Why enterprise rights management matters: How to keep corporate data from walking out the door

ERM locks down corporate secrets but still allows employees to do their jobs

1 2 3 4 5 Page 4
Page 4 of 5

Broad support of client devices is also important for customer satisfaction. BCA's customers "don't just want to read our research on their desktops, they want it on their laptop, the computer in the car, at home, on iPhones, BlackBerries, Kindles," says BCA's Chow. Some IRM vendors currently support the BlackBerry; some are promising iPhone support soon. Kindles, not so much.

Deployment can be tricky

Even with the right tools, ERM deployments can be challenging. A potentially hairy issue is convincing customers, particularly at other companies, to agree to install IRM software on their client systems.

"ERM's limitation is, if I want to share documents with a partner or [outside] customer, I have to install a client and have that be part of my security domain," says Oltsik.

This can make the other firm's IT staff quite nervous. In most instances ESG is aware of, where a company successfully deployed IRM security on partner sites, the firm had "lots of clout in their market ecosystem," Oltsik notes.

One way to minimize resistance is to pick an IRM product whose client code is relatively unobtrusive and nonproprietary.

BCA, for example, decided not to use LockLizard's IRM product because it required installing a proprietary PDF reader that was not Adobe's, Chow says. "For our client base, that just wouldn't work." In contrast, FileOpen supplies a plug-in to users' existing Adobe readers that can be installed in 30 seconds, he adds.

Even so, customers still balk sometimes, Chow says. "IT says, 'What is this -- is this clean? What kind of information is it sending back to you? We need a security audit on this plug-in.' "

Some partners' IT departments simply refuse, in which case BCA asks the company to sign an agreement under which it promises not to share or abuse proprietary information. "We actually find that very effective," Chow says.

Start small

Before deploying an ERM platform, businesses need to define the policies that IRM and DLP controls will enforce. This can be quite challenging, especially if a company wants to protect a wide variety of information both inside and outside the corporate firewall.

Oltsik advises starting with a small number of policies and enforcement mechanisms, "or you'll have users, help desk personnel and policymakers struggling" to cope with the new rules. It's also wise to hire an experienced professional service provider that can help sort through policy and enforcement issues, he adds.

If you plan to deploy a complex set of policies, pick an ERM product that provides development tools and some kind of rules engine for managing and deploying policies. Most ERM policy tools are largely proprietary and stand-alone at the moment. However, some IRM and DLP vendors have been partnering to provide an integrated policy system.

1 2 3 4 5 Page 4
Page 4 of 5
7 inconvenient truths about the hybrid work trend
Shop Tech Products at Amazon