Print - Microsoft Touts Windows Rights Management technologies

Late Friday, Microsoft announced that it will soon release a beta version of digital rights management (DRM) technologies that will let users of Windows Server 2003 and Microsoft Office 2003 create secure documents that cannot be leaked, copied, or forwarded to unauthorized individuals. Microsoft says the technology, dubbed Windows Rights Management Services (WRMS), came about when its enterprise customers asked for a way to prevent sensitive internal documents from being leaked to the Web and competitors. The company will ship a beta version of WRMS in the second quarter, Microsoft says.

"Customers have told us they need better solutions to help safeguard their critical business information," said Mike Nash, the corporate vice president of the Security Business Unit at Microsoft. "What's really compelling about Rights Management technology is that it enables businesses to protect the information they most worry might leak--either deliberately or inadvertently--by putting persistent protections in the documents themselves."

WRMS is a platform that lets developers create applications--including word processors, email clients, and other programs--that can designate two main criteria: Who has access to data and what kind of access they have. WRMS can be used to control the forwarding, copying and printing of documents, and can create time-based expiration rules as well. Microsoft says that an administrator can create WRMS policies such as "company confidential" that prevent such documents from leaving the enterprise.

Last week, Microsoft inadvertently posted Office 2003 Beta 2 to its MSDN Subscriber Downloads site a few weeks ahead of schedule. This Office release includes technology dubbed Information Rights Management (IRM), which requires access to a WRMS-enabled server. IRM lets Office 2003 users protect sensitive information by applying permission rules to documents and emails. In early tests of the technology, I was able to transmit protected email to other testers that then could not be copied to the clipboard, forwarded, or printed. The document protection appears to work outside of Office 2003 environments as well; protected email could not be viewed in other email clients, such as Mozilla, either. I'll have more information about this compelling technology when I post by Office 2003 Beta 2 review in March.

"I was able to transmit protected email to other testers that then could not be copied to the clipboard, forwarded, or printed." -> What about the 'print-screen' button on my keyboard? Can I take a screenshot of the email and paste the image in paint? Editor's note: No. --Paul

"In early tests of the technology, I was able to transmit protected email to other testers that then could not be copied to the clipboard, forwarded, or printed. The document protection appears to work outside of Office 2003 environments as well; protected email could not be viewed in other email clients, such as Mozilla, either." Can anybody say "vendor lock-in"? I don't suppose you checked if you could take screenshots did you? Editor's note: Yeah, I did. It doesn't work. --Paul

"could not be copied to the clipboard, forwarded, or printed" -> How about a screenshot with the 'print-screen' button on my keyboard? Editor's note: Doesn't work. However, someone I talked to recently said that other screen-taking applications, like TechSmith SnagIt, do work. I'll test that. --Paul

Nonsense. If somebody can see the document on screen, then he can also write it down, take a photo etc.

Interesting stuff .. it's hard to tell whether this stuff is meant to enslave or enable and liberate. 'Guess I need to read more. Can't take a screenshot now, huh?

Locks only keep honest people from making mistakes. I can see this as a useful tool to prevent the inadvertent release of information. However if someone wants to circumvent this they will find a way.