IRM – Information Rights Management - should be a no brainier After all, if you have information moving out of organization’s perimeters – by design as in during collaboration, or accidentally or worse due to malevolent intention on someone’s part, IRM is about the only technology you have at your disposal that can protect your information. IRM attaches security to information, by defining who can access information; for what purpose (edit, print); when(date, time) can they access information and from where (which machines).
But as “J F Rice” – possibly fictitious name – points in this actually good article in Computer World, many information security managers are questioning, if IRM is a magic bullet or just a dud
One can only venture to suggest to ’Mr. Rice’ and his ilk that they must experiment with IRM, in a manner that mitigate risks. If you don’t risk anything, you risk everything, ’Mr. Rice’. Fear knows no logic and no logic can defeat fear. You just need to jump into water to learn swimming. The most help that can be offered is swimming tube so that you don’t drown.
IRM may have crossed the awareness hurdle, at least amoung information security specialists. But it still is going to take lot of confidence building before the hurdle of – “Is it Safe” – is crossed. Not that IRM is risky or anything, but nobody seems to want to be the first in trying IRM.
If there is fear, if not lack of awareness amoung information security specialists in trying IRM, there seems to be utter lack of knowledge about risks of not having information itself protected for all times and climes, as opposed to infrastructure, amoung the business users.
The solution to these challenges cited above seems to be to educate the business users about the need to protect information itself, especially when it is likely to move out of organisation’s boundaries. And more importantly to ‘hand hold’ the information security team, as they cautiously try out IRM – Information Rights Management, assuming they already know about IRM.
Kites fly against the wind, not with the wind they say. There is enough wind against IRM –Information Rights Management, to give us hope that one day, hopefully sooner rather than later, that IRM will fly, if the example of kites is anything to go by.
IRM we believe is underestimated. Not too long ago in 1943, Thomas Watson, IBM Boss said – “I think there is a world market for maybe 5 computers.”