rights management

Rights Management

Information Rights Management Systems, Solutions & Software

What is Rights Management?

Rights management is a term for control systems that allow a rights owner to exert control over information immediately.

It enables publishers of information to control what recipients can do with it in order to prevent intellectual property theft and stop unauthorized sharing/ piracy.

  Free 15 Day Trial

Protect & control information

  • Stop unauthorized access and sharing
  • Control use – stop printing, copying, editing, etc.
  • Lock use to devices, countries, locations
  • Control expiry & revoke files at any time

Rights Management & information protection

Information Rights Management & Document Control

Rights management is a generic term that covers most forms of information control – whether this be document rights management (control of documents), information rights management (IRM), enterprise rights management (ERM) , or digital rights management (DRM).  Effectively, they are all variations of the same thing and are interchangeable terms.  IRM and ERM are the terms most often used when referring to protecting and controlling sensitive information within an Enterprise, whereas document rights management/DRM are used when sharing documents securely or for the licensing and control of paid content.

There are two types of rights management to consider:

  • the rights of the creator/owner of a work
  • the rights of the user of a work

When we use the word ‘work’ we mean, very loosely, anything that has been stored in a digital form.  This could be (almost) anything: an e-book, video games, a picture, a trademark, a document, music, data, an e-learning course, or a film.  All of these works have different rights associated with them, but that is not what we are here to talk about today.  For further research into the entitlements of copyright holders and copyright infringement, we recommend Copyright Law in the United Kingdom by Sterling and Carpenter, published by Legal Books Pty in 1986 with addendum.

  What does rights management do?


Generally, when we talk about rights management we mean that the author/owner of a work has the ability to define, by a license, rights that may (or may not) be granted to the user or recipient of a work in a digital form or format.

In simple terms, rights are usually:

  • personal use
  • ability to pass to others
  • ability to edit, extract or copy
  • right to use for a defined or an undefined period

Rights management is therefore the ability to enforce your chosen rights on a recipient in compliance with the license agreement.

For digital content protection and control, rights management in the form of Digital Rights Management or DRM, Information Rights Management, or Enterprise Rights Management is highly effective at controlling document use and preventing unauthorized users from accessing content.  Some online systems (where access rights and controls can be instantly changed) refer to their rights management technology as Active Rights Management.  This also performs the same function – preventing unauthorized access and controlling the use of content, whether that be digital documents, emails, web pages, music, movies, etc.

In the past, DRM was more closely associated with video (muserk rights management) and music content (bmg rights management), but it now equally applies to documents and emails – though some companies market this as Information Rights Management or Enterprise Rights Management.  So, while all the different terminology may seem confusing, companies selling rights management products or services are providing the same thing – access control, and how content can be used both online and offline.

  What are the laws that govern encryption and digital rights management?

Fair use and other exceptions

There may be statutory rights granted by law that override rights granted by license, such as the right to produce criticism or parody.  These may not be refused by the owner, and they may vary from country to country.

In some cases, rights management may also be understood to be an employer exerting their authority to control rights in information owned or licensed by an Enterprise.  In this case, the meaning is much broader, covering trade secrets, secrets in the course of litigation, and is primarily covered by a contract of employment, which may contain terms and penalties that would not be appropriate in a license agreement.

In all cases, court orders may require the disclosure of any information, whether the subject of rights management or not.  If you receive a direction from a court to disclose information, you should take legal advice.

  Further reading on Rights Management

To learn more about rights management, take a look at History of Rights Management.

Rights Management Software, Systems & Solutions

What is the best Rights Management solution for protecting information?

Microsoft RMS & Azure Rights Management

In 2003, Microsoft released Rights Management Services (RMS) for Windows 2003 server, which let admins encrypt MS document formats, and, through policies embedded in the documents, prevent the content from being decrypted by unauthorized users.  This was later extended to Azure (Azure Rights Management) for protection of documents in the cloud.  Specific document operations like printing, copying, editing, forwarding, etc. could be allowed or disallowed.

However, an attack in 2016 showed that authorized users could remove the protection, thus rendering it useless.  This paper details how to break Microsoft RMS – it covers all RMS implementations, including Azure rights management, AD RMS and Office 365.  All a user needs is view access to remove the RMS protection from a protected document. Shortly after publishing the paper, the researchers provided a .exe file to allow users to easily remove protection themselves. Despite being published seven years ago, it is reportedly still effective, proving that there is no simple fix.

Rights Management & plugins

Since then, various companies have produced DRM for documents that use plugins to the underlying application (i.e. Word, Adobe Acrobat, etc.) to add additional security.  These, however, are not without their problems.  Another plugin could compromise the security (say by recording the decryption key) or stop the rights management plugin from working altogether.  An update to the application may also prevent the plugin from working, or underlying security issues of the application could compromise the overall security of the system.  These issues have all been prevalent in the real world.

Locklizard Rights Management

Other companies such as Locklizard have created standalone applications that can provide additional security and don’t rely on passwords for authentication.  The security of the system is not at the mercy of an application such as Word or Acrobat, and other security controls can be added at the Operating System level.  This allows for the prevention of third-party screen grabbers or printing to file drivers, and more, since the application has direct control.  Preventing plugins from loading also stops an easy route to attack the system.

Rights Management & Browser implementations (Secure Data Rooms)

Rights management software has also been widely implemented in the browser using either HTML5 or (now depreciated) flash technology to control access to and use of documents.  This approach is popular with secure data room systems to securely share confidential information or sensitive data – e.g. controlling the use of board documents, due diligence, and M&A material.

However, since no software is installed on the client computer, there is less control available over what users can do with documents.  For example, users can take screenshots of documents or print to file drivers (if printing is allowed), or totally bypass protection controls by editing or disabling JavaScript – for an example of how easy this is to achieve, see removing Google Docs security.

So a browser- system is not as secure as a device-installed one.  There is also the obvious security issue that users can share login information with others (authentication is via a username and password), so you need to lock users to specific locations if you want to prevent this.  It’s also inconvenient if when users must always be online to the Internet to view protected documents, particularly if they travel for work.

What is best for my business?

When choosing a rights management system for your business, you should therefore think about the following:

  1. what you are trying to achieve
  2. what document controls do you require
  3. how will users access your protected content
  4. how easy is the system is to circumvent
  5. does it provide analytics so you can track use

Locklizard Rights Management features

  • Stop documents being shared & distributed without authorization

    If you use passwords to create secure PDF files then users can easily share both the PDF file and the password with others.

    Locklizard prevents file sharing by using multiple security methods.  We use public key technology with a secure and secret key transfer mechanism so that keys are never exposed to users and interfaces where they can be readily exposed.  Document keys are locked to authorized devices within a keystore, so if the keystore is copied to another device it will fail to work.  If a Locklizard protected PDF is given to an unauthorized recipient they won’t be able to open it since it is encrypted – the user has be both registered with the publisher of the document and authorized to view it.

  • Prevent editing & saving

    Locklizard prevent saving and editing of PDF documents while still allowing users to add annotations and enter form data.

    Users cannot save protected PDFs to unprotected file formats or edit content.

  • Prevent copy & paste and screenshots

    Locklizard rights management software prevents unauthorized copying of content.  We prevent copying and pasting by using our own secure viewer environment to limit the functions available to users.  We prevent plug-ins being loaded so that third party plug-ins cannot compromise the system by enabling copying features or bypassing other controls.

    We also prevent the use of print screen and third party screen grabbers.  While DRM cannot totally prevent screen grabbing from taking place (nothing can stop a photograph of the screen from being taken), it can make the task more laborious and of lower quality.

  • Disable printing or limit print copies

    Stopping users from printing a protected document is one of the most effective ways of preventing copies from being circulated, since printed documents can be readily photocopied or scanned and then duplicated.

    If you want to allow printing then you can:

    1. limit the number of high quality prints allowed
    2. enforce color documents to be printed in black & white or grayscale
    3. log each time a document is printed (see when and where your protected documents were printed)
    4. watermark printed content with user identifiable information (using dynamic watermarks that insert user and system information at print time) to discourage photocopying and subsequent distribution

    Locklizard automatically prevent printing to file drivers so that users cannot print to unprotected PDF files and other digital document formats.

  • Add Dynamic Watermarks

    You can add dynamic watermarks that automatically insert the users name, email, company name, and a date/time stamp at view/print time to discourage photos or photocopies being made since the originator of those documents is clearly identifiable.

    Because Locklizard uses dynamic variables, the publisher only has to protect one PDF document for all users.  With Acrobat PDF security you have to protect each PDF file individually for each user to customize it with their personal information.

    Static watermarks (graphic images) can also be added at the same time as dynamic ones.  Static watermarks may be used to prevent forgery (as they are with banknotes) or to establish ownership or classification.

  • Control expiry

    You can enforce document expiry either on a given date or following document usage rules.

    There are many reasons you may want to expire PDF documents such as:

    • to comply with document retention policies
    • to enforce version control
    • trial usage (e.g. 1 or 2 views before purchase)
    • enforcing complying with disclosure requirements
    • enforcing subscription periods to a service or series of documents

    Locklizard PDF DRM software enables you to expire secured PDF files:

    • After a number of views
    • After a number of days
    • On a fixed date
    • After a number of prints
    • When a subscription period has ended
    • At any time you decide

    You can also manually revoke documents and users at any time.

  • Revoke access

    Being able to revoke access can be vital when confidential documents have been distributed, contracts with third parties are ceased, or where chargebacks have been made against a purchase of a document (e.g. a book, a report or a training course).

    Locklizard enable you to instantly revoke access to documents for all or individual users, or revoke user access to all or individual documents in one go.

  • Restrict Locaton access

    There may be occassions when you do not want confidential documents to leave your office premises.  But with BYOD this has become a significant problem to try and solve.

    Locklizard enables you to lock PDFs to specific locations (e.g. the office) so that documents will only be viewable from this location and no other.  Location locking can be enabled on a global or user basis and at both country and IP levels.

  • Track use

    Tracking if or when a document has been opened or printed can be essential for accountability or audit purposes.  You may need to prove that the recipient has not only received the file but has also read and/or printed it.

    LockLizard enables you to track PDF use by recording all document opens and prints and displaying the number of times each document this occurred.

Why Locklizard for Information Rights Management?

Persistent rights management regardless of where documents are located

Locklizard takes your document protection seriously.  We provide total document control with US Gov strength AES encryption, public key technology, DRM and licensing controls to ensure your documents remain protected no matter where they reside.

See our customer testimonials or read our case studies to see why thousands of organizations use Locklizard rights management to securely share and sell their documents.

   FAQs

Does Adobe PDF support rights management?

In a manner of speaking.  Adobe PDF does have features to restrict unauthorized printing, editing, and copying, they just aren’t very effective.  Adobe controls or permissions can be removed in a few seconds with a PDF password removal app or website, making them next to useless.

Adobe does have a separate rights management server that does not rely on passwords for protecting PDF and other file formats.  Adobe ADEPT or Content Server is used in Ebook DRM applications to protect EPUB and PDF ebooks from online piracy.  However, this can be removed using ebook conversion tools such as Epubor.

What is information rights management?

Information rights management is a term used to apply digital rights to information.  It is mainly used as a term for the protection of Enterprise documents, such as Microsoft Office 2016 or Office 365 files.

What is information rights management in Sharepoint?

This is just Microsoft RMS (Rights Management Services) for Sharepoint files.  You can apply IRM to a list or library and prevent users from viewing, printing, running script and screen readers, and add expiry controls.

Does Microsoft Rights Management differ from Azure or AD rights management?

Microsoft RMS powers both Azure and Active Directory.  The Azure Rights Management service (Azure RMS), and the on-premises equivalent, Active Directory Rights Management Services (AD RMS), both use the same rights management protection (Microsoft RMS).

Can you bypass Microsoft information rights management?

If a user has been given view access then yes.  The paper ‘How to break Microsoft RMS’ explains how to break the security of Microsoft RMS documents and upgrade a user’s read access to full privileges.

What is access rights manager software?

This controls the access rights of users (who can login and view files) and logs access, but does not provide controls over printing, editing, copying, etc.  Using access rights software is an easy way to monitor access rights changes in Active Directory, Windows file servers and Microsoft Exchange servers.  It can identify changes that have been made, when they were made and who made them, and help prevent data leaks by notifying you whenever there is unauthorized access.

How is rights management applied to images?

Rights managed images are those that are licensed for use for a period of time, with pricing or subscription fees based on how the image is used (print, web site, etc.) and where it is used (popular magazine, etc.).  It is impossible to stop the copying and sharing of images because they can be easily copied by using screen capture tools.  To deter this activity, they are often watermarked with hidden or visible information.  A dynamic watermark adds user information on the fly to make the user’s identity clearly visible to discourage sharing.  Visible watermarks are used to establish ownership, whereas invisible or hidden watermarks are used to track sharing.

What is DRM for PDF?

DRM stands for digital rights management, one of the forms of rights management mentioned above.  DRM gives you granular control over digital media such as ebooks and sensitive documents, and multimedia such as video and audio files, providing copy protection and preventing unauthorized use.  When implemented in PDF files, DRM prevents the user from copying, printing, editing, etc.

How do I protect a PDF with DRM?

You can protect a PDF with DRM using a tool like Safeguard PDF security.  It’s  as simple as opening the PDF in the software, selecting the controls you’d like, and then pressing the publish button to output an encrypted document.

Though other PDF DRM solutions are available, they are generally very ineffective since they rely on passwords, JavaScript, or plugins which can all be easily removed or bypassed.

Locklizard protected files can be easily integrated into your CMS or content management system while providing strong copy protection of sensitive information.

Customer Testimonials