Ask people about digital rights management and most will offer an opinion regarding the rights and wrongs of peer-to-peer file swapping. But ask Microsoft and youre more likely to hear about their plan to protect corporate documents, intranets and e-mail using technology that sits atop Windows Server 2003.
While Microsoft doesnt seem to have a corporate opinion on the fair use of entertainment content, there can be few questions about the companys view of corporate data protection. Microsoft believes its business customers have a need, even a responsibility, to better manage access to corporate information, perhaps aggressively at times. And Redmond thinks its created just the tool for the task.
One example Microsoft uses to demonstrate the need for its solution is the CEO who several years ago wrote a memo that, among other things, criticized employees for not working long enough hours, not working hard enough and not working often enough on weekends. The memo was so Scrooge-like in approach and content that when a leaked copy got on the Internet it cost the CEO his job and the company a significant portion of its share price. Had rights management been in place, the message might never have leaked out. Whether thats a good or bad thing is for you to decide.
More commonly, however, rights management would be used in business to keep private information from being shared, even accidentally. The Microsoft solution would, for example, prevent an outsider from opening a document e-mailed to them by mistake, perhaps when another Microsoft product, Outlook, automatically completed a recipient name and sent the file before the sender noticed it was going to the wrong person.
Of course, the technology can be used for things like locking down documents from improper use by insiders, including insuring compliance with federal privacy regulations in health care and other industries.
I have not spent much time playing with Microsofts Rights Management Services, as its version of DRM for enterprises is known. But Ive seen the demonstrations, interviewed the product managers and spoken with analysts. Ive also had discussions with Microsoft execs in other business units who see rights management having a place in even the smallest businesses.
Next Page: Credentials Control Access
Credentials Control Access
Someday, they say, well all have the ability to decide who can view our documents, who can print them, edit them, e-mail them, etc. And this applies to all document types, including Web pages, spreadsheets, and other Microsoft Office documents. Microsoft RMS was announced in February 2003 and has been shipping for about a year. The server allows users of Office 2003 or Internet Explorer (via a plug-in) to access encrypted documents managed by RMS.
Today, this requires the installation of server software atop Windows Server 2003. That should change if Microsoft makes good on plans to include RMS as a standard component of Windows Server 2003 R2, anticipated to ship during the second half of 2005. RMS could also find its way onto Small Business Server and thus into the hands of companies with fewer than 50 employees.
At its heart, RMS is a server that provides credentials to clients. Opening an encrypted document, or doing anything else with it, requires the user to possess the appropriate credential. These are stored on the users machine, protected by password or other authentication, and can be persistent. This allows the user to travel with a portable and have access to documents when not connected to a network.
However, a document may require the immediate validation of a credential, requiring the user to be on the network anytime the document is opened. This is Microsoft RMS at its most restrictive, at least in terms of credentials.
Even with the proper (and current) credential, users can be selectively limited in what they can do with a document. Viewing may be acceptable, but printing, copying, editing, and e-mailing could all be made impossible. Mix and match these as you find necessary.
My suspicion is big enterprises and fairly small companies will find the technology most immediately useful. The enterprises will use it in business units where data security is of utmost concern while small business will use it widely, presuming the Small Business Server integration goes well.
Next Page: Administrative Challenge
Administrative Challenge
Midsized companies may find it most difficult to implement successfully as many will try to roll RMS out across all users at once, even before administrators really understand how RMS works.
Creating rights templates, for example, is an important step in making sure users dont find themselves locked out of their documents. A really lousy installation could, conceivably, lock everyone out of everything, at least for a time. No matter how easy Microsoft tries to make set-up, it will still pay for administrators to be thoroughly familiar before rolling RMS out to the corporate masses.
One thing that may work against RMS, at its least heavy-handed use, are social issues. Users who suddenly find themselves unable to access or use information as they have in the past will presumably be unhappy. Management may be surprised to discover these “unauthorized uses” were in fact necessary for real, if not well-understood or documented, business purposes. For that reason, RMS is perhaps best begun with a light touch with users themselves helping to decide how much security is really necessary.
For more insights from David Coursey, check out his Weblog.
Despite Microsofts best efforts and even if RMS proves thoroughly hacker-proof, information may still not be completely safe. Permitted hard copies of documents can still find their way into the wrong hands, information can be copied longhand and carried out of the building, and cameras can be used to photograph screens. Or a program like SnagIt might be used to grab screen images for printing or saving as files.
Whatever its shortcomings, Microsoft RMS strikes me a useful, even necessary new technology for business networks. It will be interesting to see how successful the company will be in making its use both simple for administrators and transparent to users.
Check out eWEEK.coms for the latest news, reviews and analysis about productivity and business solutions.