW but it’s not useful.”

IT manager of ‘N’company

- 16 -

Compared with SBC(Server Based Computing) We support local disk lock function so that employees can’t save their document on their PC. This is cost effective and provides best performance and security.

Items Server Based Computing Local Disk LockingConcept Employees use virtual machines for

document centralization & DLPEmployees use existing PC but file save is not allowed for local disks.

Product Citrix XenDesktop, VmWare, … Central ECMDocument save location

Central Storage Central Storage

User Desktop Provides 20 virtual desktops per one virtual desktop server.

Existing PC as is

User environ-ment changes

User should logon to remote virtual desktop server to begin their work.

Same environment but local disk save will not be allowed for some applica-tions.

Cost •Expensive VDI license•More windows and office licenses for virtual desktops•Cost for many VDI servers•Central Server and Storage

•Reasonable ECM SW license•Central Server and Storage

Apply for •Limited use for sales person, work –at-home, …•Low performance for CAD works

•Very flexible for any kind of works

CPU Use of server CPU Use of PC CPURAM Use of server RAM Use of PC RAMPC Video Card Can’t be used Use of PC Video Card

- 17 -

Deployment of Central ECM for document centralizationThere are entities like Security Manager, Service Manager, team folder manager and normal users in Central ECM. If Central ECM uses the organization chart of legacy system, it provides useful collaboration environ-ment.

Access Log Encryption IP auth, …

Policy

Security Manager

Team Docs

Service Admin

Service Manager

Drives

Team MembersNew Devices PC Backup

PersonalTeam

IPhoneAndroid

PC backup&restore

Folder CreationAccess Control

Org chartEmployeeStatistics …

Organizationchart ECM

Central ECM

Team Folder manager

- 18 -

Organization-based document classification system

Auto Mapping

Storage #1

Storage #2

Seoul IDC

Storage #3

Storage #4

New York IDC

Storage #5

Storage #6

Storage #7

Tokyo IDC

Organization User Interface

America

Africa

Europe

Asia

Australia

Overseas

Sales

X:\NetID

America

Africa

Europe

AsiaAustralia

Storages

Overseas

Sales

Central ECM is designed to use the organization chart-based document categories. If you are using auto-mapping feature, organization chart is reflected to the user interface automatically. In addition, each de-partmental document repository can be distributed in multiple locations.

- 19 -

User interface support for mobile environments

Windows Explorer XP/Vista/2003/ 2008/7

Java Explorer MAC, Linux Web Browser

IE, Firefox, Chrome, Safari

Smart Phone IPhone,

Android

In the Future IPAD Android Tablet Google TV

The users are allowed access to documents from any legal places.

Various user interface support

- 20 -

Smartphone and Tablet

Already supported IPhone, Android supported now Document drives Local storage Open documents

From 2012.1.1 IPAD, Galaxy Tab10.1 Authentication based on device ID Local file encryption Functions for lost devices

Mobile device users are increasing in enterprise market also. Central ECM provides easy interface for these kinds of users.

Option

- 21 -

Document Version Management

• Microsoft Office supported• Hangul supported• Other documents may be sup-ported• We save existing documents au-tomatically• Users can restore their past doc-uments• Past documents will be deleted after some configurable period

Version Management Original Document

Past Document

1 Document Edit & Save

2 Save existing document

3 Document Restore Request

4 Restore Document

Microsoft Office programs delete existing document before saving updated document. We don’t delete the existing document but save it at a temporary location so that users can restore it later.

- 22 -

File-name Size Date File Exten-

sion

Filename Search

Metadata Search

• Search for all docu-ment drives• Filename Search

• Metadata Search

• Full Text Search Cus-tomization for each cus-tomers

SearchMetadata search will provide It’s own document category View…

File-name Size Date File Exten-

sionSub-ject

Con-tent Type Key-

word

Metadata Search

You may use the search function which windows explorer provides. But, the function will be slow and network traffic intensive. So we provide our own filename search and metadata search functions.

Option

- 23 -

HappyNY.avi

Forecast.ppt

Use of document linksYou can share your document through UNC(Universal Naming Convention) path if it is saved in team drives. But, if the counterpart does not have proper permission, file access will be rejected by Central ECM.

Y:\STT_Electronics

Strategy

USA

Marketing

Oversea

File://Y:\marketing\overseaFile://Y:\ marketing\oversea\usa\forecast.ppt

TomDavid

- 24 -

Stable system operation by various security features

IP Filtering IP Authentication

Encrypted Transfer(SSL) File Access Log Encrypted Saving(ARIA)

Account Locking Password Complexity Secure Login ACL setting logging

Two kinds of admins SQL Injection, Cross Site Script, File Integrity,…

All documents are saved encrypted using safe speedy encryption algorithm, ARIA(based on AES).

Files are transmitted using 128 bit SSL from PC to server to prevent tapping.

User authentication and read/write/delete/rename/copy /move of all documents on server are logged.

All deleted files are kept for a certain period that em-ployees can’t delete important files on their own.

Security features on documents

Security for network elements

Security features on the human element

Other Security Features

Access Log

- 25 -

PC document backup support

1. Repair 2. Replace

3.Backup and Restore 4. Inspection

PC backup Reporting File Management

• HDD will be out together with PC when the PC needs repair

• Scheduled backup• Incremental backup

• Backup files online• Confirm integrity of backup files• Finally erase original files

ReportsBackup Management

If employee’s PC should be repaired outside, important files should be erased from his disks. And if you want to keep your local disk files safe from unexpected accidents also, you may backup your files to our backup server.

Secure Backup Server

2.Usual backup

1.Prevent data leak from re-pairing PC

Option

- 26 -

DiskLock – Why local disk should be controlled?A senior researcher in Burton Group(which is a IT-related leading research firm) recommended that ‘Do not save files in employee’s devices to protect company data’.

mail, messengerboards, FTP Hard Disk

Devices includingUSB

Capacity Comparison

Local DiskUSB

Average 2~ 16 GB Average 100~500 GB

Under Control

Printer

Devices Printeremail

messenger

network ? ControlLocalDisk

Option

- 27 -

DiskLock – Why DiskLock?

Items DiskLock Y of X company B of A companyConcept Controls applications Controls file extensions Controls applicationsFile extension change

Controlled Not Controlled Not Controlled

Application name change

Controlled Not Controlled Not Controlled

Additional options File size, … Nothing NothingDisk Types Local/Network/USB/

CD*DVDLocal Local

WhiteList support Supported Not Supported Not SupportedBlackList support Supported Supported SupportedApplication list Automatically gathered Admin input manually Admin input manuallyPolicy setting unit Application Category File extensions Application NamePolicies are applied to

Company/Team/Personal Company/Team/Per-sonal

Company only

System folder input Supported Supported Not Supported

Disklock is based on file system driver technology of NetID. We do not use only application name nor file-name but we use internal application information that we control disk IO perfectly.

Option

- 28 -

DiskLock – Application oriented policiesYou can set policies per applications. Even if application name or file extensions are changed by employ-ees, the policies are applied. You can set policies to Central ECM drives also.

Local(C:) USB Disk(F:) CD/DVD(G:) Network Disk(H:) CentralECM(X:)

Application Oriented Policies

•Allow List•Allow Read•Reject Write•Reject Delete

•Allow List•Allow Read•Allow Write•Allow Delete

•Allow List•Reject Read•Reject Write•Reject Delete

Policy Item Policy Item Policy Item

•We do not care application name changes

•Allow List•Reject Read•Reject Write•Reject Delete

Policy Item

Option

•We do not care application name changes

- 29 -

DiskLock – Document Centralization ModelOnly central storage disk is available for important applications like MS Office, CAD, and Adobe, ... You can also prevent file attachment by web mail, messenger, FTP client, and mail clients.

Option

LocalDisk

OnlineTemp.Disk

C-ECMDisk

Doc.ExportFolder

C-ECMApplications

Local DiskApplications

Online Temp. DiskApplications

Document ExportApplications

(Can be disabled) (Can be disabled)

e.g) Outlook, … e.g) IE, MSN, Outlook, …e.g) Office, CAD, Adobe

Disk/Folder DescriptionOnline Temporary Disk It is a virtual drive which actually is a part of local disk. All files will be

encrypted.Document Export Folder Webmail and messenger programs may attach files from this folder

only. Team manager approved files for attachment will be saved here.

- 30 -

DiskLock – Data Leak Prevention ModelAll applications are grouped into 2~3 groups so that data leak is prevented. Each group can use it’s related disk only.

Option

Items DescriptionAdvantage No virus infection, No data leak by hacking. Documents are pro-

tected perfectly by Disklock policies.Disadvan-tage

An application can use only it’s related disk.

Notice MS Word and MS Powerpoint should belong to same group so that data leak by Copy&Paste is prevented.

LocalDisk

OnlineTemp.Disk

C-ECMDisk

Doc.ExportFolder

C-ECMApplications

Local DiskApplications

Online Temp. DiskApplications

Document ExportApplications

(Can be disabled) (Can be disabled)

e.g) Outlook, … e.g) IE, MSN, Outlook, …e.g) Office, CAD, Adobe

- 31 -

DiskLock - Document Export to DiskIf you need to take out for presentation or meeting, you can use the embedded document export workflows. Only approved documents can be exported to local disk.

Central ECM Server

Security Poli-cies

Basic Sales TeamOffline Network…Take Out

Employee

Document export Request1

Approver for each teams

Approve/Reject2

Only approved folders,filesCan be exported

3

Encrypted Save Locally4

Option

X:\DOC_EXPORT\

Exported documents are copied

- 32 -

Document export using email, messenger, boards, FTP, … is controlled based on DiskLock. If you use this function, only approved documents can be exported via email, messenger, boards, …

2

3

4

Online export5

Local Disk(C:)CD/DVD(F:)

USB(G:)Network(G:)

CentralECM(X:)

Document exports are rejected1

X X:\DOC_EXPORT\

DiskLock - Document Export to Application

Central ECM Server

Employee

Approver for each teams

Document export Request

Approve/Reject

Only approved folders,filesCan be exported

Exported documents are copied

Security Poli-cies

Basic Sales TeamOffline Network…Take Out

Option

- 33 -

DiskLock - Offline Temporary DiskIf network is disconnected abruptly, you still can go on your work using temporary drive in your local PC. If network gets back online, the local documents will be uploaded automatically.

Employee

Employee

X:\Share

Y:\Team

Z:\Personal

Sales TeamPolicy

Offline Network Policy

X:\Share

Y:\Team

Z:\Personal

Sales Team Pol-icy

Offline Net-work Policy

T:\Temporary

Network Disconnected

Policy load : including offline network policy1

: Offline Network Policy applied automatically

Automatic upload if network gets back4

2

Central ECM Server

Security Poli-cies

Basic Sales TeamOffline Network…Take Out

Encrypted Save LocallyOn T:\ drive

3

Option

- 34 -

Ways of applying a variety of document centralizationWe cooperate with virtual desktops of Citrix, VMWare and Microsoft to provide the best document man-agement environment. Also, we cooperate with PC security solutions to manage enterprise contents.

1

4

3

Recycled bin

2

File system driver connects remote storage as if it’s a local disk.

Virtual Machines

DLP Solution

PC VM PC Security

Network Booting

Terminal Server

Rules

Document Centralization (ECM)

: Personal: Team: Shared

- 35 -

Central ECM case for ‘O’ Corporation‘O’ is a company who already use EMC Documentum. Documentum has good functions like document cat-egorization and search. Nut, to encourages their employees to save their documents to the Central, they chose Central ECM.

NO DATA

Exported Notebook

Block Media

Local drive(C:)

Remote Drive(X:)

PowerPointWordExcelHangul……AutoCAD

Corporate PC Environment

Central ECM Server

EMC Documentum

- 36 -

Shared information uti-lization

Taking over process

The possibility of document leak

TCO

ExpectationsIf you deploy document centralization solution, we provide convenience and security to activate employees to use this system. In the aspect of TCO, you may eliminate team file servers to save management cost and centralized documents will become the valuable asset of your company.

Restricted to the reg-istered documents

No standard process

High because they are under personal control

Cost for each teams Not a company asset yet

Personal Computer Team file server

Registered documents Centralized documents

Occurs according to the standard process

Low because they are controlled centrally

Cost for only a central serviceValuable company asset

Centralized content management server

TO BEAS IS

Document saving location

- 37 -

Customers in Korea, Japan and ChinaNew concept solution, Central ECM’s customers are vary across manufacturing, construction, pharmaceuti-cals, services, finance, education, public, etc. Some customers are from Japanese and china.

Domestic

Oversea

A signal ofnew enterprise content management!

Value up byDocument

Centralization

www.net-id.co.kr

Sang Leol Yoo+82-10-6281-8016slyoo@net-id.co.kr