Mon, 08 Dec 2003

Gain full control of your documents with IRM

Zatni Arbi, Columnist, Jakarta
zatni@cbn.net.id

Let us suppose you have some confidential information that you need to share with a co-worker. Let us say it is a proposal for a new service that your telecom company can offer to your corporate customers. It is a unique kind of service that will attract a lot of interest as it promises huge savings to the customers.

The last thing you want is for your competitors to see the plan before you have the chance to launch the new service. You definitely want to prevent anybody from stealing your brilliant idea. So you save the file and give it a password. Then you send it over to your colleague for comments.

You also call them and let them know the password so that he or she can open it on their computer. Now, it is not difficult to see that there is still a good chance the file will be viewed by an unauthorized user, especially if your co-worker happens to be a careless person and they just let anyone use their computer.

And, if you are using the password to protect your file, there will be no way for you to prevent the recipient from forwarding the file to someone else. Or, if they choose to, copy the content and paste it into another file and distribute it around.

Even if you have converted the file into a PDF format, they may still be able to manipulate it.

Microsoft has included a new feature called Information Right Management, or IRM, in the latest version of its business Office suite, the Microsoft Office Professional Edition 2003.

With these new features, you can protect your information by restricting the ways your co-worker can use it. All you have to do is click on the Permission button -- which is new in Office 2003 -- and enter the name of the person or group you would like to give the right to view the document, worksheet or presentation file that you have created.

Part of a bigger picture

Actually, the right management is a new feature introduced by Microsoft earlier this year as part of the new services in Windows Server 2003.

Called Right Management Services, or RMS, it provides a tool for anyone in an enterprise to protect their information at the file level. The catchword is the word "enterprise", as the feature can only work if you have a Windows Server 2003 with the RMS already running on it.

If you are a home user without a server, it would be far more complicated, as you would have to rely on Microsoft's service and Microsoft Passport to take advantage of the file protection feature.

Nonetheless, in an enterprise environment, the IRM, which is on the client side of the enterprise system, can be a very powerful tool.

Available in Microsoft Word, Excel, Powerpoint and even Outlook 2003, it allows us to determine who can open the file, whether or not the file may be forwarded, copied or altered. The recipient of the file will be authenticated by the RMS.

When they open an IRM-protected file, they will receive notification such as "Do not print". If he still tries to print the file, he will find out that the print function of his Office 2003 application has been disabled and will remain disabled as long as the protected file is open and active.

The IRM protection will go wherever the file goes, even outside the firewall of the enterprise. It will stay with the file regardless of the way the file is distributed by e-mail, by placing it in a shared folder or by copying it in a disk. That is why the protection is called "persistent".

The creator or owner of the file can also set an expiry date so that the file can only be used by the recipient within a certain period of time. Once the expiry date is reached, the file can no longer be opened by anyone except its owner.

In the case of e-mail, the IRM function in Outlook 2003 will help the sender protect his message from being forwarded, copied or modified in any way by the designated recipient or group of recipients.

But, what will happen if the recipients have not upgraded to Office Professional Edition 2003 and have no intention of doing so?

They will have the option of downloading the Rights Management Add-on for Internet Explorer free of charge. In this case, their Internet Explorer will serve as the client IRM application.

Another ploy to dominate?

One may wonder, will every enterprise and every PC user then be forced to upgrade to Windows Server 2003 and use Microsoft Office Professional Edition 2003 in order to be able to use this information protection technology?

Certainly it is a valid question. We all know that all the players in the technology arena, including Microsoft, want to dominate the world. For one thing, whether the IRM will be a success remains to be seen.

Secondly, there has been a strong movement towards the Linux environment in most parts of the world and the open source communities have always been uneasy with any new technology from Microsoft, regardless of how useful it promises to be.

Fortunately, Microsoft has decided to share the technology with third-party developers, who may develop their own IRM client applications. As long as the applications uses eXtensible rights Markup Language, or XrML, it can run on various platforms and this will greatly extend its usefulness and acceptance.

For sure, you would not be interested in using the IRM if the person you are trying to share your confidential information with keeps ignoring your request for his feedback simply because he does not have either Microsoft Office Professional Edition 2003 or Internet Explorer.

The value of this technology will be determined by how many people are using it without being limited by the product that they use.

Finally, IRM, as Microsoft puts it, aims to raise the level of protection of information. It is not bullet-proof because -- with the screen capture capability on their computer disabled -- people can always use a tiny digital camera to steal information displayed on the screen.

IRM provides a more powerful tool to ensure the right protection for our information, but the human factor still plays a significant role.