The Complexities of Deploying MS’ Rights Management System

Oliver Rist: Microsoft amends Rights Management Server

For those who don’t remember, RMS is a cousin of Digital Rights Management Server, but it’s intended to protect documents that circulate within a single organization and perhaps within some partner organizations; it’s not aimed at securing documents, such as an e-book, that have a broader, Internet-wide audience. Within an organization, RMS has the power to enforce security policies down to the document level, and it allows the document to carry its security along with it wherever it goes in the enterprise.

RMS’s security features are significant, including encryption, specific user or group access, denial of save, print, or change capabilities, and more. So BT’s Pearson could create a hypothetical document alerting senior staff to buy millions of PlayStations for the Pearson Brain-Drain Game project, and he could make the document viewable only by a select group of BT executives. Let’s call them the Guinness Drinkers. If Pearson e-mails the document to the entire BT Executive Group, only those in the Guinness Drinkers subgroup will be able to open it.

Pearson could further make sure that no one in Human Resources, Legal, or Psychological Evaluations can even see the document, let alone print or save it. And should Sony issue an announcement that it will evaluate his proposal by a specific date, Pearson can set his original document to expire on that date in favor of his new document, “I Don’t Know What I Was Thinking.”