Ads by TechWords

See your link here
Receive the latest technology news and information.
Computerworld Daily News (First Look and Wrap-Up)
Computerworld Blogs Newsletter
The Weekly Top 10
Cloud Computing
View all newsletters




Privacy Policy
 

Rights of Passage

Enterprise rights management software ensures that sensitive documents and e-mail can be circulated and don't end up in the wrong hands.

July 4, 2005 12:00 PM ET

Computerworld - When Corning Inc. began selling products for military and aerospace use, the optical-fiber and cabling product manufacturer needed a way to show that it was following export controls and handling sensitive documents properly. "The government regulations are very explicit," says James Scott, director of knowledge and information management. To meet those requirements, the Corning, N.Y.-based company deployed enterprise rights management (ERM) software from Liquid Machines Inc.


Corning's research and development staff uses the software to encrypt critical documents and apply rules that determine not just who has access to the files but also whether they can print, copy or forward them to others. The system also establishes a chain of custody, providing an audit trail of who accessed a document when and what they did with it. "We can put our hands on our hearts and say we know we are compliant," Scott says.


Government contractors such as Corning aren't the only organizations thinking about document security these days. Recent high-profile data thefts and government regulations covering everything from financial disclosure to customer privacy have businesses worrying about where sensitive e-mail is going. IT organizations are struggling to control both dissemination of and access to corporate data contained in e-mail messages, Word documents or other electronic document formats. Leaked customer data or an untimely release of financial information can lead to public embarrassments as well as legal fines.


But Corning, like many other organizations with large R&D investments, has another concern: protecting documents pertaining to intellectual property that it's developing. "Many companies are very lax in their understanding and use of [ERM] as a way to protect their intellectual property," Scott says.


ERM Inside


Like digital rights management software, ERM products lock documents by encrypting them. But while DRM focuses on the consumer, ERM systems are designed to support document security policies both within and between businesses and to provide an audit trail.

In an ERM system, a policy server stores encryption keys, authorizes user access to documents and maintains policy templates that store rules that dictate what users in different roles can do with different classes of documents. Users then apply those policies to documents as they create them. Most products require users to run agent software or plug-ins designed to work with specific applications, such as Microsoft Word or Internet Explorer. Others, such as Microsoft Corp.'s Rights Management Services (RMS), require that applications be modified to natively support the ERM system's application programming interfaces (API). Most also require an identity management infrastructure.


"If you don't have an enterprise directory, it will be more challenging," says Trent Henry, an analyst at Burton Group in Midvale, Utah.



Jump to comments

Legislation/Regulation

Additional Resources

Xerox
By using solid ink technology only from Xerox, you could save up to 65% by printing color for the cost of black and white. Enter for a chance to WIN a PhaserTM 8860 network color printer!
Microsoft
Save time and mitigate security risk. Deploy it now.
Sybase
In this white paper, IDC analyzes the role of next-generation mobile enterprise platforms as organizations seek a more strategic deployment of mobile solutions.

Learn the important issues you must consider before starting your next mobility initiative. Get your mobility white paper from IDC now, compliments of Sybase.