Continuing the theme of the Future of ECM … trend #11 …
This blog post looks at the increasing role that Information Rights Management (IRM) will play as a trend around ECM implementations over the coming years.
IRM is a technology that embeds digital rights into documents offering an additional means of safeguarding documents from unauthorised access and usage, especially when those documents are distributed outside of the organisation. For example, it is possible to define who is allowed access to the document, where they are allowed to access it, for how long they may access it, and what they are allowed to do with it (such as open, modify, print, copy and paste). Therefore, just because someone has a copy of a document doesn’t mean that they can do anything they want with it. On attempting to open the document, the credentials of the person are transparently validated against the IRM system, after which the embedded digital rights dictate what they are allowed do with the document. Considering the recent Wikileaks debacle, had the documents exposed on Wikileaks been encrypted with IRM technology, the impact in the media might have been just a fraction of what it was.
There are a number of IRM products on the market including Microsoft Rights Management, Oracle Information Rights Management, Adobe Rights Management and Gigatrust. Typically IRM comes as an add-on module that integrates into ECM systems. Most of them should automatically pick up the access privileges and rights that are configured within the ECM without having to duplicate them in the IRM. The digital rights can be embedded on upload and creation of the document in the ECM or dynamically when the document is published to, say, an Extranet site for distribution. Rapid centralised revocation of rights is possible and a full audit trail of access and usage is recorded.
Although IRM technology has been available for several years, its actual deployment in combination with ECM systems has been relatively low up until now. However, in a world of ever increasing document sharing and collaboration, a balance needs to be drawn between the wider distribution of documents and the need to maintain security over those documents. This is why I expect that IRM will play an increasingly important role in addressing this balance. It will become more widely adopted by organisations in the coming years.