Industry executives and experts share their predictions for 2019.  Read them in this 11th annual VMblog.com series exclusive.

Contributed by Aaron Rangel, Director of Product Management, iManage

Top Predictions for how DMS will evolve in 2019 to detect malicious behavior

In 2019:

Document Management System (DMS) vendors will increase their investment in artificial Intelligence and machine learning technologies to detect malicious threat patterns.

• Leading cyber security providers have long used artificial intelligence (AI) and machine learning (ML) to surface a variety of threat patterns at the network perimeter. With increasing pressure to improve information security and to comply with data privacy regulations, leading DMS providers will increase their investment in AI and ML technologies to detect and arrest high-risk behavior at the source of where content is created and collaborated on. These investments will enable professional service firms to identify user behavior that deviates from individual and peer group norms in ways that surface established threat patterns. The types of attacks these technologies can detect include smash and grab attacks where departing employees opportunistically exfiltrate a firm's intellectual property, more advanced attacks involving insiders slowly and systematically accessing sensitive financial or other documents for nefarious purposes, and attacks by outsiders who have misappropriated an authorized user's account to conduct malicious activities.
  

New DMS capabilities will expose data access patterns that violate data privacy regulations like GDPR, HIPAA, FINRA and more.

• With a majority of a professional services firm's content created and collaborated on in DMS, it makes perfect sense for DMS vendors to proactively flag and mitigate data privacy violations at the source. Providing clear visibility to all document stakeholders regarding the existence of Personally Identifiable Information (PII) in documents and generating alerts when such data is inappropriately secured or shared will dramatically improve a firm's security posture by engendering the right culture when working with sensitive content.
  

DMS will add stronger Data Loss Prevention (DLP) capabilities

• The frequency and volumes of data compromised in cyber security attacks has made not only detecting but neutralizing such attacks quickly a top priority. To address this challenge, we predict that DMS vendors will look to integrate AI into policy definitions. AI will pay an important role in automating the classification of content into appropriate sensitivity categories. Policy definitions will enable fine-grained control over document management operations like export, mail, view etc. across users, device types and geographical locations. Leading DMS will deliver intervention frameworks that bring the end user, a manager and a risk and compliance professional together in real time to investigate and resolve potential malicious behavioral patterns.
  

However, delivering these DLP capabilities in a way that does not interfere with end user productivity will be a significant hurdle that vendors must cross to be successful.

##

About the Author

Aaron Rangel, Director Product Management

Aaron Rangel is responsible for the Threat Manager product within the iManage Govern product suite. Aaron has extensive experience in launching innovative products to the marketplace. Prior to iManage, Aaron held senior product management positions at SPSS, IBM and has extensive experience with both the document management and analytics space.