This resource is no longer available
Integrating Information Labeling and Microsoft Active Directory Rights Management Services (AD RMS)
Information protection has traditionally focused on controlling access to information, with little or no control on what is done with the content once it has been accessed. Policies are generally in place outlining what can and cannot be done with information, but the means to enforce these policies is limited in many cases.
The traditional technology components of policy enforcement have focused around controlling access to the content- for example, controlling who can access file shares, protecting assets behind a firewall, etc. The limitations of these approaches is that there is no control over the content once it has been accessed, and the protection is dependent on the location of the content- that is, if the user copies the document to a thumb drive or emails it as an attachment, the protection no longer applies. In addition, these approaches provide no means of controlling when the content can be accessed (a “best before” date) - for example, pricing lists that are only valid until 30 September, or a recall roster with out-dated contact information.
AD RMS is a file-based, persistent content protection solution that provides the means for publishers of confidential email messages and documents to control who can view their content, and what they can do with that content. File-based is defined as protection that remains with the file- whether it resides on a file server, is copied to a thumb drive, or is sent via email. What AD RMS’ persistent content protection also provides is that the rights the recipient has over the content have been explicitly defined and are in-effect when the document or message is opened.
Continue reading to discover how this combination provides a powerful and intuitive solution for policy compliance and information protection.