CYA Tightens Collaboration Controls

By Michael Caton  |  Posted 2003-08-25

CYA Tightens Collaboration Controls

Secure Collaboration Platform 1.1

CYAs Secure Collaboration Platform excels at managing control over information that needs to be shared among multiple parties. As a collaboration platform, it does not offer the kinds of resource and information management capabilities found in competitors. In addition, companies will need to make a commitment to supporting a dedicated client, rather than just a Web browser.

  • PRO: Excellent rights management features; easy-to-use interface; good security features, including authentication and encryption.
  • CON: Document viewer doesnt always render all information; requires running dedicated client; lacks workflow and discussion capabilities found in shared work space collaboration applications.

    Documentums eRoom OpenText Livelink for Collaboration
    Most collaborative software falls short in providing granular access rights for information shared across the system. CYA Technologies Inc.s Secure Collaboration Platform 1.1 fills that gap admirably.

    Priced between $165 and $450 per concurrent user based on volume and shipping since last month, Secure Collaboration Platform gives companies very granular control over which users can access what data and, once accessed, what users can do with that data.

    Although this product is more about access rights management than collaboration on the level of, say, Documentum Inc.s eRoom (see eWEEK Labs review of eRoom Version 7.0), Secure Collaboration Platforms collaboration limitations shouldnt be a small consideration during an in-house evaluation. Secure Collaboration Platform will best fit situations where sensitive data must be shared but the need to retain complete control of the data is paramount, such as with shared product research and development or contract negotiations.

    During tests, we found Secure Collaboration Platforms interface intuitive, and the product was quick to pick up. However, there is no avoiding an investment in security training because a good understanding of the fundamentals of security goes hand in hand with using the product.

    As with many other collaborative work space solutions, we could use Secure Collaboration Platform to create folders for holding shared documents. Secure Collaboration Platform differs from most collaborative applications, however, in that the documents then become the focus of collaboration. The product does not support threaded discussions; rather, users comment on documents using notes.

    And unlike many collaboration systems, Secure Collaboration Platform does not include a customizable database application for creating, say, a CRM (customer relationship management) tool. However, it will be able to connect to other database applications, including CRM and enterprise resource planning systems, using individual connectors due to ship later this year.

    These connectors will make the application particularly powerful in the enterprise because they will give companies a way to more tightly control access to particularly sensitive information, such as payroll data within a human resources management application.

    Next page: CYAs Security Focus.

    Security Focus

    Security Focus

    Secure Collaboration Platforms stringent focus on security necessitates a considerably different approach than that used with Web-based collaborative applications such as eRoom.

    Rather than access folders from a Web browser, Secure Collaboration Platform uses a dedicated client, CYA Passport. On the server side, CYA UniVault Secure Collaboration Server runs on a Java-based application server, either Apache Software Foundations Tomcat or BEA Systems Inc.s WebLogic. User authentication occurs against either an LDAP directory or CYA UniVault server, and data resides in either an Oracle Corp. Oracle or Microsoft Corp. SQL Server database.

    The Passport client not only provides the tools for collaborating on documents but also acts as the management platform for setting system defaults, assigning access rights, and creating and managing groups. Depending on the role assigned to a given user, the client exposes a number of additional tabs for accessing role-specific tasks.

    While this approach goes much further in ensuring that users have the proper credentials to access information, the dedicated client is potentially cumbersome and problematic to deploy, particularly when dealing with sharing access to data with those outside the organization. Users likely wont be able to access Secure Collaboration Platform from kiosk systems, for example, because downloading and installing a client just isnt practical in those situations.

    By default, Secure Collaboration Platform includes four predefined user groups: secure viewer, administrator, auditor and security officer. These groups have different roles based on rights available across three authority types for managing content, users and groups, and system functions. We could also create and manage our own groups based on the kinds of authority we chose to grant.

    We particularly liked the products auditing capabilities, which enabled viewing granular information about who accessed what data and when. The amount of information provided will be invaluable to any company sharing information with business partners to ensure that information is being accessed appropriately.

    The rights we chose to grant users could vary considerably, depending on the way we wanted to share information. Individual rights to manipulate content are defined by what the company calls visas, including the ability to print, copy, annotate and save information.

    The most interesting visa manages content expiration; this visa allowed us to determine for how long a document could be accessed based on number of days, a specific date or number of times viewed.

    The product also affords a great degree of control over printing: For example, we could force a watermark or restrict printing to certain pages within a document.

    We would have liked to see more flexibility in annotations, however, so that some annotations could be designated as private to a group, such as a team working on one side of contract negotiations.

    We saw another practical limitation of the product once we began uploading and sharing content—namely, the products ability to handle complex documents.

    Uploading and sharing content is simple, but the client renders shared documents using Stellent Inc.s Outside In. Although Outside In generally does a good job of rendering content from a wide variety of sources, special features and formatting are not visible to the user with more complex documents. For example, we couldnt view pick lists embedded within a Microsoft Corp. Excel spreadsheet and comments previously embedded in a Microsoft Word document. In our tests, some Adobe Systems Inc.s Acrobat PDF documents also did not render properly. (The company is exploring ways to embed application-specific viewers to help rectify this problem.)

    In addition, Passport does not embed comments within the document, just within the margin.

    Technical Analyst Michael Caton is available at michael_

    Rocket Fuel