Such restrictions are meant to solve an array of corporate problems, from big-ticket headaches like leaked documents that can expose company secrets or pose legal liabilities to the challenge of making sure everyone's working from the current price list.
Selena Wilson, Microsoft's director of Windows security product management, said there's little trouble convincing businesspeople of the value of enterprise DRM. Microsoft entered the market late last year with Rights Management Services (RMS), an add-on to Windows Server 2003 meant to handle access restrictions for a wide range of corporate data. Office 2003, the latest version of Microsoft's widespread productivity package, allows RMS-based restrictions to be built into common types of documents.
"Every time we present RMS to business decision-makers, they just immediately get it," Wilson said.
One Authentica customer that's gotten it is San Francisco-based CaseCentral, which provides Internet-based depository management for complex litigation.
CaseCentral used Authentica technology to create secure, online versions of the "data rooms" companies typically maintain during merger and acquisition negotiations to provide controlled access to financial reports and other sensitive documents. With Authentica's DRM, electronic versions of such documents can be embedded with restrictions that permit only limited access by authorised parties, explained CaseCentral chief executive Christopher Kruse.
The upshot is that corporate lawyers can access the documents they need without time-consuming travel or worrying about information falling into the wrong hands. It's an approach that can only work with a sturdy DRM system, Kruse said.
"There really isn't much more confidential stuff in the business world than what we protect," he said. "We make sure people can't copy or even take a screenshot of a document. And the minute someone drops out of the bidding, we can shut off all their access to documents."
Talkback
This is not just an issue for HR and IT; it is a Director-level issue. Breach of copyright involves personal director liability as well as corporate liability - it is exactly the same law as if the company is using unlicensed software.
Companies also need to seriously look at the threats posed by applications like P2P and IM – not just at what they can bring into an organisation, but also what they allow out. Preventing the leak of confidential data out of organisations via software means such as email, P2P, IM, or hardware - floppy, CD and now USB memory devices is a major challenge to security and IT management. Securing the enterprise's intellectual property is a strategic management issue, whether you are a major NHS Trust with specific standards to meet, or an SME fighting for business.
Andy Wooles, Managing Director, FutureSoft UK