Rights Management Service (RMS) is an information protection solution for organizations that want to protect their data in today’s challenging working environment.
These challenges include the need to be Internet-connected, with users bringing personal devices to work, accessing company data on the road and home, and sharing sensitive information with important business partners. As part of their daily work, users share information by using email, file-sharing sites, and cloud services. In these scenarios, traditional security controls (such as access control lists and NTFS permissions) and firewalls have limited effectiveness if you want to protect your company data while still empowering your users to work efficiently.
RMS can protect your company’s sensitive information in all these scenarios. Information can be protected both within your organization and outside your organization because that protection remains with the data, even when it leaves your organization’s boundaries.
Rights Management Service Offerings
Microsoft Azure Rights Management service (Azure RMS) provides the logging capability that lets you receive a log of every request that the Microsoft Rights Management cloud-hosted service serves on your behalf. This includes requests from users, actions by the Azure Rights Management service administrators in your organization, as well as actions taken by Microsoft operators on your behalf. These logs empower you to accomplish a variety of outcomes, either on your own or by purchasing 3rd party applications to process your Azure Rights Management service logs.
It uses encryption, identity, and authorization policies to help secure your files and email, and it works across multiple devices—phones, tablets, and PCs.
As an example, employees might email a document to a partner company, or save a document to their cloud drive. The persistent protection that Azure RMS provides not only helps to secure your company data, but might also be legally mandated for compliance, legal discovery requirements, or simply good information management practices.
But very importantly, authorized people and services (such as search and indexing) can continue to read and inspect the data that Azure RMS protects, which is not easily accomplished with other information protection solutions that use peer-to-peer encryption. This ability is sometimes referred to as “reasoning over data” and is a crucial element in maintaining control of your organization’s data.
You can use Azure RMS with different cloud subscriptions, which include Office 365, Enterprise Mobility Suite, and Azure RMS Premium
This Service offering is the integration of both the Azure RMS and the AD RMS or both as a deployment option.
Hybrid RMS allows seamless integration with ON-PREM Exchange/SharePoint and File Server and is used as part of our hybrid solution.
In order to allow a hybrid solution, we deploy a RMS connector to channel the RMS traffic to Azure RMS in the cloud.
In some scenarios a company may not want to use the Tenant Key provided by Microsoft. To solve this request, we would we recommend that we Bring Your Own Key (BOYK).