RMS – Rights Management Services

The problem

Traditionally users protect their files by encrypting their device or computer where the files are stored. Some users might set passwords on the file or add them to a zip file to encrypt them. This makes sharing files and emails very difficult and often the password used to protect the file is forgotten, rendering the file useless. Furthermore, you have to share the password with the recipient of the file and it is often difficult to keep track of such passwords. If the file is in the wrong hands and they know the password nothing can be done to ‘revoke’ that access.

This old method of protecting data is known as ‘containerisation’.  The moment the file leaves the ‘safe container’ it becomes at risk from being accidently or maliciously copied, forwarded, lost or misplaced.

In summary:

  • Encrypting the container
    • When the file is out of the container it is unprotected
    • Difficult to manage the passwords for the containers
  • Encrypting the file
    • The user must remember a complex set of passwords
  • Email encrypted file usually causes IT issues
    • Often the file would get trapped by a firewall
    • You have to share the password, making password management very difficult
  • Emails cannot be protected
  • When a file is in the wrong hands you cannot revoke access

The solution

Rights Management Services is powered by Microsoft Cloud (Azure) and can be integrated by Data Defence into your IT system.  Once implemented you can put protection on a file, a set of files or your emails and control who accesses that content and what they can do with it.

Your Windows/Microsoft Account is the ‘lock’ for protecting the content – you only need to know your own username and password and nothing else. When you change your password access to your protected content is automatically verified and granted no matter where your content is.  The data is always encrypted so is safe to transfer on any medium.  You can also revoke access to files and set them to expire at a certain date.  You can even track who is accessing your files, where in the world they do this and be notified of attempts to get unauthorised access by email alerts.

In summary:

  • Your user log on is the lock for the file or emails
  • You never need to share a password
  • The content won’t normally be trapped by firewalls so it is easy to share
  • You can revoke access to files at any time
  • If you have a device with protected content on it and you lose that device your data is safe as any unknown parties will never be able to gain access.

Check out this 2 minute video to get a better understanding of RMS in action.