Blog

Provide Extra Protection With SharePoint Information Rights Management

By Cathy Dew on May 5, 2017

Using Information Rights Management for Your SharePoint Documents, Libraries, and More

If you want to provide extra protection to your SharePoint documents, libraries, and other assets you might consider using information rights management. Unlike many SharePoint features, information rights management (or IRM) is not exclusive to SharePoint. On the contrary, you would frequently use IRM in the broader tech community. It is a subset of DRM (or digital rights management), which companies like Apple used to use as an anti-piracy protection for song files downloaded from its iTunes Music Store.

In the iTunes example, Apple used DRM to prevent users from copying and sharing digital song files. The DRM allowed the purchaser of the file to authorize a limited number of other devices to play the file. Otherwise, though, the DRM made the files copy-protected. IRM serves a similar purpose, but for other types of files. Where DRM is usually used to protect music files or video files, IRM is more often used to protect written data—such as Word documents and emails.

For a deep dive into document management, from content types to workflows and document centers, check out our topic page "SharePoint Document Management: Document retention and collaborative tools for teams."

Common IRM Features

IRM can manifest itself in several different ways, depending on the company that is using it. For instance, have you ever tried copying and pasting sections of an article on the web, only to find that this normally reliable function wouldn’t work? If so, then you’ve encountered IRM. Information rights management can prevent copy and paste functions. It can also keep you from printing a page, taking a screenshot, or otherwise copying protected data.

In your SharePoint environment, IRM is behind all the key security features that you use to safeguard different files, folders, and SharePoint libraries. By activating IRM in SharePoint, you can use it to encrypt your files, set permissions for different parts of your intranet, and control who has access to what data and if/how they can share it.

Setting up IRM to Protect Your SharePoint Documents

IRM is available for most SharePoint and Office 365 users but is not activated by default. If you would like to use IRM to protect your SharePoint libraries and documents, you must know how to turn on the proper rights management protections for your program. The type of IRM you will be using will vary slightly depending on whether you are using SharePoint Online as part of Office 365 or SharePoint 2013/2016.

For Office 365

If you are using SharePoint Online as part of an Office 365 subscription, then your initial IRM activation will take the form of Microsoft’s Azure Active Directory Rights Management. (Do note, however, that not all Office 365 plans come with Azure AD RM subscriptions.)

Before you can activate Azure AD RM, you will need to turn on Rights Management for Office 365. (Learn how to activate Rights Management for your version of Office 365.) Once Rights Management is activated, you can turn on IRM by logging in to the Office 365 Admin Center. Click “Admin,” select “SharePoint,” and then click on “Settings.” In the settings menu, you will see an Information Rights Management section. All you have to do to turn on IRM for Office 365 is click “Use the IRM service specified in your configuration.” Then, just click “Refresh IRM Settings” to apply the changes.

For SharePoint On-Premise

If you are using SharePoint on premise you need to have an internal Rights Management Service configured. Normally this is done as part of your Active Directory Services and can be a big deal if you are a small company with limited resources. Read Pre-Installation Information for AD Rights Management, as well as, the AD RMS Step-by-Step Guide from Microsoft TechNet to build your own internal Rights Management Service.
 

For SharePoint

Once you have IRM services activated, you can use IRM to protect specific libraries or lists within your SharePoint environment. To start using IRM within SharePoint, navigate to the specific library that you want to protect. From the ribbon, select “Library” and then “Library Settings.” One of the sections of the settings menu is “Permissions and Management,” under which you will find the settings for Information Rights Management. From there, you will want to click on “Restrict permission to documents in this library on download” to apply IRM to the library.

You can also use the “Permissions and Management” menu to decide how IRM will behave in your SharePoint library. For instance, you can set it up to prevent users from printing documents, to require users to input their credentials regularly to view the library contents, or to prevent users from uploading documents that can’t be supported by IRM.

How IRM Works with Different Permission Options

One of the great things about using IRM in SharePoint is that it complements the rest of your permissions system quite nicely. IRM essentially applies extra protection to some of your SharePoint documents. For instance, if you have a group of users that you’ve granted with “View” permission for a certain library (as opposed to users with “Edit” permissions), IRM will make it so users in that group cannot use the copy/paste function with the content. IRM also gives you the option to restrict users in the “View” group from printing documents. The same printing restrictions can apply to users with “Edit,” “Save,” or “Copy” permissions, as well.

The goal of IRM in SharePoint is to restrict the spread of your data. If your enterprise deals only with sensitive or confidential data, then you may consider applying IRM features site-wide. If you are working temporarily on a more sensitive account (perhaps a project that involves a client’s financial information or trade secrets), then you might create an IRM-protected library just for that client. This library-specific restriction would allow you to safeguard that information without applying the same level of security to every document on your SharePoint CMS.

Start Safeguarding Sensitive SharePoint Documents with IRM

Is your enterprise currently handling data or files that you prefer to safeguard with a few extra layers of protection? The chances are that you are already using permissions, but IRM can add a lot of extra protection into the mix. At 2Plus2, we can show you how to turn on Rights Management for Office 365 or SharePoint, as well as how to configure IRM on a site-wide or library-specific basis. Regardless of which SharePoint documents you want to protect with IRM, we can help you design the solution.

In the meantime, see how a SharePoint Document Center can elevate the level of your document managment.

Go online to schedule a free consultation with our team or call 510-652-7700 today.

Cathy Dew
Cathy Dew – CEO + Information Architect
Cathy focuses the company on our mission – Real results. Every time. Information architect and strategist, Cathy is passionate about making software work well – the function, the feel, the result.