IT leaders are stuck between a rock and a hard place. They need to give employees the right technology to make them more productive, but at the same time they must follow corporate mandates to cut costs. How do you do both at once?
This paradox has become one of the defining challenges for today’s IT leaders. The old playbook of throwing more resources at productivity problems doesn’t work anymore. Today’s CIOs need to find innovative ways to unleash human potential while optimizing investments.
AI to the rescue
AI isn’t just about automation—it’s about intelligently amplifying human work. AI for business tools can reduce the time employees spend on routine tasks while improving the quality of their output.
Watch this video to see more examples of AI productivity in action.
Watch these demos to see AI productivity in action
Adopting AI can help unify fragmented data and cut decision-making times. Breaking down data silos through data unification not only trims inefficiencies but also saves significantly on storage costs.
Scale smart in the cloud
Cloud plays a role here, too. Moving to the cloud means shifting from capex to opex models so costs can be aligned more closely with actual business needs. During busy periods, resources scale up automatically. During downturns, costs scale down proportionally. What’s more, moving to the cloud can simplify operations and consolidate applications for better efficiency and security while kicking workflows into high gear.
Not there yet? Take our short cloud migration readiness questionnaire to see what your next steps should be.
Cloud migration readiness questionnaire
Evaluate your current readiness and identify next steps for your cloud transformation
The CIO’s paradox isn’t insurmountable—it’s an opportunity to demonstrate strategic value using the right technology that drives both efficiency and effectiveness. Learn more about how OpenText and better information management can help you meet your goals.
Read other blogs in the What’s keeping CIOs up at night? series:
The Food Safety Modernization Act (FSMA) represents a significant shift in how food safety is managed in the United States. One of its key sections, FSMA Section 204, focuses on enhancing food traceability to address foodborne illness outbreaks more effectively. The compliance rules defined in FSMA 204—which were initially set to enter into force in January 2026—will apply from July 2028, placing new requirements on organizations that handle specific food items.
What is FSMA Section 204?
FSMA Section 204, also known as the FDA final rule on Requirements for Additional Traceability Records for Certain Foods, mandates capturing and reporting key data elements (KDEs) for specific foods. The regulation is designed to enable the FDA to identify and remove potentially contaminated food items from the market swiftly, thereby reducing the health risks associated with foodborne illnesses.
Key requirements for organizations involved in the food supply chain
The FSMA Section 204 regulation identifies seven Critical Tracking Events (CTEs) in the food supply chain. Organizations involved in these CTEs must maintain a traceability plan, capture related KDEs for each event, and enable data reporting to the FDA within 24 hours upon request. The CTEs include:
Harvesting
Cooling
Initial packing
First land-based receiver
Shipping
Receiving
Transformation
For each CTE, organizations must capture specific KDEs, which vary depending on the event but often include information such as the location, date, and time of the event, the quantity and type of food involved, and the Traceability Lot Codes (TLCs) assigned to the food products.
Foods in scope of the regulation
To focus the regulatory efforts on foods that present the highest public health risks, the FDA maintains a Food Traceability List (FTL) that governs which foods are in scope for the FSMA 204 regulation. This list includes various high-risk foods such as:
Fresh leafy greens
Fresh-cut fruits and vegetables
Soft cheeses
Shell eggs
Nut butters
Certain seafood items
Foods that contain listed foods as ingredients are also subject to the additional recordkeeping requirements, provided the listed food remains in the same form (e.g., fresh) in which it appears on the list.
While the regulation covers a broad range of foods, it provides several exemptions that are listed in § 1.1305 of the final rule.
Steps to prepare for FSMA Section 204 compliance
While the compliance deadline was pushed out to July 2028, it is crucial to work on deployment plans already now. The extended deadline provides ample time for companies to understand the requirements and implement the necessary systems to ensure compliance. However, delays can lead to rushed implementations, increased costs, and potential non-compliance penalties.
Key steps that organizations should take as they prepare for FSMA Section 204 compliance include:
Understand the requirements: Organizations must familiarize themselves with the FSMA Section 204 regulation, including the specific KDEs and CTEs they need to track.
Develop a traceability plan: A comprehensive traceability plan should outline how the organization will capture, store, and report KDEs for each CTE.
Implement technology solutions: Leveraging technology solutions that automate the capture and reporting of KDEs can streamline compliance efforts and improve overall supply chain performance.
Train staff: Ensuring that all relevant staff members are trained on the new requirements and the organization’s traceability plan is essential for successful implementation.
Collaborate with supply chain partners: Effective compliance requires collaboration across the supply chain. Organizations should work closely with their suppliers and customers to ensure seamless data exchange and traceability.
Benefits of enhanced food traceability
Complying with FSMA Section 204 offers several benefits beyond regulatory adherence. Implementing the required improvements in food traceability enable, for example:
Enhanced food safety: Rapid identification and removal of contaminated products reduce the risk of foodborne illnesses.
Efficient recalls: Targeted, precise recalls minimize the associated costs and impact on business operations.
Consumer trust: Transparency in the food supply chain enhances consumer trust and brand loyalty.
Partnering with OpenText to ensure FSMA Section 204 compliance
To efficiently meet the compliance requirements for FSMA Section 204, organizations should look to automatically capture the KDEs on all CTEs they participate in. OpenText Business Network offers a highly configurable solution for companies in the food supply chain to automate FSMA compliance while improving their overall supply chain performance.
By leveraging OpenText’s deep expertise and advanced technology portfolio, businesses can ensure seamless data exchange with supply chain partners and meet the FDA digital reporting requirements.
Fax remains an essential part of healthcare communications, owing to its security, traceability and HIPAA-compliance. Seven in U.S. 10 hospitals still rely on fax to exchange health information, according to the Office of the National Coordinator (ONC) for Healthcare Information Technology.
Fax has evolved dramatically, from outdated analog systems with paper and physical machines to modern cloud-based solutions. Despite all the technological advancements and adoption of electronic healthcare records, many healthcare organizations are still relying on aging fax systems with complex on-premises infrastructure which leads to inefficiencies, security risks and limited interoperability. Here are five signs that your organization’s fax solution needs modernization:
1. High failure rates
Does your fax system performance leave something to be desired? High fax failure rates in healthcare can delay the transmission of critical information like referrals, lab results, and treatment plans, leading to postponed diagnoses, disrupted care coordination, and ultimately poorer patient outcomes. At the same time, these failures create costly inefficiencies for providers, as staff must spend valuable time troubleshooting, resending, and verifying faxes, which increases labor costs and reduces productivity. Delays can also impact billing cycles, slow down reimbursements, and damage patient satisfaction hurting both clinical performance and the organization’s financial health.
2. Security vulnerabilities, compliance risks
Aging fax systems pose significant security and compliance risks because they rely heavily on manual processes, making them prone to human errors like misdirected faxes and unattended documents, key contributors to many data breaches. These systems typically lack modern safeguards such as encryption, access controls, and audit trails, leaving sensitive patient data vulnerable to interception or unauthorized access. As a result, any breach intentional or accidental can lead to serious regulatory consequences and financial losses, contributing to the rising average cost of data breaches in healthcare. Research shows that over 85% of all data breaches involved a human element. The average cost of a data breach jumped to $4.88 million in 2024, according to analysis of data compiled by the Ponemon Institute. That’s up 10% from the year prior.
3. Hidden costs of legacy systems
Healthcare organizations often drain valuable IT resources maintaining aging, on-premises fax and telephony systems, or rely on third-party providers with unreliable networks. These outdated technologies not only demand constant upkeep but also cause frequent transmission errors and communication breakdowns. As a result, front-line staff are burdened with correcting issues instead of focusing on patient care, leading to operational inefficiencies, delayed treatment, and ultimately a diminished patient experience.
4. Integration challenges with modern EHR systems
Interoperability continues to be a challenge in U.S. healthcare settings with hundreds of different electronic health record (EHR) systems in use at different hospitals and clinics, often tailored to specific needs. With nearly 90% of U.S. based physicians using an EHR, ensuring related systems are integrated is essential. Integrating digital fax systems with modern EHRs ensures seamless and timely care coordination.
5. Information bottlenecks and the impact on clinical staff and patient experience
Legacy fax systems often create delays as faxes wait in queues for manual processing. Removing these bottlenecks with integrated AI enabled capture solutions can help speed workflows while reducing processing delays and human error.
Digital fax success stories in healthcare
Fax reliability and care coordination are directly connected. The University of Kansas Health System was dealing with a rise in fax transmission errors while local telcos reduced support for analog fax solutions. Employees spent significant amounts of time resending faxes and 90% of IT time was spent troubleshooting fax issues. By working with OpenText, they were able to implement a hybrid, HIPAA compliant digital fax solution that boosted fax transmission success to nearly 100%.
The Baptist Hospitals of Southeast Texas reduced the risk of delays to front-line patient services by improving the availability of fax services. The healthcare provider also avoided rising costs for fax lines as telcos phase out analog services. They boosted clinical efficiency by 20% while unlocking $200,000 in annual cost savings with a HIPAA-compliant fax solution from OpenText.
Building a business case for digital fax
1. Start with why: connect to patient care
When building your case, anchor the conversation in patient outcomes and clinician efficiency. Analog fax systems often lead to delays, missed referrals, and security gaps—none of which are acceptable in a patient-centered environment.
Tip: Use real stories. Did a critical patient referral get delayed because a fax line was busy? Share that. It brings urgency to the conversation.
2. Quantify the hidden costs of analog fax
It’s easy to overlook how expensive traditional faxing really is. Tally up the costs of:
Analog phone lines – monthly charges for each line used exclusively for faxing.
Third-party telephony services– fees paid to external vendors that may lack reliability or SLAs.
Hardware maintenance – costs for servicing or replacing fax machines, plus depreciation over time.
Consumables – paper, toner, and fax machine maintenance.
Staff labor costs – time spent manually sending, receiving, filing, and routing faxes.
Error correction and rework – time and resources spent on resolving failed transmissions or mis-faxes.
Transmission failures and downtime – impact of fax delays on clinical workflows, patient care, and revenue cycles.
Storage and archiving costs – physical space or systems needed to store paper records or scanned documents.
Opportunity costs – value of time and resources that could be re-directed to higher value patient care or innovation if fax related burdens were reduced.
Tip: Benchmark your current costs against digital fax solutions.
3. Highlight the compliance and security risks
Healthcare is one of the most regulated industries—and analog faxing creates gaps:
No audit trails for those who sent or received a fax
Risk of PHI left in trays or misdialed numbers
Lack of access controls
Digital fax offers encryption, audit logs, and user-level access management that help you stay on the right side of HIPAA, HITECH, and other regulations.
Tip: Talk to your compliance team early. Their support can strengthen your case dramatically.
4. Align with strategic goals
Most healthcare organizations have digital transformation initiatives underway. Show how digital fax aligns with broader goals:
Supporting remote and hybrid work
Reducing paper-based processes
Improving interoperability with EHRs and other systems
Tip: Reframe digital fax as an enabler of strategic priorities, not just a utility replacement.
5. Propose a phased approach
Large IT projects can feel daunting. Ease leadership concerns by recommending a phased rollout:
Start with a pilot in a department with high fax volume (e.g., referrals, radiology, or medical records)
Measure success, then expand
Tip: Choose a modern, cloud-native fax solution that eliminates the need for legacy infrastructure and supports rapid scalability across departments without the complexity of maintaining analog systems.
6. Estimate ROI and payback period
Executives want numbers. Estimate how long it will take to recoup the investment based on reduced costs and improved productivity. Most healthcare organizations see ROI within 6–12 months.
Tip: Include both hard savings (e.g., eliminated phone lines) and soft savings (e.g., time saved per fax, reduced risk of fines).
Digital transformation in healthcare isn’t just about big-ticket technologies. Sometimes, the biggest gains come from modernizing the tools we rely on every day. Fax is still essential—but it doesn’t have to be analog or on-premises. Build your case thoughtfully, and you’ll not only win leadership support—you’ll give your teams a faster, safer, and smarter way to connect with HIPAA-compliant fax.
Speak to an expert about HIPAA compliant fax solutions
Have questions about OpenText fax solution? Want a demo? Enter your information and a representative will be in touch shortly to discuss how to boost patient engagement with seamless data workflows.
Customers trust OpenText™ Documentum™ Content Management (CM) to help them ensure their high volume, critical business content is secure, organized, preserved and easily accessible while adhering to privacy and security protocols. Documentum users are also extending the value of their content to the cloud, simplifying access for content creation and collaboration, driving productivity improvements with easy-to-understand and personalized user experiences, all while applying Documentum’s robust governance at every stage of the content lifecycle.
310% ROI achieved in just three years!
Download the Forrester Total Economic Impact™ of OpenText Content Services Private Cloud Platforms study and discover cost savings and business benefits for your modernization strategy.
June 2025: What’s new in OpenText Documentum CE 25.2
The release of OpenText™ Documentum™ Content Management (CM) CE 25.2 is a game-changer, introducing a robust set of features to elevate productivity, strengthen security, and simplify workflows. This update focuses on five critical areas: enhanced user experience, modernization and migration, powerful business application integrations, improved governance, and AI-driven workflow insights. Let’s explore how these updates can transform your content ecosystem.
A next-gen user experience that boosts efficiency
CE 25.2 redefines user interaction with a sleek, intuitive interface designed for ease of use. The new rich text editor simplifies content creation, while features like the recycle bin prevent accidental data loss. Workflow visual indicators provide instant clarity on document status, and enhanced viewing capabilities support multiple rendition formats, ensuring seamless access to content. These updates cut down on training time and empower users to work more efficiently, making daily tasks feel effortless.
New custom conditional icons and formatting in various grid displays.
Modernization and migration made seamless
Upgrading to CE 25.2 is now a breeze, thanks to smarter migration tools. Search migration efficiencies slash downtime, and optimized HELM charts reduce manual errors during deployment. With certification for Java 21 and Microsoft Azure HSM encryption, the platform ensures secure operations and compliance, especially for regulated industries. These enhancements make transitions smoother, letting organizations modernize without the usual headaches.
Powerful integrations for enhanced collaboration
Collaboration gets a major boost with CE 25.2’s seamless integrations. The improved Microsoft® 365 Teams integration enables co-authoring of OpenText Documentum CM content directly within Teams, fostering real-time teamwork. Additionally, CMIS API extensions allow effortless connectivity with systems like SAP® S/4HANA, creating a unified content ecosystem. These integrations break down silos, ensuring your teams can work together efficiently across platforms.
Stronger governance to safeguard your data
Security and compliance remain top priorities in CE 25.2. Integration with Microsoft Purview, introduced last release, now supports sensitivity labels with user-defined permissions, and protected mail search, giving you tighter control over sensitive data. These governance features help organizations meet stringent regulatory requirements while protecting critical information, ensuring peace of mind in an increasingly complex digital landscape. Available only with containerized OpenText Documentum CM deployments.
AI-driven workflow insights for smarter decisions
The introduction of AI-driven workflow insights sets CE 25.2 apart. With OpenText Content Aviator, users gain access to intelligent summaries and risk flagging at every workflow stage, enabling faster, data-driven decisions. AI-drafted reports further streamline processes by reducing manual effort, allowing teams to focus on high-value tasks. This intelligent automation enhances productivity and positions organizations to stay ahead of the curve.
Supercharge workflows with generative AI.
Conclusion: A smarter, more efficient content ecosystem
OpenText Documentum Content Management CE 25.2 isn’t just an update—it’s a transformative leap forward. By prioritizing user experience, seamless modernization, robust integrations, stringent governance, and AI-powered insights, this release equips organizations to manage content more effectively, securely, and intelligently. Whether you’re looking to boost collaboration, ensure compliance, or leverage AI for smarter workflows, CE 25.2 delivers the tools you need to thrive in today’s fast-paced digital world. Ready to streamline your content ecosystem? This is the upgrade you’ve been waiting for.
December 2024: What’s new in OpenText Documentum CE 24.4
OpenText Documentum Content Management (CM) CE 24.4 introduces significant enhancements designed to extend the value of your current system by delivering the right functionality to the right users at just the right moment. The main improvements in this release are listed below:
Delight users with instant access to content using biometric authentication
It does not matter if your users favor an Android or Apple smartphone, they are used to having access instant access using biometrics. Why should it be any different when they need to access content on-the-go? Now users can enable login via biometrics using the OpenText Documentum CM Mobile app settings. Biometric authentication provides the following benefits:
Enhanced security – Biometric authentication uses unique traits (e.g., fingerprints, facial recognition, voice) to enhance security over traditional passwords.
Convenience – Users no longer need to remember or manage complex passwords, as biometric methods allow quick and effortless access with a simple scan or gesture.
Personalized experience – Ties access directly to an individual, ensuring a seamless and tailored user experience without the need for additional verification steps.
Versatility across devices – Support for Apple smartphones and Android smartphones offers a consistent and familiar method across multiple platforms.
Sign in using biometric authentication.
Give users an intelligent assistant right at their fingertips
OpenText Content Aviator can now be used to expand the value of your business content and lighten your users’ daily workload in the cloud and off-cloud. Gone are the days of manually summarizing content, creating detailed bullet lists, tabulating lists, identifying risks or creating draft plans based on content stored in various folders. The intelligent assistant puts chat-based conversational search right at your employees’ fingertips. With the added ability to run OpenText Documentum CM with OpenText Content Aviator off-cloud, organizations can realize the following benefits:
Data privacy and security – Keeping GenAI operations on-premises/off-cloud ensures sensitive data remains completely within the organization’s control.
Offline functionality – On-premises AI systems can operate without internet connectivity, ensuring uninterrupted access in environments with unreliable networks, such as remote facilities or during outages.
Compliance with industry standards – For industries like finance, healthcare, or government, where regulatory requirements mandate data residency or restrict third-party access, on-premises AI ensures adherence to these rules.
Seamless, consistent protection across both Microsoft® and OpenText Documentum CM environments
The new integration with Microsoft Purview Sensitivity Labels provides an extra layer of information governance, compliance, and security while maintaining seamless collaboration. This will help organizations:
Streamline document classification – Ensure documents stored in the repository are classified based on organizational policies. This can be completed manually by users or automatically based on metadata, content, or predefined rules.
Safeguard sensitive content – Protect sensitive content even when downloaded or shared outside OpenText Documentum CM.
Comprehensive document tracking with Microsoft Purview – Provide detailed tracking of how documents are accessed, modified, or shared within and outside OpenText Documentum CM using Microsoft Purview’s audit capabilities.
Secure collaboration with Microsoft Teams, SharePoint and OneDrive – Enable secure integration with Microsoft Teams, SharePoint, and OneDrive, allowing users to access and collaborate on OpenText Documentum CM-stored files while maintaining security controls.
Unified security with Purview Sensitivity Labels – Extend Purview Sensitivity Labels to ensure consistent classification and security policies across all repositories using OpenText Documentum CM in a hybrid environment (on-premises + cloud).
Add extra protection using Microsoft Purview Information Protection.
Personalized efficiency for effortless content access
The new OpenText Documentum Smart View features help organizations tailor content effortlessly by providing a more personalized user experience, improved workflow efficiency, and streamlined document management. The following are some of the new features in this release:
Various menu improvements (Versions, Renditions, Location, Workflow, and Relations)
Enhances user experience with more intuitive navigation.
Increases efficiency by reducing time spent searching for options.
Improves accessibility to key document-related actions.
View workflows on a per document basis
Provides better visibility into document-specific workflows.
Enables faster decision-making with clear workflow tracking.
Reduces errors by ensuring the correct workflow is followed.
Improvements to iURLs for direct file viewing
Provides updates to relationship management when creating or importing documents.
Aids in updating landing page changes.
Filtering improvements
Doclist (Show or hide folders) – Allows users to customize their view for a more focused workspace and reduces clutter by hiding unnecessary folders.
Business filters for tasks on workflow overview widget – Helps users quickly find relevant tasks and enhances productivity by streamlining task management.
Caching improvements
Cache last folder navigation – Saves time by remembering previous locations and reduces the need for repetitive navigation.
Date improvements
Users can set their on date formatting (Long, short, etc.) – Provides flexibility based on user preferences and improves clarity in international teams with different date formats.
Client can show local time zone while server maintains server time zone – Prevents confusion from time zone differences and ensures accurate time tracking across global teams.
Manual import of rendition to existing documents
Streamlines the process of updating documents.
Reduces errors by maintaining accurate document versions.
Visual indicator when a markup exists in IV
Enhances visibility of document changes or annotations.
Improves collaboration by ensuring markups aren’t overlooked.
Multi-binder ability in IV (Concatenation of selected documents in the viewer)
Enables easier document comparison and review.
Saves time by allowing multiple documents to be viewed as a single entity.
Enhancing integration and real-time interaction using OpenText Documentum CM SDK’s external widgets
The external widget in Smart View facilitates smooth integration with external clients, providing real-time updates and interactions with independent applications. It stays visible on-screen and updates dynamically as users engage with objects. This feature eases the shift from classic to Smart View by supporting the migration of custom dashboards, welcome pages, and app integrations. Using OpenAjaxHub allows customers to repurpose existing integrations for event subscription and publishing, ensuring seamless two-way communication between Smart View and almost any component. This will help organizations:
Enhanced integration – Works with any JavaScript framework supporting OpenAjaxHub, an open standard.
Real-time interactivity – Allows Smart View to send and receive events, enabling two-way communication.
Improved user experience – Keeps widgets accessible and updated without requiring manual refreshes.
Practical use case – Example implementation with Documentum Reports, where users can trigger client events externally via the “Show Report Templates” button.
External widget in Smart View.
Leverage the new OpenText Documentum CM Search off-cloud
The new OpenText Documentum CM Search offers rapid performance tied to compute power, improved search accuracy via a machine-learning engine supporting multiple languages and advanced search types (vector and semantic), a modern web-based admin interface for remote customization, and containerized architecture for cloud scalability, compatible with various file storage integrations like NAS, SAN, CAS, and Cloud-Store/SDS. This will help organizations:
Improve efficiency and productivity – Lightning-fast, compute-powered search helps employees quickly find documents, cutting search time and boosting productivity.
Enhance decision-making – Machine-learning engine enhances search relevance with multi-language, vector, and semantic support, aiding accurate, context-driven decisions.
Save money- Containerized, cloud-optimized architecture cuts costs with scalable integrations (NAS, SAN, CAS, Cloud-Store/SDS), reducing reliance on expensive on-premises hardware.
Support global accessibility – Supports multiple languages and a web interface, enabling effective search access and collaboration for global teams.
Boosted search experience for users.
Streamlined business processstructureswith a fully integrated Microsoft® Teams® owner experience
Gone are the days of relying on IT or Cloud Ops to manipulate complex workflows to meet the changing demands of the organizations, now business power users and administrators can easily:
Unlock documents
Cancel checkouts
Pause a workflow
Resume a workflow
Abort a workflow
Update a workflow supervisor
BOCS: Empowering remote operations with instant, offline access to critical materials
BOCS (Branch Office Caching Services) enables remote offices, such as oil rigs and mines, to instantly access the latest materials like manuals, repair instructions, and safety guides, even without network connectivity. This is achieved through containerization of OpenText Documentum CM Messaging Services (DMS), updates to Smart View and M365 for accessing cached content in BOCS, and providing instructions for BOCS access and off-cloud deployment. A few examples of business benefits are:
Efficient, scalable deployment across multiple remote locations using Containerization of OpenText Documentum CM Messaging Services (DMS).
Enables smooth access to cached content and ensures compatibility with existing tools and workflows.
Reduce setup time and technical challenges for remote deployments by providing clear BOCS access and off-cloud deployment instructions.
Deliver more insightful, actionable data
Through enhanced reporting and dashboards combined with improved usability and customization options, improves usability and provides easy to customize options. Now available as part of the OpenText Documentum CM X-Plans, the new reporting and dashboards take advantage of the modern capabilities of the Smart View client. The new administrative toolkit includes templatized reports and dashboards. Reports are powered by templates and configurable Documentum Query Language (DQL) that aid in the creation and delivery of new reports.
Consolidated reporting and dashboards
August 2024: What’s new in OpenText Documentum CE 24.2
The OpenText Documentum CE 24.2 release includes new capabilities designed to help organizations deliver the power of Documentum throughout their organization in a more personalized manner.
Accelerate content discovery through chat-based conversational search
OpenText™ Content Aviator for Documentum is the intelligent assistant everyone wants because it helps users discover content faster with an interactive chat interface. Users can quickly understand documents with automated analysis, summaries and translations. This boosts productivity, efficiency and satisfaction by providing instant access to relevant answers to natural language questions.
A generative AI (LLM) powered intelligent assistant for Documentum
Improve search results with the next generation of Documentum Search
The new Documentum Search provides:
Lightning-fast performance that matches with compute power
Enhanced search relevance through use of a machine-learning analytic engine that supports different languages, vector & semantic search
A modern web administrator interface that provides effective tools to make it easier to tailor search experiences remotely
Containerized for cloud-scale by supporting a variety of popular integrations of file-stores like: NAS, SAN, CAS, and Cloud-Store/SDS
Next generation of Documentum Search
Keep your secrets secret with an extra layer of protection
As hackers become increasingly more aggressive and smarter, Documentum is ready to help customers ensure their sensitive data is protected by creating new ways to manage access to secrets. Now, customers can configure Documentum using mapped vault keys. By updating the vault secrets are removed from encrypted configurations files, making it even harder to access. To bring further confidence to this solution, Documentum chose to work with the leader in the industry, HashiCorp Vault, to provide this level of security. This is a win-win for Documentum customers and a lose-lose for bad actors.
Manage access to secrets and protect sensitive data
Inspire business power users and managers to take control of their work
Gone are the days of relying on IT or Cloud Ops to manipulate complex workflows to meet the changing demands of the organizations, now business power users and administrators can easily:
Unlock documents
Cancel checkouts
Pause a workflow
Resume a workflow
Abort a workflow
Update a workflow supervisor
Business administration: Power at your fingertips
Enhance user productivity working with content stored in Documentum from within Microsoft Teams
Expose Smart View Search and Advanced Search capabilities to users working from Teams
Supports all Smart View functionality and menu options, including virtual documents and mass update
Reduce administrative tasks to manage the integration via intelligent automation
New automation framework for detecting changes to Team membership in Microsoft and synchronizing the Team workspace in Documentum
When new members are added or deleted – the access to the mapped folder in Documentum is updated
Support existing business process structures
Team Owners may now choose to create a mapped team workspace in Documentum or select an existing folder/workspace
Allows Team Owners to easily link existing business process pre-configured folder structures in Documentum as the workspace for a Team
Documentum for Microsoft 365
Help your new users navigate the mobile app with a self-paced guided tour
Now OpenText Documentum Smart View mobile users can better understand how to use the mobile app by taking a self-paced guided tour with Documentum coachmarks. Coachmarks play an important role in enhancing user engagement, reducing confusion, and improving user retention rates within mobile applications. The new coachmarks present themselves as green dialogues that coach, or teach, a feature to the users with contextual information or instructions. Coachmarks can be used during onboarding when a user first launches the app. They can be used to help current users discover and understand new features designed to make it easier for the user to stay in the mobile app to complete a complex project.
December 2023: What’s new in OpenText Documentum CE 23.4
OpenText is pleased to introduce OpenText Documentum CE 23.4, which we fondly refer to as ‘One Documentum’ because it brings the power of Documentum into a single solution that helps organizations realize extended value from their Documentum system by:
Inspiring collaboration and optimizing processes
Simplifying deployments and upgrades
Modernizing licensing
Providing end-to-end archival for mature content
Introducing One Documentum: A new way to Re-IMAGINE Documentum.
Inspiring collaboration and optimizing processes
The new OpenText™ Extended ECM Documentum™ for Microsoft® 365 solution connects people, content and tools to keep teams engaged and productive
Customer-facing teams always have access to real-time data and content to make informed decisions and deliver outstanding service to their valued clients
Rights-based access and pre-defined business rules enable content stakeholders to view, edit and manage the information they need without navigating multiple systems to locate content in potentially restricted systems or areas
Users can create content and collaborate in Teams, while remaining focused on the processes and goals managed by ERP, CRM and HCM applications
Simplifying deployments and upgrades
One-click deployment reduces upgrade time and effort
Simplified certification matrix takes away the guesswork when upgrading
Custom or standardized private-cloud plans to leverage Documentum as a cloud service
Deploy Documentum with your own data centers or other hyperscalers
Documentum™ Smart View (formerly Documentum™ D2 Smart View) users can quickly resize columns, switch between lists, pinned column and grid modes, all leveraging sticky memory to ensure their personal changes persist until the next time they need to make a change
Leverage the Documentum Smart View SDK to extend and customize Documentum Smart View
Migrate custom WebTop applications to Documentum Smart View
Create similar Webtop customizations in Documentum Smart View
Move the Classic Custom Dialog plugins with no modification or replication needed
Define and layout extension/override capabilities of the out-of-the-box Documentum Smart View components
Modernizing licensing
Move away from the years of license pileup with a new, modern licensing structure that consolidates licenses into a single model number
The new Documentum X-Plans provides discounted upgrade paths with extended functionality
Providing end-to-end archival for mature content
Empower external users to perform self-service transactions on secure content from anywhere with the new Documentum External Transactions license
Ensure all parties are always working on the latest version of the document and can make better decisions faster, reducing the cost to the business.
May 2023: What’s new in OpenText Documentum CE 23.2
With the release of OpenText™ Documentum™ CE 23.2, we’ve made improvements across the platform to enhance the user experience, automate workflows, and ensure compliance. Here’s a glance at a few of the new features in 23.2:
Augment productivity in D2 Smart View
Documentum D2 Smart View users can quickly resize columns, switch between lists, pinned column and grid modes, all leveraging sticky memory to ensure their personal changes persist until the next time they need to make a change.
Customize the UI to empower and delight users
Leverage the Documentum D2 Smart View SDK to extend and customize D2 Smart View.
Migrate custom WebTop applications to D2 Smart View.
Create similar Webtop customizations in D2 Smart View.
Move D2 Classic Custom Dialog plugins with no modification or replication needed.
Define and layout extension/override capabilities of the out-of-the-box D2 Smart View components.
Engage external users at every step of the process
Empower external users to perform self-service transactions on secure content from anywhere with the new Documentum External Transactions license
Ensure all parties are always working on the latest version of the document and can make better decisions faster, reducing the cost to the business.
Augment productivity in D2 Smart View with column resize.
June 2022: What’s new in OpenText Documentum CE 22.2
With the release of OpenText Documentum CE 22.2, we’ve made improvements across the platform to enhance the user experience, automate workflows, and ensure compliance. Here’s an overview of what’s new in CE 22.2:
Enhance user experiences
Modern work calls for new tools and new ways of thinking about Information Management. The new in-place viewing and Docmerge capabilities of OpenText™ Documentum™ D2 help enhance modern work by making it easier for users to complete their work from a single location without the need to switch back and forth between content stored in various locations. Now users can:
Preview, review and compare document properties and content in a single view
Adjust the viewing area for the size that best suits the current task
Quickly compare text on a document from one version to another
Compare drafts of CAD drawings by toggling between a view of each drawing individually, showing drawings side-by-side or overlaying them with or without differences being contrasted
An example of the in-place viewing on the properties page in OpenText Documentum D2
An example of how Documentum allows users to quickly compare text changes from one version to another
Automate workflows
OpenText Documentum Advanced Workflow is a new workflow designer that allows organizations to bring the power of OpenText™ Documentum™ xCP workflows to the applications of choice without the need for UI composition. This allows the users to remain in the applications they use the most while leveraging advanced workflows for content processing.
An example of how users can create process-driven applications without implementing a new user interface within Documentum xCP
Enhance compliance with digital signatures
Documentum D2 and D2 Mobile’sholistic integration with OpenText™ Core Signature ensures compliance by providing an ink-like digital signature as part of any D2 workflow. The signed documents are automatically retrieved back into Documentum where they are stored and logged with the required audit details using pre-configured business rules as required by the governing regulations.
An example of Documentum D2 and D2 Mobile integration with OpenText Core Signature.
The new web-based Workflow Designer provided with the Documentum Platform can be used for designing and managing D2 workflows. Current Documentum customers can migrate their workflows from Workflow Manager using the migration utility.
Update 2: Access Salesforce information
Documentum’s new integration with Salesforce® helps accelerate sales cycles by sharing content stored in Documentum directly from the Salesforce user interface. Users avoid miscommunication and improve the customer experience by always leveraging the most current Salesforce information. Organizations can rest assured their content will not be misused, since the content carries with it the enterprise security and compliance standards built into Documentum.
Update 3: Simplify access to lifecycle management
Documentum D2 Smart View users can now apply lifecycle changes to a document in Smart View based on their user privileges. Business rules are consistently and automatically applied to documents as they progress through the various states of the document’s lifecycle.
Update 4: Update en masse
Merger and acquisition activity and drug-status changes for Life Sciences companies are examples of use cases that often require mass updates to be made to documents, folders and virtual documents. To ensure these changes are made consistently and quickly, Documentum D2 updates properties on multiple objects in one action. This includes replacing attributes based on conditions of other fields.
Update 5: Do more when mobile
Documentum D2’s new mobile capabilities include:
QR code scanning
Relations management, for creating and viewing relations
Document lifecycle management
Viewing and working on checked-out documents via tile landing pages and the hamburger menu of the mobile device
e-Signature support in key areas such as task processing, lifecycle, versioning, properties and non-credential IDP
Added security and compliance with e-Sign during task processing, lifecycle management and versioning or editing properties
Working/supporting files and task notes added directly by clicking on the add button in the app header
Update 6: Easily create an attractive dashboard
Documentum xCP Case Management Framework assists in building Smart Applications. When designing and implementing a mortgage application process, for example, the new tiles and dashboard layout improve interaction and usability, provide better access to data and increase productivity with a modern interface and organized workspace.
Developers can easily create dashboards with the xCP Tile Layout Widget. Tiles provide interactive links to Data Services or any URL and can also link to common application functionality to create a dashboard menu that enhances the user experience.
Authored content with tracked changes is often converted to PDF for submission and approval workflows—but that usually means the record of document modifications is lost. Content Transformation Services now retains comments and tracked changes when Word Documents are converted to PDFs, allowing for complete lossless interaction and change management.
Additionally, Documentum Content Trusted Services can also now burn watermark text into video content for copyright purposes.
Update 2: Enhanced online and offline workflow management
Smart View users can now start workflows and insert their documents into pre-defined business processes. They can find and manage workflows, either their own or workflows started/belonging to others, and then pause, abort or provide an update to the workflow supervisor.
Workflow features extend to the free Documentum D2 Mobile App, where users can continue to work on documents offline, then initiate workflows for approvals and processing once back online.
Update 3: Streamlined Microsoft Teams collaboration
Microsoft Teams users will be delighted with the ability to quickly spin up new Teams through content stored and governed in Documentum. They’ll also have the ability to clean up the Teams space post collaboration by automatically moving all content in the space to Documentum in order to prevent content sprawl.
This new functionality simplifies and streamlines the complete collaboration lifecycle, from creation of a Teams site using content stored and governed in Documentum, through to checking files back into Documentum upon completion of the activity in Teams
Security improvements include mandatory events, to ensure multiple logins and failed login attempts are tracked, especially if they are from different locations. And two-man oversite of audit trails eliminates the risk of accidental or malicious tampering by a super-user.
For customers moving to the cloud, an update calculator is now included with the containerized release to help customers manage the cost and impact of a container update. New certifications include Azure blob storage to help reduce the costs of storing content in Azure.
Update 2: Documentum D2 enhancements
In Documentum D2, we continue to focus on enhancing the Smart View to work more intuitively and across more use cases.
For users, the new in-place viewer provides a seamless way to preview content without having to exit their current working environment.
For Administrators, the D2-Config application can now be used with Google Chrome—a popular feature request from customers.
Documentum D2 Mobile, the free mobile app for Documentum D2 customers, now allows users to scan barcodes for immediate access to the latest information. Workflow tasks can now be accessed from the home screen and can be actioned to speed up workflows.
Update 3: Documentum xCP case management
Documentum xCP CE 20.4 simplifies the development of dynamic, case-management solutions by enhancing the OOTB (Out of the Box) application that stands as the starting point for mapping to specific processes.
The new Case Management Framework assists in building Smart Applications using enhancements in the OOTB starting-point application—including the ability to search custom objects, sort results dynamically, and import task attachments from local file systems. All of which enables faster implementation cycles.
In a recent post, I explored the butterfly effect of cybersecurity—the idea that one small misstep (like an over-permissioned user or misclassified document) can cascade into a major breach. Today, I want to go a step further: because it’s not just about access—it’s about architecture.
Cybersecurity has always been about control. But what we’re controlling is changing.
As data sprawls across SaaS platforms, cloud systems, and unstructured repositories, CISOs are being pulled upstream—into data strategy, lifecycle management, and governance. They’re not just protecting endpoints anymore. They’re shaping how information flows throughout their business.
These are information architecture questions—not just security questions.
Information sprawl = attack surface
Every enterprise is a patchwork of productivity:
Files in Box
Shared links in Google Drive
Unclassified documents in SharePoint
Shadow data in abandoned AWS buckets
This isn’t just messy—it’s risky. When information is unmanaged, security can’t protect what it can’t see.
Governance and cybersecurity are converging
Data protection regulations like GDPR, CCPA, and Australia’s Privacy Act reforms are raising the bar. It’s not enough to encrypt data or respond to breaches. Organizations must:
Map sensitive data
Classify it properly
Apply risk-based controls
Prove enforcement and accountability
That convergence is putting CISOs in the same room as Chief Data Officers, legal, privacy, and compliance teams—not to react to incidents, but to architect prevention.
The Modern CISO: Strategist. Steward. Architect.
The CISO of 2025 isn’t just a technologist or risk manager. They’re part data strategist, information steward and architect of trust.
Cybersecurity today isn’t just about stopping threats. It’s about enabling responsible innovation, privacy, and business trust—by understanding and protecting the flow of information.
Final thought
We used to ask. “How do we protect the network?” Then: “How do we secure identities and endpoints?” Now we ask, “How do we protect the data that powers the business—no matter where it lives?”
That’s not just a security challenge. It’s an information architecture mandate. And many CISOs are already quietly stepping into that role.
How is your security team evolving to handle information risk? Are you seeing the same convergence of data, governance, and cybersecurity?
In today’s hyper-complex, cloud-driven IT landscape, visibility isn’t just a buzzword – it’s the bedrock of operational success. For IT management, the challenges are mounting: sprawling cloud environments, ephemeral workloads, and the relentless pace of change can make effective management feel like an uphill battle.
You know the traditional Configuration Management Database (CMDB) was a foundational technology for ITSM. But let’s be honest, those legacy systems, built for a static, monolithic era, are struggling to keep up with the real-time demands of dynamic cloud-native applications. Manual updates, outdated data, and a lack of integration can turn your CMDB into a “system of record” that’s hopelessly out of sync with your “system of action”.
But what if your CMDB could be more? What if it could be the central source of truth you desperately need for efficient capacity planning, robust security, and lightning-fast incident resolution in this new era?
The good news is that the CMDB is experiencing a renaissance. Forward-thinking vendors are pouring innovation into next-generation IT discovery and CMDB solutions, designed from the ground up for modern IT environments. These aren’t your old, clunky databases. We’re talking about dynamic, intelligent platforms that leverage cutting-edge advancements.
The CMDB of today must offer: • Real-time accuracy you can trust, eliminating the headaches of outdated information through intelligent automation. • Proactive resilience, helping you anticipate and prevent issues before they impact your services. • Accelerated incident management, empowering your teams with the precise insights needed for rapid detection, triage, and remediation. • Enhanced security and compliance, giving you granular control and immediate visibility into your IT estate. • Seamless integration with modern tools and methodologies, from DevOps to AIOps, ensuring your CMDB supports your strategic initiatives.
These transformative capabilities are already delivering significant results for organizations, leading to dramatic improvements in response times and substantial reductions in downtime.
Ready to discover how a modern CMDB can revolutionize your IT operations and improve your services? Download our whitepaper, Modernizing Your CMDB for IT Operational Success, to explore the innovations driving this CMDB renaissance and learn how you can unlock visibility, efficiency, and resilience for your IT estate.
Software is the engine of innovation, but even the most brilliant ideas can falter without a smooth, efficient development process. That’s where developer experience takes center stage.
Developer experience is more than just happy developers; it’s about empowering them to build extraordinary things. It’s about removing roadblocks, fostering collaboration, and providing the tools and environment they need to thrive.
Why the developer experience matters more than ever
Think of your developers as elite athletes. To perform at their peak, they need the right training, equipment, and support system. A poor developer experience is like forcing them to run a marathon in flip-flops – frustrating, inefficient, and ultimately detrimental to their performance.
A superior developer experience , on the other hand, unleashes their full potential. This translates to
Faster time to market: Streamlined workflows, automated processes, and collaborative tools accelerate development cycles, enabling you to deliver innovative solutions ahead of the competition.
Elevated code quality: Happy, empowered developers write better code. With the right tools and support, they can focus on crafting elegant, robust solutions that delight users and drive business value.
Increased developer retention: Top talent is a precious commodity. A positive developer experience fosters a sense of purpose and satisfaction, making your organization a magnet for the best developers and reducing costly turnover.
OpenText: Your partner in developer experience excellence
OpenText offers a comprehensive suite of developer experience solutions designed to elevate your developer experience and fuel your software development success.
1. OpenText™ DevOps Cloud: Empower developers in the cloud
This cloud-based AI DevOps platform provides a unified environment for development, testing, and deployment, eliminating the friction of juggling disparate tools.
Integrated toolchain: Connect all phases of your software delivery lifecycle (SDLC) and consolidate your tools into a single, holistic platform.
AI-powered automation: Free your developers from tedious tasks with AI-driven test automation and intelligent assistance.
Seamless collaboration: Foster a culture of shared success with integrated tools that break down silos between development, testing, and operations teams.
Performance optimization: Equip your developers with performance engineering tools to proactively identify and address bottlenecks, ensuring your applications perform flawlessly under pressure.
Integrate automated testing early in the development cycle and empower developers to catch bugs sooner, reducing costly rework and accelerating delivery.
AI-driven testing: Simplify test creation and maintenance with AI-powered tools that learn and adapt to your application.
Codeless automation: Make test automation accessible to all developers, regardless of their testing expertise.
3. OpenText™ Performance Engineering: Build for scale and performance
Agile and DevOps support: Embrace Agile and DevOps methodologies with tools that support iterative development and continuous delivery.
End-to-end visibility: Gain complete transparency into your development process, enabling data-driven decisions and continuous improvement.
Embrace the future of developer experience with OpenText
The future of software development belongs to those who prioritize developer experience. OpenText is your partner in building a developer-centric culture that fosters innovation, accelerates delivery, and drives business success. Learn more in the guide: Optimize the developer experience.
Ready to unleash the full potential of your development team?
My colleague Nakkul Khurana and I attended the RSA Conference 2025 (RSAC 2025) to give a talk on the work we completed at Open Text. How to Use LLMs to Augment Threat Alerts with the MITRE Framework was well received with about 200 people attending. The Open Text booth at the Expo showcased all our Cybersecurity products, was also a main attraction for visitors.
The event was also packed with insightful sessions covering the latest trends and challenges in cybersecurity. A major focus this year was the intersection of artificial intelligence (AI) and cybersecurity, exploring both the benefits and the risks. This post summarizes some key takeaways from various talks presented at the conference.
AI’s dual role in cybersecurity
Several sessions highlighted AI’s evolving role. George Gerchow’s talked about “Harnessing AI to Enhance Cloud Security While Addressing New Attack Vectors.” He discussed how AI-powered bots like MongoDB’s Guardian Bot (GB) are becoming essential for real-time threat response and automating security and compliance tasks. These bots use AI to adapt to emerging threats and improve operational efficiency, reducing response times significantly.
However, AI also brings new risks. Michael Bargury’s presentation, “Your Copilot Is My Insider,” delved into vulnerabilities associated with AI copilots and plugins. He discussed potential data leakage, RAG poisoning, and new attack vectors that arise from the integration of AI into business processes. The key takeaway was that AI can greatly enhance security. However, it also requires careful management and security measures to prevent misuse.
The importance of security in RAG systems
Akash Mukherjee and Dr. Saurabh Shintre’s “RAG-NAROK: What Poorly-Built RAGs Can Do to Data Security” emphasized the security challenges in Retrieval Augmented Generation (RAG) systems. They explained that adding private data to chatbots requires robust access controls and permissions management to prevent data leakage. Akash and Saurabh also discussed different permission enforcement methods along with the need for sensitive data protection beyond just permissions.
Security automation with LLM-driven workflows
In the session “Fast-Track Security Automation with LLM-Driven Workflows,” Steve Povolny explored the application of Large Language Models (LLMs) in automating security operations. He covered various LLM tools, prompt engineering best practices, and real-world use cases for improving Security Operations Center (SOC) efficiency. Steve also highlighted the importance of addressing security considerations like data privacy, prompt injection risks, and model bias.
Principles of GenAI security
Diana Kelley’s talk, “Principles of GenAI Security: Foundations for Building Security In,” provided an overview of Generative AI (GenAI) security. She discussed the GenAI threat landscape, architectural considerations, and security at runtime. Key takeaways include the importance of understanding the unique risks associated with AI systems and implementing security-by-design principles.
Adversarial neural patterns in LLMs
In “Beyond the Black Box Revealing Adversarial Neural Patterns in LLMs,” Mark Cherp and Shaked Reiner focused on uncovering hidden vulnerabilities in LLMs. They discussed new jailbreak techniques and mitigations, exploring the “psychology” of models and how they can be manipulated. This talk highlighted the need for continuous research and development of defences against sophisticated AI attacks.
Supply chain security and emerging threats
Dr. Andrea Little Limbago’s presentation, “A Stuxnet Moment for Supply Chain Security?” addressed the emerging threat of supply chain infiltration, referencing recent incidents like the pager attacks. She discussed how digital supply chain attacks are growing and potentially shifting cyber norms. Her talk also emphasized the need for enhanced security measures and vigilance in hardware and software supply chains.
The future of security UX with Agentive AI
“How Security UX Must Change, with Agentive AI,” explored how user experience (UX) in security must adapt with the rise of agentive AI. In this talk Steph Hay emphasized offloading tasks, dynamic UIs, and exponential outcomes. Assistive UX features like “easy buttons,” seeded prompts, and multi-turn chats will become crucial for improving security operations.
Social engineering and GenAI
Perry Carpenter’s session, “Conversations with a GenAI-Powered Virtual Kidnapper (and Other Scambots),” examined how social engineering attacks can leverage generative AI. He demonstrated how these tools create realistic scams and highlighted the need for organizations to prepare and train employees to recognize and respond to these threats.
Initial access brokers and market trends
“Initial Access Brokers: A Deep Dive,” provided insights into the world of initial access brokers (IABs). In this talk, Amit Weigman discussed their methods of operation, the types of access they sell, and current market trends. Understanding the IAB ecosystem is crucial for preventing and responding to security breaches.
The evolution of the SOC in an AI-driven universe
Dave Gold’s presentation, “The Future of the SOC in an AI-Driven Universe,” revealed the current state of Security Operations Centers (SOCs) and how they will evolve with AI. He highlighted the shift from manual processes to semi-autonomous and autonomous SOCs, the need for scalable AI-driven platforms, and the evolution of SOC visualizations.
Safety and security of LLM agents
”Safety and Security of LLM Agents: Challenges and Future Directions,” focused on the unique safety and security challenges posed by LLM agents. Dawn Song discussed potential attacks, evaluation methods, risk assessment, and defences for these systems. Ensuring both safety and security is crucial for realizing the benefits of LLM agents.
Zero trust AI and multi-agent systems
In “Zero Trust AI: Securing Multi-Agent Systems for Private Data Reasoning,” Ken Huang addressed the security of multi-agent systems. He introduced the MAESTRO threat modelling approach and emphasized the need for a zero-trust security model in AI systems handling private data.
Conclusion
RSAC 2025 makes it clear that AI is fundamentally changing the cybersecurity landscape. While it offers tremendous opportunities for enhancing defences, it also introduces new and complex challenges. Organizations must adapt by understanding these changes, adopting AI-driven security solutions, and addressing the associated risks proactively. Staying informed and prepared is key to navigating the future of cybersecurity.
FedRAMP certification is increasingly central to how technology providers serve the U.S. government. For cloud-based services that manage sensitive data, achieving FedRAMP authorization is not just a regulatory milestone. It is a signal of trust, security, and capability. This is especially true for secure communication platforms like cloud fax solutions, which continue to play a vital role in government workflows. That is why our very own solutions in OpenText™ Core Fax and OpenText™ Fax Cloud Connect are currently on a clear path to achieving FedRAMP authorization in the first half of 2026. This move reflects a strong commitment to deliver secure, compliant, and reliable services to public sector organizations.
But what is FedRAMP and why is it important?
FedRAMP, the Federal Risk and Authorization Management Program, is a U.S. government wide initiative that standardizes the security assessment, authorization, and continuous monitoring of cloud services. Any cloud provider seeking to work with a federal agency must either be FedRAMP authorized or actively working toward authorization. All U.S. federal agencies are required to use FedRAMP-authorized cloud services, ensuring a unified and risk-conscious approach to cybersecurity across the federal landscape.
For OpenText, achieving FedRAMP authorization goes far beyond simply meeting a compliance requirement. The benefits are significant and strategic:
1. Access to the federal market FedRAMP authorization is a prerequisite for operating within most U.S. government environments, unlocking opportunities in a highly regulated and expansive sector.
2. Stronger competitive positioning Authorization signals to both public and private sector clients that OpenText meets the highest standards of security and operational maturity.
3. Operational consistency By aligning with a single, rigorous framework recognized across multiple federal agencies, FedRAMP streamlines compliance and reduces complexity.
4. Enhanced cybersecurity posture Built on NIST 800-53 controls, FedRAMP includes continuous monitoring, incident response, and vulnerability scanning, strengthening the overall security framework.
5. Data protection by design FedRAMP requires robust encryption (at rest and in transit), role-based access controls, and secure auditing core components of a resilient security architecture.
6. Transparency and oversight Authorized systems undergo regular reviews and are held to evolving standards, providing agencies with confidence in the integrity and accountability of their cloud services.
Alignment with state and local frameworks
FedRAMP functions as the foundational framework that supports and often supersedes state level risk and authorization programs, including StateRAMP (a national nonprofit initiative for state and local governments) and state specific programs like TX-RAMP (Texas), AZ-RAMP (Arizona), and others. These programs are modeled after or closely aligned with FedRAMP’s robust standards, leveraging the same core principles such as NIST 800-53 controls, standardized assessment methodologies, and continuous monitoring requirements. As a result, cloud service providers that achieve FedRAMP authorization are well-positioned to meet or exceed the requirements of these state programs. This alignment enables a more efficient path to multi-jurisdictional compliance, reduces duplicative assessment efforts, and reinforces FedRAMP’s role as the superset framework underpinning cloud security for all levels of government in the U.S. Finally, the result of the FedRAMP process is an “Authority to Operate” (ATO), which is a formal authorization from the government for a CSP to operate and handle sensitive data. While “certification” is often used in the same context as authorization, it can also refer to the process of meeting FedRAMP requirements and preparing for authorization.
OpenText Fax Cloud Connect and Core Fax: Meeting the standards of secure federal communication
OpenText is committed to achieving FedRAMP authorization for its digital cloud fax solutions OpenText Fax Cloud Connect and OpenText Core Fax by the first half of 2026. This is not a theoretical goal; meaningful progress is already well underway.
OpenText currently operates a FedRAMP-authorized environment that hosts several approved products, and we are actively working to extend this secure platform to include both Core Fax and Fax Cloud Connect. To support this effort, OpenText has established a sovereign U.S. environment for Core Fax, ensuring that all data remains within U.S. jurisdiction fully aligned with FedRAMP’s stringent data residency and sovereignty requirements.
Additionally, we are partnering with a certified Third-Party Assessment Organization (3PAO) to perform an independent assessment of both solutions against the FedRAMP authorization requirements. This ensures a transparent, impartial, and rigorous validation of our security posture.
Through this approach, OpenText is not just aiming for compliance. We are delivering secure, trustworthy digital fax solutions that federal agencies can adopt with confidence.
Why secure cloud faxing still matters – six real use cases
Secure faxing may not dominate headlines in the same way cloud collaboration tools do, but it remains a foundational part of critical workflows where legal, personal, or sensitive data must be transmitted reliably and compliantly. Below are six real-world scenarios where FedRAMP compliant faxing plays an essential role:
1. Health record transfers across agencies
A Department of Veterans Affairs clinic needs to send medical documentation to a Department of Defense medical center. These transmissions involve protected health information (PHI) and must comply with HIPAA and federal cybersecurity standards. A FedRAMP-authorized fax solution ensures this information is transmitted securely and reliably.
2. Federal contract submissions
Government contractors frequently submit sensitive bid documents, acquisition forms, and defense-related materials via fax. This method remains preferred due to its legal enforceability and chain-of-custody features. FedRAMP compliance ensures that transmitted materials are encrypted, traceable, and stored securely.
3. Military procurement and defense logistics
Procurement officers within the Department of Defense often need to fax technical specs, procurement requests, or logistics plans to suppliers and internal teams. These documents may contain controlled unclassified information (CUI). A FedRAMP compliant fax system protects the confidentiality and integrity of that data across all endpoints.
4. Emergency response collaboration
During national emergencies, agencies like FEMA rely on fax to rapidly exchange signed waivers, resource deployment plans, and public safety documents. With FedRAMP compliant faxing, sensitive materials can be shared confidently, even in chaotic, time-sensitive environments.
5. Higher education loan and grant processing
Federal student aid offices and higher education institutions transmit thousands of loan forms, eligibility records, and grant documentation containing personally identifiable information (PII). Secure faxing remains integral to this process. A FedRAMP authorized platform guarantees compliance with federal privacy regulations.
6. Whistleblower and ethics reporting
Agencies that receive confidential or anonymous reports, particularly those related to ethics, legal investigations, or internal audits, often use fax due to its traceability and secure delivery. FedRAMP compliance provides the technical assurance needed to protect these communications.
Looking ahead
Today, our OpenText Core Fax and OpenText Fax Cloud Connect solutions are built for reliability, compliance, and secure document exchange. With our roadmap firmly set toward FedRAMP authorization in 2026, we are taking the necessary steps to support our public sector clients in their mission to operate securely and efficiently.
Our sovereign U.S. environment, third-party assessment strategy, and commitment to continuous monitoring place us in a strong position to support some of the most demanding and security conscious organizations in the country.
Secure faxing remains a cornerstone of government communication especially when certainty, privacy, and auditability matter most. With FedRAMP authorization on the horizon, OpenText digital fax solutions are poised to deliver that trust at the highest level.
An internal data breach is the exposure of confidential information to an unauthorized user in an organization. We tend to think of confidential information as private information about a patient, customer, employee, etc. After all, nearly every country in the world has regulations specifying how private data can be stored, accessed, and managed. And, they can assess sizeable fines for noncompliance.
Organizations typically store personal identifiable information (PII) as records in an application database. A patient’s medical information, for example, is structured across cells in a medical application’s database table. This is why it known as “structured data.”
Protect your unstructured data
But sensitive information is not just PII; it also includes an organization’s confidential or competitive proprietary data. For example, not-yet-released quarterly sales results, future marketing plans, legal documents, and more. These word processing files, spreadsheets, presentations, media files, etc., cannot be structured in a database. They are stored in folders in a network file system or in the cloud. This type of data is known as “unstructured data.” It comprises about 80 percent of an organization’s total stored data.
Organizations largely protect and manage structured data from unauthorized access through an automated process. An example is an identity and access management system (IAM) that provisions and restricts access based on user identity and role. Conversely, they will secure unstructured data through NTFS permissions assignments in Microsoft Active Directory and Microsoft Entra ID for network folders, shares, and document libraries.
NTFS permissions increase the complexity of protecting unstructured data
It’s these extensive and complex individual NTFS permissions assignments that can be so challenging to manage. Sure, a network administrator can check which groups, and associated members can access a specific folder by viewing the folder properties. But with potentially thousands of folders, subfolders, and document libraries storing files with confidential, sensitive, and high-value data, reviewing these permissions individually is impractical.
How OpenText can help
That’s where OpenText File Reporter, a component of OpenText Data Access Governance, comes in. It has extensive reporting and analytics capabilities. File Reporter can identify all users who can access individual folders, subfolders, Microsoft 365 document libraries, their NTFS permissions. It can also identify how that access is derived. With these findings, information and security officers, network administrators, and department data owners can determine potential risks for internal data breaches.
OpenText File Reporter can present these findings in a variety of permissions report types. That way you can have the information you need to make the necessary changes to access permissions.
This capability has been incredibly useful to customers needing to perform regular vulnerability assessments on all of their confidential, sensitive, and high-value unstructured data and protect themselves from everything from inappropriate insider knowledge to insider misconduct.
With so much to lose – data security, competitive advantages, customers, employees, and reputation, as well as the potential for fines and lawsuits, organizations cannot risk the possibility of an internal data breach, especially when those risks are so easy to identify with OpenText File Reporter.
