Previous blogs have discussed using data classification as a means to help your suppliers and business partners understand the value of your information and their responsibilities in safeguarding that data. However, there are many situations where you need to go beyond just trusting others to correctly handle your most sensitive data – you need to ensure that it’s handled appropriately. So up steps a technological solution in the form of Digital Rights Management (DRM) and the concept of persistent protection.
Persistent protection tackles the issue of how to protect your data once it has left the confines of your well-managed corporate data stores. This is a major challenge in today’s mobile and highly collaborative world, but DRM solutions ensure that protection travels with the data and extends to the usage rights for such data – in much the same way as access rights control what users can do with information held in a document store.
Traditionally, DRM has been difficult to manage and deploy, especially beyond the corporate boundary and has proved difficult for users to grasp. In response to these historic shortcomings Microsoft has enhanced its Rights Management solution in the form of Azure RMS. Microsoft Azure RMS encompasses collaborative scenarios and the breadth of today’s mobile device platforms, whilst offering fine-grained control over who can see content, what they are allowed to do with it and how long they are permitted access.
However, as is so often the case, the true challenge with a technology solution is how easy it is for users to engage with. Even where the use of a solution such as RMS is reduced to an apparently simple choice for the users between a set of policy templates, those users still need to understand which data needs this protection, where to find the protection interface and what template to then apply.
What users more readily understand is the nature and value of the information that they create and manage on a day-to-day basis. Introducing data classification provides the means for users to capture and share that understanding in a simple and consistent manner. Once you have a classification scheme in place,it is easy to form a direct association between the classification of data and the usage rights that should be applied to that data.
Setting your classification system up to automatically apply the appropriate RMS template based on the user’s choice of classification will solve the problem of workflow interruption and the potentially incorrect selection of usage rights. This is the approach taken by Boldon James Classifier, which provides a means to automate the application of Microsoft Rights Management templates based upon the selected classification.
Using data classification to drive Rights Management provides a user-centric approach to applying persistent data protection – ensuring that your information not only falls into the right hands, but is only used in the right way.