Trent Henry, an analyst from the Burton Group, has recently blogged about the future of what it refers to as Enterprise Digital Rights Management (E-DRM), more commonly these days refered to as IRM. Trent blogs his views on the future of IRM after he was approached by numerous people at a recent Burton conference in Prague. They were all asking, "Where is E-DRM going?" He confirms how the space has changed significantly in the past 18 months, the two leaders in the space have now been acquired into larger companies. Authentica into EMC and SealedMedia into Oracle.
Trent makes the observation that one area being focussed on is the fact that IRM brings with it yet another set of users, groups and policies that are to be managed by the enterprise. One way to mitigate this is by integrating the IRM system with the enterprise content management (ECM) system so that the security can be managed in ECM and applied automatically, via the integration, to the document security solution.
 "It’s clear that vendors are solving one typical objection to E-DRM: the management of yet another silo of policies." Trent Henry, VP and Research Director Burton Group | This is one approach that Documentum, a content management company, have focused on. The Authentica IRM technology is now embedded into the Documentum content management system, allowing the access to content be managed and controlled from the content management system itself. Oracle have also released a similar integration where Oracle IRM can be integrated with the Oracle Content Server to allow for the automated protection of content as it is checked into the content management system. Oracle however believe this is only part of the total IRM solution. IRM is a core technology that applies not only to content within the repository, but also to the protection of data exported from financial, engineering and other applications such as Agile, Hyperion and Siebel. We also recognize that only a small percentage of the content actually resides in the repository, if your IRM solution only works on the document repository, what do you do about all the other content? |
This is why Oracle IRM is not only working to be integrated with the content repositories and applications, but also to integrate with identity management technologies and collaboration systems like Oracle's Beehive. To enable these integrations the Oracle IRM server in its next release, 11g, is porting the entire server into the Oracle Fusion Middleware environment. This allows for other development groups within Oracle to put IRM functionality into their own systems. It also allows customers to integrate IRM with their home grown custom applications. One customer I spoke to recently had a requirement to leverage a large application they had already built to manage the rights concerning employees that fall under foreign national compliance regulations. With the new Oracle IRM server they can simply integrate with this customised application which already contains all the users, groups, rights, roles and policies.
Trent goes onto speculate where this is all is going:
- We have cautious optimism that E-DRM will continue to receive uptake, even though today’s deployments tend to be relatively small and tactical.
- We expect vendors to enhance protection, making use of trusted platform modules for integrity validation and hardware cryptomodules for improved cryptography handling.
- We expect additional integration between rights management and content management solutions.
- Ultimately, we think there will be interesting synergies between virtualization and E-DRM, where mobile workloads (on virtual machines) and the sensitive content they contain can be managed, tethered, and persistently secured via rights-management no matter where a machine image lands.
