Is this the Right time for Rights Management?

By E.K. Koh, VP of Solutions at NextLabs

It depends on whether you believe the analysts.

In the report “Information Security Predictions and Recommendations 2014”, Kuppinger Cole recommends that enterprises “Focus on strategic elements such as Information Rights Management for documents and Enterprise Key and Certificate Management (EKCM) for managing the secrets.” And, at the recent European Identity Conference, Kuppinger Cole identified Secure Information Sharing as a hot topic, by calling out Rights Management as an enabler. [Source: EIC 2014: Trends and Hot Topics, Kuppinger Cole, May 2014]

Forrester agrees.

“A major multinational electronics and furniture company told Forrester that it needs to ensure that only authorized business partners and suppliers can access its design schematics, architectural blueprints, and other IP. The company has been struggling, however, to find vendors that can provide data rights management capabilities that seamlessly combine protection of on-premise SharePoint-based data assets with other data assets that are stored in the cloud through Office 365.” [Source: An S&R Pro’s Guide to Security To, In and From the Cloud, Forrester, Dec 2013]

In fact, in the report “TechRadar: Data Security Q2, 2014: Technologies Evaluated”, Forrester identified Rights Management as one of twenty technologies that security and risk professionals should adopt for data protection.

Why the recent market interests and analyst endorsements for Rights Management? After all, the technology has been around, and has seen limited adoption in the past.

We believe it is driven by a shift in demand and a shift in supply.

The shift in demand is driven by the extended enterprise. As companies morphed from monolithic entities to ones that have an extended boundary, the need to collaborate and share sensitive information from anywhere using any device has become increasingly important to global business operations. The ability to control how sensitive data can be accessed and used is therefore paramount. In addition, recent high profile cases of information breach from insiders such as Snowden and Manning have only heightened the awareness and needs for Rights Management.

And then there is the shift in supply, to a new generation of rights management solutions that are easier to deploy, easier to use, and provides better content coverage. Unlike previous solutions, the new solutions:

• Automatically apply rights based on pre-defined policies, alleviating the need for manual application of rights templates, which are error prone and non-scalable
• Control access and usage of rights protected documents based on attributes, which are dynamically applied, not pre-defined
• Are content agnostic, providing protection for all content types

Perhaps Heidi Shey, Forrester Analyst, sums it best: “Secure file sharing and collaboration solutions will help to bring basic IRM/ERM capabilities to the masses and to the rest of the enterprise” [Source: Market Overview: Secure File Sharing and Collaboration, Forrester, Jun 2014]

Is this the right time for Rights Management? Are you planning a Rights Management project?