Azure Rights Management, also known as Azure RMS, is the technology that powers Azure Information Protection. Before we go into the specifics of Azure RMS, it will be helpful to learn a bit about Azure Information Protection.
Azure Information Protection
A cloud-based solution, Azure Information Protection (AIP) allows administrators of organizations the ability to protect documents and emails, all while allowing them to classify/label them as well through the use of rules and conditions which are recommended by users.
The example above shows AIP in the flesh. Credit card numbers are detected, so AIP immediately labels the document as Confidential.
Through the use of metadata, the classification is identifiable across documents regardless of how it's stored or shared, and includes markings to the header, footer, or watermark. For example, even across an email, the Internal classification is visible.
Now you have the basics of Azure Information Protection, so how does Azure RMS come into play? This technology powers AIP utilizing encryption, identity, and authorization policies to secure files across phones, tablets, PCS, or whatever device the content is accessed. Regardless of who accesses the content or how it is accessed, the protection doesn't go away. The benefits, then, mean that even if you're sharing the content to an outside contractor, Azure RMS is working silently and protecting the data.
The image above illustrates exactly how Azure RMS works across the board, which also speaks to its strengths in other cloud deployments and storage services, such as Dropbox and Box. That means if someone happens to access an Azure RMS-protected document externally, rules can be set to restrict access of certain elements (printing, for example), replying to all, or whatever is necessary by your organization. Using rights management templates, an Azure RMS administrator can restrict data access and prevent leaks.
Using the Azure Information Protection client, an Information Protection bar shows up for applications which gives users the ability to classify and label their data. By right clicking on a file, selection of files, or folder, a user can Classify and protect documents to set permissions.
Better yet, using PowerShell commands can make this substantially more efficient. Many PowerShell commands are included with the client but a separate PowerShell module also supports more custom configuration.
If you're looking for a kickass solution to ensure security in the enterprise, Azure RMS and Azure Information Protection are great products to look into.
For more information, visit the Azure Information Protection page.
Photo Credit: Shutterstock, Microsoft