Information rights management (IRM) is a subset of digital rights management (DRM), technologies that protect sensitive information from unauthorized access.[1] It is sometimes referred to as E-DRM or Enterprise Digital Rights Management. This can cause confusion, because digital rights management (DRM) technologies are typically associated with business-to-consumer systems designed to protect rich media such as music and video. IRM is a technology which allows for information (mostly in the form of documents) to be ‘remote controlled’.
This means that information and its control can now be separately created, viewed, edited and distributed. A true IRM system is typically used to protect information in a business-to-business model, such as financial data, intellectual property and executive communications. IRM currently applies mainly to documents and emails.
IRM technologies typically have a number of features that allow an owner to control, manage and secure information from unwanted access.[2]
Information encryptionEdit
Information rights management solutions use encryption to prevent unauthorized access. A key or password can be used to control access to the encrypted data.
Permissions managementEdit
Once a document is encrypted against unauthorized users, an IRM user can apply certain access permissions that permit or deny a user from taking certain actions on a piece of information. Some of these standard permissions are included below.
Strong in use protection, such as controlling copy & paste, preventing screenshots, printing, editing.
A rights model/policy which allows for easy mapping of business classifications to information.
Offline use allowing for users to create/access IRM sealed documents without needing network access for certain periods of time.
Full auditing of both access to documents as well as changes to the rights/policy by business users.
It also allows users to change or revoke access permissions without sharing the document again.
ExamplesEdit
An example of IRM in use would be to secure a sensitive engineering document being distributed in an environment where the document's recipients could not necessarily be trusted.
Alternatively, an e-mail could be secured with IRM. If an email is accidentally forwarded to an untrusted party, only authorized users can gain access. A well designed IRM system will not limit the ability for information to be shared. Rules are enforced only when people attempt to gain access. This is important as often people share sensitive information with users who should legitimately have access but don't. Technology must facilitate control over sensitive information in such a situation.
IRM is far more secure than shared secret passwords. Key management is used to protect the information whilst it is at rest on a hard disk, network drive or other storage device. IRM continues to protect and control access to the document when it is in use. Functionality such as preventing screen shots, disallowing the copying of data from the secure document to an insecure environment and guarding the information from programmatic attack, are key elements of an effective IRM solution.
Naming conventionsEdit
Information rights management is also known by the following names:
Enterprise Rights Management
Enterprise DRM or Enterprise Digital Rights Management
^Herrera Montano, Isabel; García Aranda, José Javier; Ramos Diaz, Juan; Molina Cardín, Sergio; de la Torre Díez, Isabel; Rodrigues, Joel J. P. C. (2022-07-14). "Survey of Techniques on Data Leakage Protection and Methods to address the Insider threat". Cluster Computing. 25 (6): 4289–4302. doi:10.1007/s10586-022-03668-2. ISSN 1573-7543.
^JoanneHendrickson. "Information Rights Management in Exchange Server". docs.microsoft.com. Retrieved 2022-07-22.
October 21, 2023
information, rights, management, this, article, multiple, issues, please, help, improve, discuss, these, issues, talk, page, learn, when, remove, these, template, messages, this, article, needs, additional, citations, verification, please, help, improve, this,. This article has multiple issues Please help improve it or discuss these issues on the talk page Learn how and when to remove these template messages This article needs additional citations for verification Please help improve this article by adding citations to reliable sources Unsourced material may be challenged and removed Find sources Information rights management news newspapers books scholar JSTOR July 2022 Learn how and when to remove this template message A major contributor to this article appears to have a close connection with its subject It may require cleanup to comply with Wikipedia s content policies particularly neutral point of view Please discuss further on the talk page August 2013 Learn how and when to remove this template message Learn how and when to remove this template message Information rights management IRM is a subset of digital rights management DRM technologies that protect sensitive information from unauthorized access 1 It is sometimes referred to as E DRM or Enterprise Digital Rights Management This can cause confusion because digital rights management DRM technologies are typically associated with business to consumer systems designed to protect rich media such as music and video IRM is a technology which allows for information mostly in the form of documents to be remote controlled This means that information and its control can now be separately created viewed edited and distributed A true IRM system is typically used to protect information in a business to business model such as financial data intellectual property and executive communications IRM currently applies mainly to documents and emails Contents 1 Features 1 1 Information encryption 1 2 Permissions management 2 Examples 3 Naming conventions 4 See also 5 ReferencesFeatures EditIRM technologies typically have a number of features that allow an owner to control manage and secure information from unwanted access 2 Information encryption Edit Information rights management solutions use encryption to prevent unauthorized access A key or password can be used to control access to the encrypted data Permissions management Edit Once a document is encrypted against unauthorized users an IRM user can apply certain access permissions that permit or deny a user from taking certain actions on a piece of information Some of these standard permissions are included below Strong in use protection such as controlling copy amp paste preventing screenshots printing editing A rights model policy which allows for easy mapping of business classifications to information Offline use allowing for users to create access IRM sealed documents without needing network access for certain periods of time Full auditing of both access to documents as well as changes to the rights policy by business users It also allows users to change or revoke access permissions without sharing the document again Examples EditAn example of IRM in use would be to secure a sensitive engineering document being distributed in an environment where the document s recipients could not necessarily be trusted Alternatively an e mail could be secured with IRM If an email is accidentally forwarded to an untrusted party only authorized users can gain access A well designed IRM system will not limit the ability for information to be shared Rules are enforced only when people attempt to gain access This is important as often people share sensitive information with users who should legitimately have access but don t Technology must facilitate control over sensitive information in such a situation IRM is far more secure than shared secret passwords Key management is used to protect the information whilst it is at rest on a hard disk network drive or other storage device IRM continues to protect and control access to the document when it is in use Functionality such as preventing screen shots disallowing the copying of data from the secure document to an insecure environment and guarding the information from programmatic attack are key elements of an effective IRM solution Naming conventions EditInformation rights management is also known by the following names Enterprise Rights Management Enterprise DRM or Enterprise Digital Rights Management Document Rights Management Intelligent Rights ManagementSee also EditDigital rights management Always on DRM Copyright infringement Encryption Advanced Encryption Standard RpmsgReferences Edit Herrera Montano Isabel Garcia Aranda Jose Javier Ramos Diaz Juan Molina Cardin Sergio de la Torre Diez Isabel Rodrigues Joel J P C 2022 07 14 Survey of Techniques on Data Leakage Protection and Methods to address the Insider threat Cluster Computing 25 6 4289 4302 doi 10 1007 s10586 022 03668 2 ISSN 1573 7543 JoanneHendrickson Information Rights Management in Exchange Server docs microsoft com Retrieved 2022 07 22 Retrieved from https en wikipedia org w index php title Information rights management amp oldid 1138036835, wikipedia, wiki, book, books, library,
