In Safeguard Enterprise Secure PDF Writer, select the document protection options:
In the Safeguard Enterprise Admin System:
Now you might feel that you are being asked to exceed the powers of Isaac Newton in deciding what the difference is between active rights management and enterprise rights management (ERM). If we look to industry definitions we find:
‘Enterprise Rights Management solutions persistently control access to and usage of information, ensuring your organization’s intellectual property is used appropriately by employees, customers, and partners throughout its lifecycle.’
Some might consider the claims made to be rather extravagant, if only because we have yet to discover any information technology that is able to control human behaviour absolutely. As a matter of absolute fact, human behaviour is beyond the control of IT systems. And if you want proof of this assertion just consider that not a single IT system has stopped anyone from committing a murder or phishing an identity.
The nearest working definition that seems reasonable is that it is rights management that is applied inside of the enterprise, rather than being used outside the enterprise.
Of course, some of the controls will appear very similar to those you would use in digital rights management – stopping printing, stopping editing or saving. But other controls, preventing copying or forwarding, are much more closely related to traditional control mechanisms such as the access control mechanisms that have been around on mainframes and PCs for many years.
Perhaps this is the thing that most readily differentiates enterprise rights management from digital rights management, in that digital rights management controls, whilst in other respects being identical to enterprise rights management controls, have been built to operate outside the control of an IT administrator rather than as part of internal access management controls.
Enterprise rights management therefore builds on the traditional access controls of read, write, append, delete and execute by preventing copying by forbidding write to the destination and preventing sending as an email attachment. These controls are Discretionary Access Controls (they are granted at the discretion of the Administrator, not enabled through an algorithm that relates the ‘seniority’ of the user to what rules they are subject to (known as Mandatory Access Controls).
Most data security compromises happen within the enterprise. Employees may take data with them on USB sticks, on a laptop, or upload it to the cloud. Data may also be exposed on systems unintentionally due to poor security measures, or maliciously by ex employees or those with a grudge. They say data is an organizations most precious asset and with good reason because exposure of certain confidential documents may affect both a company’s share value and their bottom line. So protecting confidential documents should be a top priority, and that protection should remain with the document no matter where it is stored. Enterprise Rights Management aims to do exactly this – making sure either information does not leave the enterprise, or if it does, that it can only be used by certain individuals with tight controls governing use.
A good Enterprise Rights Management system will enable organizations to control what users have access to documents, how they can be used, how long they can be used, and the locations where they can be accessed from. It should enable administrators to instantly revoke documents and users, have documents that automatically expire (so retention periods can be enforced) and not rely on insecure and unmanageable technology such as password protection. Why you should not password protect documents.