Share via

Share an IRM-protected file with external user

Luis Olias 181 Reputation points
2021-02-10T15:09:02.033+00:00

Hello,

I have an IRM-protected library on Sharepoint.

A user who has edit permissions on this library has downloaded a file.

Could he send that file to an external user who does not exist in my Azure AD Tenant?

From what I could research, this user can only see the permissions he has, but not change them so as to send it to an external user.

However, I have also noticed that if the site owner downloads it, he can change permissions on the file.

So, if I have an scenario where I'd like to share some documents, IRM is not the best choice?

Many thanks in advance.

SharePoint
SharePoint
A group of Microsoft Products and technologies used for sharing and managing content, knowledge, and applications.
10,300 questions
0 comments
Accepted answer
  1. Vasil Michev 100.2K Reputation points MVP
    2021-02-10T16:46:32.237+00:00

    He can email it or share it by other means, but encryption and the usage license "travels" with the file, so other parties will not be able to open it. Now if he has sufficient permissions to edit the protection settings, that's a different story. In any case, you should look into using the newer AIP-based protection, as the IRM implementation is decade old...

    0 comments

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Luis Olias 181 Reputation points
    2021-02-10T17:05:19.31+00:00

    Thanks a lot michev.

    When you mention: "...Now if he has sufficient permissions to edit the protection settings, that's a different story..."

    The user I am talking about is a member of the group, not an owner. From what I could see, owners can do what you mention.

    So, in a environment where people need to share documents with external organizations, IRM is not the proper technology?

    Thanks a lot.