Can Information Rights Management (IRM) Technology Change Our Digital Life Forever?
IRM stands for Information Rights Management and was invented to prevent unauthorized sharing.
27 May 2014
We in the digital age increasingly rely on the Internet to conduct our daily activities and have become used to giving away our personal information in exchange for free services. It’s time for an attitude shift; we must gain control over our data before the price we pay grossly exceeds the value we’re getting.
It used to be just a name and an e-mail address. Today we send our tax records, medical and health information over free e-mail services and forget that we have given them the right to index that data and use it for commercial gain.
We share the same type of personal, sensitive information with numerous file sharing services without giving another thought of what happens to our data - surprise surprise, sometimes that data can become exposed without your knowledge.
Luckily, there is an old technological solution to the problem. It’s called IRM.
IRM stands for Information Rights Management and was invented to prevent unauthorized sharing. For example, the technology can makes sure that people pay for digital content (movies, music etc.) and not just copy them from their friends. IRM was as popular as the flu when there was a small set of content creators and large populations of consumers. The shift, as it often happens with technology, happened stealthily – one day people woke up and realized that they have all their information digitized and distributed all over the world.
Everyone is a content creator now, and we have valuable digital assets to protect.
IRM in its pure form is rather clunky and requires users to jump through many hoops. They often have to install plug-ins. Sometimes there are certificates to install, among other tasks that require IT professional involvement. The good news is that it does not need to be that technical. It is absolutely possible to code away the complexities of the technology and leave the end user with familiar tasks. Just point and click to make your files confidential and the technology behind the scenes will make sure only encrypted copies will be delivered to recipients. Then the files can be copied over and distributed across devices, but the content will stay protected since it’s encrypted and the key resides at a central location which is under control of the data owner. Any time a user wants to open the file, the user will be directed to the central repository where the user’s credentials will be checked before allowing the key exchange to open up the content for viewing. Once a project is over, taxes are filed or that mortgage is processed, the consumer removes permissions to their files and the service destroys the encryption key – effectively shredding the documents.
It’s fairly simple, but the implications of not using IRM are huge. This day and age, absolutely no one should put their information out in the open without the means of controlling it. IRM has every characteristic to become that ubiquitous technology that enables consumers to have real privacy.
The first step is awareness. The second is action.
Mushegh Hakhinian represents Intralinks at the Cloud Security Alliance SME Council, is a certified information systems security professional, and is a frequent contributor to industry publications. Prior to joining Intralinks, Mr. Hakhinian lead security functions at a multi-tenant online banking service provider and an international bank.