TM

An Overview of the Intralinks Platform Collaboration, purpose-built for the Enterprise intralinks.com © 2015 Intralinks, Inc. All Rights Reserved. To learn more about Intralinks® and its trademarks please visit intralinks.com/about-us

TM

Contents Introduction ....................................................................................................................................2 Collaboration Defined ..........................................................................................................3 The Enterprise Landscape ............................................................................................3 Four Pillars of Enterprise Collaboration ........................................................4 Enterprise Governance ...................................................................................................4 Sharing Process Control .................................................................................................4 Content Lifecycle Control ...............................................................................................5 Technology Infrastructure Security ..................................................................................5

Secure SaaS Platform Infrastructure ................................................................5 Multi-Layer Security Model .............................................................................................6 Customer Managed Keys ...............................................................................................7

Core Content Services ........................................................................................................7 Business Applications .........................................................................................................9 Intralinks VIA Pro ............................................................................................................9 Intralinks VIA Elite .........................................................................................................10

Platform Extensibility ........................................................................................................10 Summary...........................................................................................................................................11

1

TM

Introduction Information is always flowing. Information flows between people, it flows from system to system, and it flows from one organization to another. At certain times information flows at a manageable pace. At other times, it can seemingly rival the velocity and volume of some of the world’s largest and fastest rivers. Over the last six to seven years the world has just as quickly moved to a ‘mobile first’ mentality where employers and knowledge workers alike have the expectation that they can always access this flowing content from anywhere at any time. One could even make the argument that it is this continuous evolution of information technology that is, in part, driving the speed of business today. Whatever the cause, the reality is that business today demands this information flow and it demands this breakneck speed. Moreover, while it is the business that demands fast information exchange, it is that same business that simultaneously demands that its information remains safe and within its control at all times. The struggle to balance information security with agility and ease of access needed for knowledge workers to get work done is not new. For years the priority has tended to land on the side of security. Hundreds of millions of dollars have been spent by organizations around the world in an attempt to build walls to control and protect their most valuable information. However, with each new layer of protection that world-class IT teams put in place, end users silently resented the new controls, and what we now call ‘shadow IT’ – IT systems used inside organizations without explicit organizational approval, e.g., a group of people using consumer-grade file sharing tools – began to emerge. Technology advances in the consumer market made knowledge workers question why they could not have the same ‘easy-to-use’ tools that they had at home. Soon BYOD was joined by BYOC (Bring Your Own Cloud) and the enterprise was immediately at risk as corporate information began crossing its boundaries unchecked. The lesson to be learned from the last three to four years in the information management space is that no matter how many walls an organization may put up to protect data, information will leave the enterprise. In order for any business to thrive and succeed, information must leave the enterprise. The best course of action for any business today is to put in place the right tools to let information flow safely. Today’s enterprise needs an end-to-end collaboration strategy that complies with all rules of governance under which it must operate. Today’s enterprise needs a collaboration platform purpose-built for business. The Intralinks Platform provides the world’s leading enterprises with a secure SaaS platform supporting the collaboration needs of the business without compromising the security of the company’s most valuable content. Intralinks customers are able to realize a solution that gives them the speed and ease of use of the cloud and the security and confidence that traditionally has only come from on-premises applications. Intralinks is enterprise-ready collaboration.

2

TM

Collaboration Defined “To work jointly with others or together especially in an intellectual endeavor” is the definition of collaboration according to the Merriam Webster dictionary.

In business, collaboration can take many forms, but for the purpose of this paper our focus will be on content-centric collaboration – that is, collaboration pertaining to specific electronic information assets such as office documents, spreadsheets, and presentations. Content-centric collaboration typically takes two forms within the enterprise: 1. Ad-hoc Collaboration – This type of activity is fast and easy to get going. It’s commonly required by small workgroups and may have a fluid or dynamic starting point and a loosely defined end point. Common examples include proposal response and pitch deck creation. 2. Structured Collaboration – This is typically a high-value, repeatable process with well-defined start and end points. Given the high value of the content involved, the most stringent security and the ability to validate compliance with any and all rules of governance pertinent to the business are of the utmost importance. Common examples include mergers & acquisitions, vendor contract negotiations, and clinical trials.

Other types of collaboration often found inside the enterprise today are task centric or social in nature. The practice of project management is by its very nature collaborative and will often revolve around specific tasking, scheduling, and milestone management. Social collaboration is relatively new to the enterprise in the last couple of years and can be very effective in enabling general knowledge sharing and expertise locaters.

The Enterprise Landscape As noted at the outset of this paper, there continues to be a struggle between two forces within the enterprise: the need to share content freely for business collaboration and the security requirement to have complete control over how the content is accessed and shared. Companies must collaborate with customers, vendors, regulators, and partners and open up its network borders accordingly. The “consumerization” of IT has introduced inherent risk to the business as employees adopt devices and services outside of its control and governance. At the same time, businesses face a sea of existing, new, and changing regulatory pressures. No matter the geographic location of the business, the demand for rigorous reporting of compliance with specific regulations continues to rapidly increase. Eventually, whether sanctioned or not, enterprise information extends out into the cloud, often with gaps in security. Management can’t get any meaningful insight into the relative security of their content.

This causes fragmentation in governance: • No standardization for security or collaboration technologies or practices • Company now contains information islands • Invisible areas on the network, with unsecured devices and data

• Content can’t be shared safely externally • Blacklisted apps are holding key data • Lack of visibility across enterprise impacts decision making

Risk grows and can result in: • Regulatory violations

• No control over document access and deletion

• Leaked intellectual property

• Gaps in systems and processes

• Failed audits

• Data integrity is questionable and there is no single source of truth

• Ongoing enterprise vulnerability

3

TM

A breakdown in the system leads to fines, loss of customers, brand damage, and more. But managers must shave off time to market; they must support a constant flow of data; and it’s clear that to succeed and have a productive company, managers must provision and support an extended and mobile workforce. They must also acknowledge that merely blacklisting consumer FSS applications, without offering a suitable replacement, is inadequate. Intralinks believes that in today’s business climate there is no reason for these two important requirements to be mutually exclusive.

Four Pillars of Enterprise Collaboration Intralinks provides a single platform to meet all the collaboration needs of the enterprise. We have defined a four-pillar approach that includes Enterprise Governance, Sharing Process Control, Content Lifecycle Control, and Technology Infrastructure Security. In order for today’s enterprise to realize the benefits that come from fast, efficient collaboration while maintaining the data security vital to their livelihood it must embrace a solution that encompasses all four of these areas collectively. If pillars are viewed and addressed independently the organization opens itself to the risk of gaps in security and subsequent unsanctioned data leakage.

Enterprise Governance Enterprise Governance is defined as the internal rules and policies by which decisions are made and business is conducted. All companies have these rules and policies. In some instances the business chooses to loosely enforce their rules of governance; in others they are legally bound to comply with regulatory rules of governance or face severe financial penalties or sanctions. When it comes to enterprise collaboration, especially when involving parties external to the organization, it is vital that an enterprise defines its policies for when and how corporate content is shared. This governance must take a thorough approach that covers people, process, and technology. It is even more important that the technology platform selected to facilitate this controlled sharing supports the organization’s ability to validate compliance with all applicable rules of governance.

Sharing Process Control Sharing Process Control refers to rigidly defined user access rules, user provisioning and de-provisioning, etc. These include: • The prevention of the unauthorized printing, downloading, copying, or screen capture of sensitive information • Granular access controls, with rights granted at group, role, and individual levels to an Exchange (library), folder, and even to a single document • Control of file synchronization • Monitoring file sharing activity within the organization and with business partners • Provision new accounts easily and quickly • Full audit logs of all user activity • The ability to share files — and to revoke access with UNshare™

4

TM

Content Lifecycle Control Content Lifecycle Control is management of the processes of sharing content from the point that collaboration begins through the archiving of the information and its disposal after the need to share the content has ceased. It requires that: • The data are secure and available in redundant data centers with daily tape backups • There is access to detailed reports and dashboards for compliance and governance

Technology Infrastructure Security Technology Infrastructure Security means the comprehensive virtual and physical security of sites and hardware and systems. This approach comprises: • Multi-factor authentication with single sign-on (SSO) integration into the customer’s own authentication system (such as Active Directory) • Data protected at rest and in transit • Highly secured data centers supporting fault tolerance • 24/7 network monitoring, virus scanning, and state-of-the-art firewall protection • Physical data center security technology, including video surveillance, proximity card readers, and biometric scanners. • Rigorous third-party testing and frequent audits • SOC2 compliant; ISO 9000 via SunGard compliance • Background checks and confidentiality agreements to reduce the risk of personnel-related security breaches • A dedicated compliance team to ensure the staff operates within security and compliance guidelines

Secure SaaS Platform Infrastructure The Intralinks Platform is purpose-built upon a secure multi-tenant SaaS infrastructure to provide customers with a robust content collaboration platform focused on the business practice of external sharing of corporate content. When the enterprise needs to share information beyond the corporate firewall it needs a platform that provides key tools for complying with defined enterprise governance, enabling sharing process control, and managing the content during its corporately defined lifecycle.

5

TM

Intralinks was an established multi-tenant Software-as-a-Service (SaaS) provider even before the category was named, and our long experience continues to highlight the security and risk advantages of multi-tenant SaaS over siloed single-company deployments (whether on-premise or in the cloud) for protecting high-value business content. Multi-tenant SaaS places each enterprise and its users in the context of a broader community – allowing for more comprehensive sharing governance and expanding both the scope and value of compliance and reporting. For example, Intralinks’ multi-tenant SaaS model allows enterprise IT to have visibility into which shared workspaces enterprise employees are entitled to access – whether the shared workspace is directly managed by that enterprise or the employee has been invited into a third-party workspace. Likewise, compliance reporting on the Intralinks Platform can provide more comprehensive information on the external content sharing and communication activity of enterprise employees than a siloed enterprise-specific solution. Intralinks also enhances enterprise security, risk, and compliance goals by supporting a broad scope of content sharing and collaboration on a single technology platform, with a shared customer/user support model – from simple ‘me-to-me’ file syncing through complex ‘many-to-many’ document-intensive business processes. The shared content platform reduces enterprise IT complexity (and therefore risk) by standardizing identity and entitlements, governance, compliance/incident reporting, and integration to key enterprise systems (IAM, SIEM, DLP, etc.).

Multi-Layer Security Model Trusted by the world’s largest financial firms, life sciences companies, and other heavily regulated industries, Intralinks is a global leader in enterprise collaboration and document security. We are the multi-tenant SaaS-based collaboration platform providing unparalleled protection for the entire lifecycle of your most valuable content. Intralinks takes a comprehensive, multi-faceted approach to security. Several complex layers work together to create an all-encompassing barrier against potential risks and threats. Application Security • Strict, single-user ID and password protocol, two-factor authentication, and adaptive Multi-Factor Authentication (MFA) • Full encryption and protection of your data when in transit, and when at rest — for the entirety of its existence • Supports existing workflows, processes, and permissions with customizable allowances for access and control spanning all users • Prevents the saving and sharing of files outside of the platform through built-in Information Rights Management (IRM) document locking & protection and dynamic watermarking • Private cloud model ensures you know where your protected data is at all times

Infrastructure Security • 256-bit AES encryption strong enough to handle even the most adversarial attacks • Strategically separated, graphically remote data centers prevent data destruction under all catastrophic scenarios — and speed data recovery in the instance of a disaster through real-time replication, multiple connections, and alternative power supplies • All Intralinks personnel is rigorously screened and bound by strict confidentiality agreements

Process Security • Change control prevents the introduction of additional vulnerabilities during product releases • Business continuity planning maintains proactive disaster recovery with repeated failover-capabilities and data center recovery testing

6

TM

Certifications More than 170 Intralinks clients have performed audits and/or due diligence on our security operations and processes to verify that our operational controls, procedures, and technology meet their security standards. We also own seven U.S.-issued patents, with several more pending approval with the U.S. Patent and Trademark Office. Our current certifications: • SOC 2 Type II (formerly SAS 70 Type II) since 1999 • SSAE 16/SOC1 certified [US and UK data centers] • ISO 27000-1 certified [US data centers] • ISO 9001 certified [UK data centers] • ISAE 3402 certified [UK data centers] • Safe Harbor • 21 CFR Part 11 validated for electronic records • DoD 5220.22M compliant • SOX compliant

Customer Managed Keys Customer Managed Keys (CMK) is a unique, combined hardware/software solution that provides customers full and sole control over the ability to manage the encryption keys used to protect their data in the cloud. Intralinks’ CMK solution allows enterprises to maintain control of their hosted content without disrupting information-sharing with customers and partners – a ‘best of both worlds’ for security and regulation-sensitive customers. With Intralinks’ CMK solution customers are provisioned with dedicated encryption keys and a direct, secure, and dedicated connection to the Intralinks data center where they can manage their keys. Customers with their own encryption keys are able to maintain total control of their content, while avoiding difficult on-premises application deployments that create IT complexity and increase operational expense. The CMK solution consists of both hardware and software components distributed between the customer premises and the Intralinks data center. Customer Managed Keys are an important addition to the multi-layer key management system Intralinks has been using with customers for years. In addition to the auto-generated data keys that are used to encrypt files, Intralinks has added a new step in the process that includes the customer key. This new step continues to provide the compartmentalized risk where each data file gets its own unique data key, while still allowing for a customer key rotation process that precludes re-encrypting terabytes of data.

Core Content Services With the core infrastructure and its associated processes and security in place, the next layer of the Intralinks Platform is a collection of core content services which can be delivered to customers within the collaboration applications through which they get work done. These services provide the very features and functions that the business requires when sharing content. Items such as compliance reporting and analytics, workflow, version control, notifications, and document-level security are all provided for at this level of the platform. 7

TM

Information Rights Management The way we work, share, and collaborate has changed. We now work within the cloud, where traditional firewalls and VPNs no longer offer the best possible defense against vulnerabilities and external threats. The enterprise needs to maintain absolute control over its content, regardless of where it resides or travels. Today’s enterprise needs Information Rights Management (IRM). Intralinks Information Rights Management technology delivers document-level security rather than relying upon “walls” as the predominant protection against security breaches and leaks. Intralinks IRM by design™ gives users – and ultimately administrators – full control over a document for its entire lifecycle. End-to-end encryption of an individual document affords granular control in ways typical secure environments cannot – who may view it, who may download it, who may edit it, and for how long users may access the content. For example, even if a document was downloaded onto the mobile device of a terminated employee, access to that document may still be revoked. Intralinks IRM by design™ provides: • Plug-in free security - A seamless experience for content creators and collaborators • Lifetime protection - Control extends throughout the lifecycle of the document, whether at rest, in transit, or in-use – regardless of location or device • Ultra-precise document controls - Manage the protection of PDFs and Microsoft Office® files with explicit, individual permissions, such as view, edit, save, and print • Dynamic Policy Management - Rights and permissions may be updated and revoked even after a file has been downloaded

Content Management Intralinks provides more than a secure location for document storage when collaborating with parties outside of the immediate organization. The Intralinks Platform is exclusively designed for full content management during the sharing lifecycle, enabling full control over content creation, indexing, and publication. Version control, file and folder level permissions for users and groups, audit trails, and secure viewing features are all provided by the platform. Define metadata at both the document and folder level to tag content for increased search capabilities. Powerful full text and metadata searches can be executed within specific document exchanges or across the entire enterprise. You can just as easily locate teams or individual collaborators. Document lifecycle management also enables full control and customization over notification and alerts, ensuring appropriate stakeholders are identified and notified of document arrivals, changes, and tasks. Document Workflow Manage business processes through customizable workflows permitting complete control over document distribution, requests, submissions, approvals, and review. Rules-based processes offer enhanced flexibility when configuring workflows; create process rules based on a variety of configurable criteria, including custom fields assigned to documents and groups. You can also define workflow execution, file types, permissions, and additional actions; and trigger alerts and notifications to ensure even smoother collaboration.

8

TM

Compliance Reporting Today’s global enterprises require a collaboration platform with diverse reporting capabilities designed for industries where compliance is key. Intralinks provides comprehensive electronic communications reports, including full tracking on all access and changes to controlled documents and security & compliance event reporting, and may be easily integrated with enterprise GRC systems.

Business Applications The Intralinks Platform provides several packaged content-centric business applications for knowledge workers to immediately adopt. Pulling forth and presenting the most valuable information services from the platform, applications such as Intralinks VIA Pro and Intralinks VIA Elite are ready to make enterprise collaboration as easy and seamless as expected. At the same time, these business applications have the security of the platform at their core and facilitate solutions that support all Four Pillars of Enterprise Collaboration.

Intralinks VIA Pro Intralinks VIA Pro has been developed to support today’s collaborative work environment. Today, we work differently than we ever have before, on multiple devices and in multiple places. Work happens everywhere – both inside and outside of the firewall. Our organizations have changed as well. Strategic partners, agencies, regulators, auditors, and consultants are but a few of the outside organizations frequently working with critical content. Intralinks VIA Pro seamlessly integrates with the individual’s day-to-day business life. Ease of use across mobile devices and desktop applications enables people to work anytime, anywhere. Intralinks VIA Pro enables all of this on Intralinks proven secure platform. Workspaces Workspaces create an environment for content to be shared with teams both inside and outside of your organization. Individual files of up to 10GB are supported, helping to reduce the reliance on email and FTP. In addition, each time a file is updated, a new version is created in the Workspace so users can track the progression of content and access old versions when needed. File Sync For provisioned Intralinks VIA Pro users, there is an option to sync all of the files and folders in a Workspace to their desktop. File sync can be enabled through either the web interface or directly from the Windows or Mac desktop application. Once sync is enabled, all of the content in the selected Workspace is copied to the user’s computer for access online and offline. When the user is connected to the internet, all files update to the Workspace upon close, creating an updated version which replaces the older version in the cloud. In addition, any content updated while the user is offline is synced from the desktop/device back to the cloud. Sharing With Intralinks VIA Pro, you have multiple options to invite people to get work done. Sharing can be accomplished from the web, from your desktop, from your mobile device, and directly from Microsoft Outlook. The application allows Workspace owners the flexibility to select the role for each user invited to the Workspace or folder. 9

TM

Intralinks VIA Elite Intralinks VIA Elite is designed for organizations seeking to share structured content repositories and execute document-centric workflows among large teams. Organized in Intralinks Exchanges, Intralinks VIA Elite provides content managers the ability to create highly structured document hierarchies and enable very granular access rights from the Exchange, folder, and file level. For organizations seeking to externalize their enterprise content management system, or create a secure repository for sharing content across large organizations, Intralinks VIA Elite provides a robust set of features to ensure lifetime content control. Exchanges An Intralinks Exchange is the core sharing construct of Intralinks VIA Elite. Exchanges enable organizations to set up and manage structured content repositories to allow employees to securely distribute sensitive documents to wider audiences both inside and outside of the organization. Intralinks Exchanges provide a mechanism to manage document-centric processes through granular permissions for both users and documents; the ability to tag, search, and sort through content quickly; and configure workflow. Sharing Every person invited into an Intralinks Exchange in Intralinks VIA Elite is assigned a role, or set of rights and responsibilities for that particular Exchange. If you have been invited to multiple Exchanges, you may have a different role in each Exchange. There are three basic Exchange roles within Intralinks: • Reviewer – Reviewers can consume and read content • Publisher – Publishers can read content and add content to the Exchange • Manager + – Managers are responsible for setting up and maintaining the Exchange; they can publish and read content, and determine who has access to the Exchange

In addition to the individual user roles within the Exchanges, Managers of the content can assign file-level controls that determine what individual users may do with the content. With Intralinks IRM by design™, files can be managed in terms of viewing, downloading, and printing. Desktop Intralinks VIA Elite desktop applications enable users to work with up to ten exchanges with virtual desktop access. Users with Intralinks Desktop applications installed can easily create file hierarchies, access content, and upload new or modified content.

Platform Extensibility Organizations can optimize their enterprise collaboration experience when they do more with Intralinks. Intralinks’ product extensions, integration adapters, and application programming interfaces (APIs) link critical systems to help drive secure collaboration – all while working seamlessly within the business applications you use every day. Mobile Intralinks secure mobile solutions allow users to maintain productivity regardless of location. Even while on the go, users can have instant access to information and collaborate. Sharing beyond the firewall with partners, vendors, and other third parties requires the utmost security and control. 10

TM

Intralinks APIs Manage and control content, users, sessions, and system administration with a comprehensive API map. Developed on Representational State Transfer (REST) architecture, Intralinks APIs are web-services ready and available to developers to create Intralinks-based solutions. Intralinks external API’s allow you to create applications for the posting and extraction of information to and from Intralinks Exchanges. Back-end applications, such as document management and accounting systems, may drive greater productivity and collaboration when integrated to exchange information with Intralinks. Intralinks Integration Adapter Quickly build a strong yet open and flexible technology infrastructure using our portfolio of adapters and pre-packaged functionality. Intralinks adapters enable communications between Intralinks and external systems with client-side .NET application and XMLbased file messaging. Build and deploy automated integration with your current architecture, such as existing databases or content management systems, and extend your ability to control or share documents, folders, users, groups, permissions, alerts, and reports. Intralinks Connectors Integrate Intralinks with out-of-the-box connectors to several external systems, including Microsoft SharePoint® and Salesforce.com, without any additional hardware or software. Enhance your existing Intralinks Platform with packaged services for file transfer, permission management, reporting, and workflow.

Summary The Intralinks Platform brings secure enterprise collaboration to millions of customers around the world every day. Through 17 years of experience in the collaboration space we have built considerable subject matter expertise in industry-specific collaborative activity as well. Some examples include:

Intralinks Dealspace Intralinks pioneered the use of the Virtual Data Room (VDR) to accelerate M&A due diligence, reducing deal timelines and helping sellers to maximize value. Intralinks provides a secure online environment where deal professionals can manage the entire lifecycle of a transaction, from deal team collaboration through the due diligence phase, to deal closing. We also offer a preferred platform program that allows firms to standardize on a turnkey, fully branded solution that reflects your firm’s image. Our approach allows you to save time and money by streamlining your deal process, speeding the launch of your deal rooms and providing valuable business intelligence.

Intralinks Debtspace Intralinks Debtspace for deal management has revolutionized deal execution for CRM, pipeline tracking, book building, and reporting. Since 1997, we’ve been the preferred VDR for loan syndication. Intralinks provides solutions to the debt capital markets for the secure exchange of highly confidential information related to loan syndications. 11

TM

Intralinks Fundspace In the alternative investment community, Intralinks is used to streamline fundraising, investor reporting, and overall communication between general partners and limited partners for private equity firms, venture capital firms, and hedge funds. More than 250 alternative investments clients have realized the benefits of using Intralinks as part of the regular workflow in their firms.

Intralinks Studyspace Through collaboration and the exchange of critical documents within the Intralinks Studyspace clinical trial portal, hypotheses are transformed into medical advancements. Streamline site feasibility by getting sites on-boarded and assessed quicker when you efficiently track and manage site feasibility surveys in a single, centralized location. Reduce study start-up time by automating the distribution and collection of regulatory documents and crucial contracts, and tracking their progress. Manage clinical trial documents with dashboards and reporting tools that provide up-todate progress tracking and workflow transparency.

United States & Canada + 1 866 473 7194 Latin America + 55 11 4949 7700 Europe, Middle East & Africa + 44(0) 20 7549 5200

intralinks.com

© 2015 Intralinks, Inc. All Rights Reserved. To learn more about Intralinks® and its trademarks please visit intralinks.com/about-us

12