Windows Server 2008 Protects Content

An update to Rights Management Services (RMS) in Windows Server 2008 will simplify the sharing of protected files, e-mail, and other content between organizations. RMS uses encryption both to prevent unauthorized users from accessing content and to enforce access policies on content, even if the content is moved to unsecured file or e-mail systems. RMS helps organizations secure sensitive data, comply with privacy and disclosure regulations, and could prove to be a useful adjunct to Microsoft’s SharePoint Server document-management product. However, RMS still requires a complex infrastructure and secure business processes.

Aid to Compliance, Nondisclosure

RMS, now formally known as Active Directory Rights Management Services (RMS), is a Windows service that encrypts e-mails, files, and other types of business content to prevent access by unauthorized users. Unlike protection mechanisms such as access control lists (ACLs), which typically control who can read and change files stored in a file system, RMS protection travels with content and thus can work even if the content is moved to a computer that is outside of an organization’s control. RMS also enables users to place restrictions on protected content (such as “do not print or forward”) that can be enforced by applications accessing the content. These restrictions can be defeated (by taking screen shots while content is being viewed in a Terminal Services window, for example), but they can help prevent casual or inadvertent disclosure of protected content.