This article can also be found in the Premium Editorial Download "Information Security magazine: Security 7 Award winners sound off on key information security issues."
Download it now to read this article plus other related content.
The nice thing about rights management is that permissions are typically linked to a backend server. This means that if a user were to copy a rights managed file onto removable media and then leave the company, the administrator could prevent the data in that file from being accessed by the former employee by simply removing the rights.
Windows natively supports rights management, but third-party products offer similar capabilities. For the most part, rights management works very well, but the initial setup can be complicated, depending on the product. Also, depending on how rights management is set up, mobile users may not be able to open rights managed documents unless they have connectivity to the company's rights management server. Another potential downside is that not all types of data can be rights managed. On the upside, rights management does solve the management headaches typically associated with application-level encryption.
This was first published in October 2008