Benefits of Deploying RMS
Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2
Organizations of all sizes are challenged to protect valuable digital information against careless mishandling and malicious use. The increasing incidences of information theft and the emergence of new legislative requirements to protect data underscore the need for better protection of digital content. The growing use of computers to create and work with these types of sensitive information, the introduction of extensive connectivity through private and public networks (including the Internet), and the appearance of increasingly powerful computing devices have made protecting organizational data an essential security consideration.
Types of digital content can include dynamic, database-driven reports on an information portal, confidential e-mail messages, strategic planning documents, military defense reports, and other sensitive files. This section describes some basic reasons why you might want to deploy RMS to protect content.
This section covers:
Vulnerable Organizational Information
Enhanced Network Security
Better Protection for Digital Content
Vulnerable Organizational Information
Organizations create and use a broad assortment of valuable content that they want and need to protect. The following list provides examples of content that you can protect by using RMS:
Traditional digital files and information. Typical examples of traditional digital files and information are e-mail communications, project-related documents, confidential reports, marketing plans, and product overviews. Information workers share these documents regularly through e-mail messages, conferencing applications, disk shares, and server-based or peer-to-peer systems. This category can also include other sensitive content, such as employee performance reviews and personal records that users might need or want to maintain in a secure, readily available state.
Proprietary organizational information. Senior management uses this information to administer, monitor, and direct an organization's activities. This proprietary content might include an organization's sales and market share reports, financial performance information, and strategic forecasts and overviews. Improper distribution or use of such content might cause significant damage to an organization, either in the competitive market or in a court of law.
Deploying RMS can be an important part of a security strategy to protect this vulnerable content.
Enhanced Network Security
Protecting digital content is a difficult and ongoing task. Typically, organizations work to secure digital files and information by using perimeter-based security methods. Firewalls can limit access to the corporate network, and discretionary access control lists (DACLs) can restrict access to specific data. In addition, organizations can use encryption and authentication technologies and products (such as public key infrastructure [PKI] and Kerberos), to help secure e-mail while it is in transit, as well as to help ensure that the intended recipients are the first recipients to open the messages.
These methods help organizations control access to sensitive content. However, recipients are still free to do whatever they want with the content that they receive. After the user is authenticated and the content is decrypted, no restrictions control what can be done with the content or where it can be sent. Perimeter-based security methods cannot enforce business rules that control how people use and distribute the content outside the network perimeter, or after the perimeter is breached.
If you rely on individual discretion and responsibility for the manner in which digital content is shared and used, an unacceptable degree of risk might be introduced into this network security model. Even accidental security breaches can cause serious harm. For example, users could mistakenly forward sensitive e-mail messages or documents to recipients who have potentially malicious intent.
In addition to the threats of theft and mishandling, a growing list of legislative requirements adds to the ongoing task of protecting digital content. For example, many organizations must comply with Securities and Exchange Commission (SEC) fair disclosure codes, which address the problem of selective disclosure of certain information to inside investors. Similarly, the finance, healthcare, and legal sectors are increasingly challenged by the need to better protect digital content because of emerging legislative standards.
Without an end-to-end software solution such as RMS in place to effectively control the use of digital content no matter where it goes, the content can too easily end up in the wrong hands, whether maliciously or accidentally.
Better Protection for Digital Content
Digital content must be better protected. Although no form of information will ever be invulnerable to unauthorized use, and no single approach will shield data from misuse in all cases, the best defense is a comprehensive solution that safeguards information.
As an essential part of an organization's security strategy, a solution for better information protection should provide the means to control how content is used and distributed beyond simple access control. A solution for better information protection should:
Help protect an organization's records and documents on the company intranet, as well as from being shared with unauthorized users.
Help keep that content secure and tamper-resistant.
Expire content based on time requirements when appropriate, even when that content is sent over an extranet to other organizations.
Require an audit trail to track who has gained access to and used the content.
RMS provides all of these capabilities.