Ray Zambroski President & CEO Essential Security Software rayz@essentialsecurity

1. SBRM Is Here, and Why You Should Care (Even If You Work For A Fortune 100) April 25, 2006 Ray Zambroski President & CEO Essential Security Software rayz@essentialsecurity.com

2. Small Business Rights Management: (SBRM) Defined Content is constantly traversing perimeters - Security structures must focus on perimeters and content Security should be a subset of content/document management - Embed the security in the document or email Lets businesses dynamically control access and use of document and email content, both inside and outside the enterprise Prevent printing, forwarding cut/copy or screen capture, set expiration times/dates on email and files Works with popular file formats, including Microsoft Office documents and PDFs

3. BUSINESS SECURITY COMPROMISES2 Unauthorized Access to Employee Data Unauthorized Access to Corporate Data Network or System Penetration Unauthorized Internal Access to Sensitive Material Loss of Digital Assets Email Piracy Password Compromise Loss of Mobile Devices Unintended Forwarding of Email Virus Infection 1 2 Email: The Weak Link In 2005, unauthorized distribution of digital information cost the average company $355,552, a two-fold increase from the 2004 rate of $168,529.1 Businesses expressed the most concern about confidential memos (75.7%) and intellectual property (71.4%) leaving their organizations via email. More than 50% of those surveyed point out the need for control over sensitive financial information i.e. pricing lists, customer proposals, etc. Theft of proprietary information was the third most costly security breach after virus & denial of service attacks.

4. The Enterprise Ecosystem 1. Courtesy of Microsoft Corp, 2005

5. Courtesy of Top 10 ISP Director of Email Products, Jan. ‘06 • Anti-virus: 3 years • Firewalls: 2 years • Anti-spam: 18 months • Anti-spy: 3-6 months Expert Anecdote: Email-centric Security Software Adoption

6. SBRM Use Case Scenarios KEY REQUIREMENTS: Very, very, very easy to use High price to performance ratio Document and email content Embeds security information in the actual document or e-mail Persists over time, across multiple networks and applications Works in concert with existing IT initiatives, systems and applications Reunifies authentication protocols with the specific information assets they govern Permits secure migration & back-up of encrypted data BUSINESS CRITICAL DIGITAL ASSETS1 Personal Electronic Address Books Price Lists Engineering Drawings/Blueprints Customer Proposals Customer Invoice/Bills Email Attachments Contractual Documents AP / AR Private Corp. Email Messages HR Documents (Salaries) Customer Records Sensitive Financial Info. 1

7. Key SBRM Driver: Legal Service *ABA STANDING COMMITTEE ON ETHICS AND PROFESSIONAL RESPONSIBILITY Formal Opinion No. 99-413; March 10, 1999; “Protecting the Confidentiality of Unencrypted E-Mail”

8. Key SBRM Driver: Healthcare Compliance

9. Ray Zambroski President & CEO Essential Security Software rayz@essentialsecurity.com

10. One SBRM Method

11. SBRM Challenges: Behind the Scenes Multiple users and domains Must make assertions about themselves Various formats Various authorities for validation of those assertions Allowing rapid travel to various systems and domains Translation of rights Complex negotiations between systems and users