Securing documents in the WikiLeaks era
Hill explains, "Microsoft has thousands of RMS licenses out there-the most of any ERM product—yet many are not being utilized. Those organizations should consider RMS as a starting point, especially in SharePoint 2010. But they should first take a broader view to see where ERM fits in their overall information governance strategy." Hill expects that Microsoft customers are best off starting with the RMS option. "This year, newer versions of MS Exchange and SharePoint will make RMS more attractive and increase adoption for Microsoft shops," he says. "Other organizations will seek out alternative products to support non-Microsoft document formats and applications."
Delays in adoption
That is one downside of RMS—it does not provide protections for non-Microsoft applications or file types. But Hill says, "This increase in RMS licensees will help expand the overall ERM market, and make enterprises more aware of data and document security issues that can be addressed by ERM software."
The 451 Group's Coplan speculates, "RMS' adoption has been held up by some of the enrollment and rule hard-coding issues. And what you really want, unless you're in an all Microsoft environment, is an open, extensible platform with a classification process that is file agnostic." In other words, to be ideally suited for the long term, and for potential enterprisewide implementations, the rights management software protections should be able to be applied to any file type.
Some organizations may find that a hybrid approach works best. Andy Han, VP and general manager of NextLabs, says, "RMS is expensive to deploy and maintain, but we have customers who use it for their Microsoft Office documents, and they use our software to protect everything else."
According to a report issued by The 451 Group, Microsoft's Information Rights Manager, a desktop component, appears to be seeing an increase in units sold, as a result of explicit sales and marketing efforts. Microsoft has also put more effort behind cultivating RMS partners like TITUS, which provides e-mail encryption for RMS. Microsoft Information Rights Manager serves as an overlay on Windows Active Directory RMS and integrates with SharePoint Foundation, allowing for some autonomous file-level protection and enforcing restrictions on sensitive files and documents. The core functional component of Microsoft Information Rights Manager is the IRM Protector, which can be thought of as an integrated access control policy and encryption agent.
But also, according to Microsoft's website, MS IRM lacks key ERM functions: It cannot prevent content from being erased, stolen or captured and transmitted by malicious programs such as Trojan horses, keystroke loggers and certain types of spyware; and it cannot restrict content from being copied by using third-party screen-capture programs.