The purpose of an Enterprise Digital Rights Management system is to keep sensitive information secure and control how it can be used…wherever it travels. Several EDRM solutions that are easy to use have serious security flaws that allow data to become unprotected. Basic capabilities such as controlling the ability to cut and paste content from a protected document to an unprotected file, or the ability to block the sharing protected files via screen sharing are not enforced by many EDRM offerings on the market.
Even deeper in the underlying security infrastructure, you will find that not all EDRM solutions offer a ‘Bring Your Own Key (BYOK)’ feature which will enable you to use key management systems such as Hardware Security Modules (e.g. HSMs). Another key security aspect is to look into is whether the EDRM solution has a security layer within an SSL tunnel to protect all client-server communication and ensure internal product security.
While many organizations focus on ease-of-use when selecting an EDRM solution, our guidance is that in addition to making sure a solution will be easily adopted, that you spend just as much time testing the underlying security aspects of an EDRM solution. Before you make your final selection on which EDRM vendor to utilize for your data-centric security, make sure the solution is actually going to deliver on its base-line promise: keeping your sensitive information secure.
Here are three questions you should be asking your EDRM vendor:
- Can you cut and paste content from a protected file into an unprotected file?
- Can you stop a protected file from being visible on GTM or other conference services (screen sharing)?
- Do usage controls stay with the file even when it is save in another file type?
Know others questions to ask by taking the