The company IT Security perimeter no longer exists, now that mobile and cloud computing are so prevalent. The availability of files and information to employees in the office, on site, on the road or at home is high.
But then so are the IT security risks that go with such availability, unless appropriate measures are taken.
Those measures cannot be the same as the traditional firewall solutions, because so much computing activity now takes place outside such firewalls.
The security paradigm has to be turned inside out. Instead of trying to keep all data within one big fence, each piece of data must travel with its own protection.
This is what information rights management (IRM) sets out to accomplish. In essence, information and its protection can be individually created, seen, modified and distributed, using IRM.
Technologies offering IRM to enterprises often encompass encryption and permissions management, with levels of authorised access in order to manage access and modification, but also copying and pasting, capturing screenshots and printing.
On the other hand, IRM can be designed to allow access in any case for data searches and audits, leaving these two important functions fully operational, no matter what user-level permissions are defined.
As vendors extend the reach of IRM in different products, enterprises benefit from systems that can handle many types of file at rest and in use, either locally or within the cloud.
Thanks to the dual protections of permissions and encryption, even if information is mistakenly sent to the wrong email address, for example, a recipient without the correct permissions will be unable to see that information.
This does not prevent all the potential problems: for example, somebody with viewing, but not copying or printing rights, can still take a picture of the screen with a smartphone.
However, in an increasingly borderless IT world, IRM can help enterprises be more efficient and competitive, while staying secure.