Active Directory Rights Management Services
Windows Rights Management Services (also called Rights Management Services, Active Directory Rights Management Services or RMS) is a form of Information Rights Management used on Microsoft Windows that uses encryption and a form of selective functionality denial for limiting access to documents such as corporate e-mail, Word documents, and web pages, and the operations authorized users can perform on them. Companies can use this technology to encrypt information stored in such document formats, and through policies embedded in the documents, prevent the protected content from being decrypted except by specified people or groups, in certain environments, under certain conditions, and for certain periods of time. Specific operations like printing, copying, editing, forwarding, and deleting can be allowed or disallowed by content authors for individual pieces of content, and RMS administrators can deploy RMS templates that group these rights together into predefined rights that can be applied en masse.
The Rights Management Server debuted in Windows Server 2003, with client API libraries made available for Windows XP and Windows 2000 as well. Windows Vista, Windows 7 and Windows Server 2008 also support Rights Management Services. In Windows Server 2008, Windows Rights Management Services has been renamed to Active Directory Rights Management Services, reflecting a higher level of integration with Active Directory. The Rights Management Client is included in Windows Vista and later versions and downloadable for Windows XP, Windows 2000 or Windows Server 2003. In addition there is an implementation of ADRMS in Office for Mac to use rights protection in Apple OS X and some third party products are available to use rights protection on Android, Blackberry, iPhone, iPad and Windows RT,.
While RMS protection prevents unauthorized users from viewing content, some publishers choose instead to deploy document metrics, which report unauthorized use. It can sometimes be more valuable to know when and where a stolen document is being used, who "leaked" it, and who's got it now, instead of simply attempting prevent the theft in the first place. Knowing that a recipient misbehaved with a document can be valuable business knowledge, while not knowing that they tried to (and perhaps failed due to RMS) is in some cases less useful.
Some may even choose to employ an all encompassing third party solution that works with the RMS protection solution and applies permanent protection to downloaded data. With RMS working in conjunction with the solution Halocore, only authorized users can view the protected information, control what others can do with it, like print, edit, or save it, and with the audit capabilities of the third party solution, there is immediate visibility of how the data is shared. It can track who is accessing the data, downloading, emailing, etc., preventing unauthorized use while also identifying the theft and intentions.
RMS is supported (implemented) by the following Microsoft products:
- Microsoft Office System 2003 - Word, Excel, PowerPoint, Outlook
- Microsoft Office 2007 - Word, Excel, PowerPoint, Outlook, InfoPath
- Microsoft Office 2010 - Word, Excel, PowerPoint, Outlook, InfoPath
- Microsoft Office 2013 - Word, Excel, PowerPoint, Outlook, InfoPath
- Microsoft Office for Mac 2011 - Word, Excel, PowerPoint, Outlook
- Microsoft Office SharePoint Server 2003 (through the use of third party solutions such as those from Secure Islands, GigaTrust and Liquid Machines (acquired by Check Point))
- Microsoft Visio 2007 and Project 2007 (through the use of third party solutions such as those from Secure Islands, GigaTrust and Liquid Machines)
- Adobe Acrobat Reader (through the use of third party solutions such as those from Secure Islands, GigaTrust, FoxIt Software and Liquid Machines)
- Microsoft Office SharePoint Server 2007
- Microsoft Office SharePoint Server 2010, Secure Islands for SharePoint enhances RMS capabilities,
- Exchange Server 2007
- Exchange Server 2010
- XPS (XML Paper Specification) v1.0
- Internet Explorer (through use of the RM Add-on for IE)
- IIS 6.0 (through the use of GigaTrust WebServer Add-on)
- Microsoft Windows Rights Management Services Client with Service Pack 2 - x86
- "Halocore for SAP Netweaver".
- Windows Rights Management Services
- RMS Client downloads
- RMS SDK for RMS-enabling applications
- Troubleshooting Windows Rights Management Services (RMS) - One Root Certification Server Warning
- Active Directory Rights Management - In Summary
- Active Directory Rights Management Services SDK 2.0