Saturday Jun 11, 2011

Clouds Leak - IRM protects

leaky cloudIn a recent report, security professionals reported two leading fears relating to cloud services:

"Exposure of confidential or sensitive information to unauthorised systems or personnel"

"Confidential or sensitive data loss or leakage"


These fears are compounded by the fact that business users frequently sign themselves up to cloud services independently of whatever arrangements are made by corporate IT. Users are making personal choices to use the cloud as a convenient place to store and share files - and they are doing this for business information as well as personal files. In my own role, I was recently invited by a partner to review a sensitive business document using Googledocs. I just checked, and the file is still there weeks after the end of that particular project - because users don't often tidy up after themselves.

So, the cloud gives us new, seductively simple ways to scatter information around, and our choices are governed by convenience rather than compliance. And not all cloud services are equal when it comes to protecting data. Only a few weeks ago, it was reported that one popular service had amended its privacy assurance from "Nobody can see your private files..." to "Other [service] users cannot...", and that administrators were "prohibited" from accessing files - rather than "prevented". This story demonstrates that security pros are right to worry about exposure to unauthorised systems and personnel.

passwordAdded to this, the recent Sony incident highlights how lazy we are when picking passwords, and that services do not always protect passwords anything like as well as they should. Reportedly millions of passwords were stored as plain text, and analysis shows that users favoured very simple passwords, and used the same password for multiple services. No great surprise, but worrying to a security professional who knows that users are just as inconsiderate when using the cloud for collaboration.

No wonder then that security professionals put the loss or exposure of sensitive information firmly at the top of their list of concerns. They are faced with a triple-whammy - distribution without control, administration with inadequate safeguards, and authentication with weak password policy. A compliance nightmare.

So why not block users from using such services? Well, you can try, but from the users' perspective convenience out-trumps compliance and where there's a will there's a way. Blocking technologies find it really difficult to cover all the options, and users can be very inventive at bypassing blocks. In any case, users are making these choices because it makes them more productive, so the real goal, arguably, is to find a safe way to let people make these choices rather than maintain the pretence that you can stop them.

seal to protect cloud docsThe relevance of IRM is clear. Users might adopt such services, but sealed files remain encrypted no matter where they are stored and no matter what mechanism is used to upload and download them. Cloud administrators have no more access to them than if they found them on a lost USB device. Further, a hacker might steal or crack your cloud passwords, but that has no bearing on your IRM service password, which is firmly under the control of corporate policy. And if policy changes such that the users no longer have rights to the files they uploaded, those files become inaccessible to them regardless of location.  You can tidy up even if users do not.

Finally, the IRM audit trail can give insights into the locations where files are being stored.

So, IRM provides an effective safety net for your sensitive corporate information - an enabler that mitigates risks that are otherwise really hard to deal with.

Friday Dec 17, 2010

Wikileaks Cablegate, could Oracle IRM have helped?

Wikileaks Logo
I've been asked many times over the past month about how IRM could help with the saga playing out in the news regarding Julian Assange and Wikileaks. There must be a lot going in within certain US government agencies right now as the backlash of the constant release of information not only causes pain for US security departments, but also across the globe as the cables detail all sorts of sensitive and embarrassing information.

I won't go into the question of why this was possible in the first place, why so much information could be extracted en mass, but I will comment on how IRM could play a part in a solution to prevent something like this in the future.

Once it's out, it's out...

One thing the release of this information is demonstrating, is as soon as you've lost control of information, it's gone. Once those cables existed as clear text on a website, they were quickly copied, distributed via Torrent networks and mirrored at a rate that it is now impossible to destroy all evidence of these files. This is a problem with a lot of security technologies today, they focus either on the location, the network or a gateway to define access to information. If that information leaves these protected areas, then it can travel very quickly and multiply at an amazing rate.


This is the real value of IRM over hard disk encryption, DLP, PGP etc. Most security technologies that use encryption only do so whilst the information is at rest or in transit. Then typically an access control mechanism defines who has the ability to access and decrypt that information. PGP for files is the best example. Say you secure a document with PGP. It wraps the file up with encryption, you can then safely store this file anywhere, on a USB key, on a hard disk or website. You may then want to share the encrypted file with a trusted person via email, you then have to give them the ability to decrypt it. It is at this point where the real threat begins. PGP decrypts the file back to the user and they can then store the unprotected file where they like. Sure DLP can detect this and try and block it, but this becomes impractical when the user NEEDS to decrypt and open the file, or when you are sharing the information with a supplier who can't install your DLP agents.


IRM provides persistent protection, it's never in the clear

IRM makes sure the information is ALWAYS protected, even when in use. I'm not familiar with the system that contained the information Wikileaks is exposing, but most likely this was some custom application storing the data in a secure database. The application probably has some secure access control mechanism in place to ensure only authorized users can login to the application and see classified information at their security level. But the application ultimately delivers the information in a format that is easily copied. In fact the masses of information Wikileaks has acquired implies the application which stored it had easy ways to access data en mass. An RSS feed? It would be trivial, for an authorized user, to export masses of information from an RSS feed into another format and ship this over to Julian and his crew.



What specifically does IRM do to keep control over information?

IRM on the other hand would never have allowed the information to be exported into an insecure location. IRM provides the following such features to defend against this type of risk.

  • Most importantly every IRM secured document or email requires authentication every time you open it. Even if you do copy thousands of IRM secured documents to your local computer, you need to authenticate every time you open them.
  • If you have the ability to open an IRM document, you cannot use the clipboard to cut and paste the information into another unsecure environment. IRM ensures that information STAYS inside the secured document. Even if you try to use a programmatic approach and access the information via the application document object model, IRM protects and defeats that as well.
  • You can't easily take screen shots of the information either, IRM protects against that. Sure there are ways to get around this (take a photograph of your computer screen), but Wikileaks is stating to have 251,287 documents. I wonder how long it would take to photograph every one?
  • You can place dynamic watermarks in IRM secured content. So even if you DID take 250,000 photographs, your login id, computer name, time/date is going to appear in them all. Good luck sitting down in Photoshop editing out the watermarks for 250,000 digital photos.
  • Every time you open an IRM protected document it generates an audit. So if someone with the authority to open lots of secured content starts opening thousands of files, the activity is going to be very visible. Want to know who spent all their spare time taking pictures of his monitor, editing all the images in photoshop and passing them to an illegitimate source? Just run one audit report.
  • IRM rights to secured content can be removed at any time. So if your audit report starts to show mass opening of content, you can detect this and revoke that persons access very quickly.



Could Oracle IRM have been used?

Absolutely. IRM supports HTML, TXT, CSV, DOC, and other popular formats. The application could have delivered the classified information via an RSS feed. Users would be authenticated when they access each piece of information and they can also take copies to store where they like. Centrally the department would have complete visibility of who is accessing what. Different classifications of information (secret, confidential) can be enforced even when someone takes a file and forwards it via email onto someone else. Most importantly of all, if someone were to copy 250,000 IRM protected documents, zip them up and stick them on a BitTorrent network... the information is still safe.


The Oracle IRM server also has a very extensive set of APIs with a plug in architecture that can support any classification model you want. This means the integration of the technology with a secured application is possible and sustainable.

I'm sure we are going to see an increase in the use of IRM technologies over the coming months as the questions over how Cablegate was possible trickle through the information security departments of governments and other organizations. If you'd like to know more about how this technology can help your organization, please contact us and we can go into detail.

Thursday Oct 28, 2010

How to Get the Most Bang for Your Information Security Buck


I was recently asked to write an article for one of the Oracle publications, Profit Online, commenting on the recent PricewaterhouseCoopers global survey on security. The article discusses the state of securty budgets, their effect on the information security or business and the awareness of and increasing threat from security incidents. You can read the full article over at

Monday Sep 27, 2010

Security in the Enterprise 2.0 World: Conflicts of collaboration

I was recently asked to be a guest author on to comment on the challenges of security in the Enterprise 2.0 (E2.0) world. Having worked in both E2.0 and security, I have a good perspective.

As E2.0 brings web 2.0 into the enterprise it runs directly into the issues of security, compliance and regulation. It's a big challenge and a big contradiction. The business wants to use all these amazing new ways to share content, but the same business also needs to ensure that only the right people can get access to it.
And What About the Cloud?

Then there is the cloud. Cloud, cloud, cloud, it's on every webcast, in every article. The cloud has many advantages. Why wouldn't you want to outsource all your costs of network management, storage, system administration? The cloud makes perfect sense but has one massive concern... security. Wouldn't it be nice if someone else could host your content, provide the search functionality, upgrade the systems, manage backups and the network access and yet you could have persistent control over the actual information itself?

Read the full article over on

Thursday Jul 22, 2010

More intellectual property theft, GM lose $40M of hybrid vehicles trade secrets to China industry

General Motors logo
A few years ago Intel had an employee walk out the door with their intellectual property and take it to AMD, Intel estimated the value of the information was close to $1 billion! Then there was the case of the IBM executive emailing trade secrets to HP, more recently Ford was hit by a worker taking 4000 confidential trade secret documents and using them to secure a new job with at least one Chinese car company.

Today news has been released that General Motors is the latest US company demonstrating a lack of control over trade secret information. Two ex-employee's have been charged with conspiring to steal trade secrets related to hybrid vehicles from General Motors to pass on to China's Chery Automobile Company. A court in Detroit has charged Sanshan Du and Yu Chin with conspiracy to possess trade secrets and unauthorized possession of trade secrets which can carry a penalty of up to 10 years imprisonment and a $250,000 fine.

Du is accused of copying thousands of GM documents to an external hard drive five days after the automaker offered her a severance agreement in January 2005. General Motors have estimated the value of the stolen information to be about $40 million.

It is quite shocking that these high profile incidents continue to happen when the technology is available which would render the possession of these documents useless, even when someone has copied them to a DVD and sent them to China. Oracle IRM would've ensured that as soon as these employee's had left the company, access to the documents is no longer possible. More importantly, sending these documents to illegitimate parties is a waste of time, only authorized users have the ability to gain access to the information. As a CIO once said to me, "There is no point spending all the security budget on protecting access to the applications, VPN and file shares with identity management technologies when the greater risk is the employee leaving the company who spent the last 2 weeks copying every sensitive document they could to a DVD".

Thursday Jul 15, 2010

Former MI6 man Daniel Houghton discloses thousands of top secret documents


Shocking news just reached me that 25 year old Daniel Houghton working for MI6, the British Government Secret Service, has said he was "directed by voices" after admitting charges of unlawfully disclosing top secret material. The judge said his chances of jail time are "inevitable"!

Daniel seems to have been driven by greed in an attempt to sell documents he had been collecting (later found on a USB key and a hard disk at his home) to the Dutch intelligence services for £2M GBP ($3M USD). The Dutch then tipped off MI5, the Military Intelligence boys who in turn had a word in the ear of MI6...

He was then bugged and filmed him as he displayed the files and offered to provide them with lists of MI5 agents he had worked with. The price was negotiated down to £900,000 and immediately after Houghton handed over the files on 1 March he was arrested while carrying a suitcase containing the cash. This is the stuff of the movies!

Police were stunned to discover the top-secret information he had casually taken, including 'techniques for intelligence collection' and personal information about spies, stashed under the double-bed in his small bedroom. There were over 7,000 files they collected from his home flat, and who knows what other data they may not have recovered. How on earth was someone with Daniel Houghton's character get employed with one of the worlds most powerful secret services? Gordon Corera, security correspondent for the BBC says, "But even though he was easily caught, the fact that he was recruited into MI6 and then was able to smuggle so much information out of the building will raise questions about how tight security and vetting procedures really are at the Secret Intelligence Service."

Of course this story could have been very different if those documents had been protected with an information rights management solution like Oracle's. Oracle IRM is a perfect technology to allowing national security agencies to protect their most valuable data and last year an agency in Mexico, who are in the middle of a serious national security problem with the drugs wars, purchase Oracle IRM for this exact reason.

Tuesday Jul 13, 2010

Information Rights Management interest increasing globally

It has been an amazingly busy year so far and I only get to write about 25% of the posts I would really like to put on this blog. Oracle has made more acquisitions in the security space, Sun adding a massive amount of new security technology and the recent database firewall technology from Secerno. I work in Oracle's security sales group which means a constant challenge of working with a very large number of technologies and working on solutions for a large customer base. Great fun, but it feels like there are never enough hours in a week to learn, communicate, regurgitate, create...

Because Oracle now has one of the strongest suites of security technologies in the market, i've also been busy presenting Oracle IRM to our North American customers, partners as well as internally. Often this communication is global and most recently to our Asia Pacific regions. All over different regions, industries and pillars of the business we are seeing a very healthy increase in sales and deployments of the IRM technology and one person who is constantly on the move is Andy Peet, IRM product manager.

So while I have been reviewing an inbox that is easily taking more than 48 hours to clean up, I found a photo of Andy from one leg of his global IRM tour when he was in Japan. Taken in the very pretty Oracle offices in Tokyo, Andy does a great job of portraying a typical corporate executive, white shirt and slacks :)


So... lots more to come on the blog, some articles in the pipeline are;

  • Sizing up and IRM deployment, what is needed from a hardware and network perspective.
  • A partners perspective of deploying Oracle IRM
  • The future of Information Rights Management


If you have any specific questions on IRM or would like to suggest some topics to be discussed, feel free to contact me...

Monday Jul 12, 2010

LaFarge secures sensitive M&A documents in ICSA Blueprint Data Room with Oracle IRM


A very common use case for information rights management technologies is the requirement to protect very sensitive mergers and acquisition processes, Oracle themselves have been using IRM to do this since they acquired the technology. Such information is often shared beyond the classic corporate security infrastructure and there are quite a few companies who package the entire process of sharing and protecting this information into an online service in the "cloud".

These solutions have the challenge of providing an easy to use and simple but yet very secure system. One big problem is how do you ensure that once the documents have been downloaded from the cloud based service, you can still maintain total control over who can open, print, edit the information? Acquisition discussions often break down, which can result in a lot of sensitive information like financial plans, due diligence results and business strategy documents left at a potential acquisition company. This information is now exposed and the company may well be purchased by a competitor. That presents a serious risk to your business and often limits your ability to share information in the first place, hindering your ability to execute efficient M&A projects. "Blueprint Data Room shows excellent security qualities allowing us to fearlessly make our corporate records available."
Jérôme Vitulo (Assistant General Counsel)

This is where IRM technologies can help. Documents and emails secured with IRM are under your constant control allowing you to share information with the knowledge you can revoke access at any time. This can be especially important in the current trend to storing data in the cloud. Cloud data storage and collaboration services are very popular mainly due to cost, but also due to ease of use. Cloud based services are often built on very modern platforms with modern approaches to sharing and collaborating information. They also wrap up many complex processes in easy to use and govern, web based applications. Yet all the glamor of the cloud brings the fears of security. Are you really going to store your most important company information inside a website which is designed to make sharing that information simple and easy to do?

ICSA is a company offering one of those cloud based solutions and has teamed up with Oracle to reinforce its security when protecting their customers most valuable documents. One of ICSA's customers, building materials manufacturer LaFarge (currently the worlds largest producer of cement), have released a case study on how they rely on Oracle IRM to secure their information when used with the ICSA Blueprint Data Room service.


Why Choose Blueprint Data Room?

  • Facilitate communication - Blueprint Data Room allows you to securely store due diligence documents in a central location, easing the exchange of critical and sensitive business information with authorised third parties
  • Global access - Advisers are able to access due diligence documents anywhere, anytime via a standard web browser, a username and password, increasing world-wide business opportunities
  • Configurable - Companies can filter which documents they wish to publish using options such as relevant company or group of companies, category of documents, specific documents and/or date range
  • Highly secure - ICSA Software has teamed up with Oracle to reinforce its security. Its software, Oracle IRM, allows users to benefit from one of the strongest warranties against document fraud and misuse, giving a world-class security application. Oracle IRM extends security to documents that have left Blueprint Data Room by restricting actions on these documents such as printing, opening if not authorised and screenshots
  • User-friendly - Blueprint Data Room is a user-friendly tool allowing everyone to use the application without the necessity of training
  • Fully integrated with other Blueprint applications - No need to duplicate or export documents


Blueprint Data Room is transforming the way companies exchange critical information and is accelerating and significantly simplifying the M&A process. Oracle IRM is a key component to delivering this solution.

Thursday Jul 08, 2010

Oracle IRM deployment planning

With lots of partners now starting to work with the Oracle IRM 11g release with customers, i'm often asked about the tasks involved in an initial IRM deployment. What do customers need to be prepared for? What timescales are involved for getting the service up and running?



Oracle IRM has out of the box a classification system which represents best practice learned from our customers using the technology over 10 years. This classification system is called the "context rights model" and allows an organization to quickly build an IRM service, configure it for the first few use cases and most importantly, easily scale the service to millions of documents and thousands of users.


As a technology, Oracle IRM has many pieces of functionality, is very flexible/scalable and numerous integration possibilities. There have been some very complex deployments and integrations of Oracle IRM but they have all started with a simple design.

No matter if you are a small company wishing to protect the small number of board level documents for 20 people or a large enterprise rolling out IRM for 150,000 users, the following project outline is typical at the start of most IRM engagements. You should always keep the following in mind.

  • Start with a use case that represents real business use, but at the same time is not critical to the ongoing operation of the business. For example, if you are using Oracle IRM to secure your research documents, then the first use case might be to protect just a few research documents from a project last year. This way you get to learn how to use IRM without impacting current research.
  • Keep It Simple. For the first foray into IRM document security, keep the use case simple. Oracle IRM is very flexible and allows you to change rights and roles after you've secured content. So keep it simple and then add in complexity when you've learned how your business is going to use it.



Typical project outline

There are four typical stages of rolling out an IRM service. Note the time scales below are very general and usually reflect the deployment of a service for 1-2 well understood use cases.

Preparation (1-2 weeks)

Before you install any software or secure a single document, you need to be well prepared. Oracle IRM is a classic client & server type architecture, therefore you need to ensure the following is ready before the service can be configured for use.
  • Hardware: Acquire adequate hardware for hosting the IRM service.
  • Rack and power: If you have a data center to run the service from, ensure that you have rack space and power and that the server is in the rack ready to go.
  • Operating system and database licenses/installation: IRM requires an operating system to run on and a database to talk to. These may already be in place, but you need to ensure you've got licenses for use. Another important issue is to ensure you know the database administrator and have them ready to make changes. I've been on site with a customer paying good money for a few days consulting and we are just sat around whilst someone tries to find the DBA so we can create the IRM schema accounts.
  • Network addresses and host names: Very important to an IRM service is the host name used for the clients to communicate back to the IRM server. Most IRM servers are also publicly accessible from the internet, therefore make sure you have a publicly routeable static IP.
  • Be ready to make firewall changes: In the same light that you need to identify the database adminsitrator, then you will also need to ensure you can make changes to the firewalls around the IRM service to allow traffic into and out of the system.


Any one of the above tasks can sometimes take a long time. Getting hardware sometimes comes with lots of process and lead time, so be sure you are well prepared. Nothing is worse than paying for a consultant to be onsite and then have them sat down drinking coffee and surfing Facebook whilst they wait for you to find someone to create database accounts and make firewall changes.


Training and consulting (2-4 weeks)

This is the most important phase of IRM deployment and it is highly recommended you have an IRM expert consultant on site to take you through this part of the deployment.


The best way to start any IRM deployment is with a Oracle IRM foundation workshop. This a day of hands on training intended for the whole project team and involves using IRM on virtual machines that have been setup to represent a best practice organization that have been using IRM successfully for 12+ months.

This workshop then leads you into the business consulting where over a week or two you talk to the business users who drove the IRM purchase and clarify their requirements and constraints. This activity should start by identifying a large scope of how IRM can be used within the business but then focus on a small set (1-3) of use cases that you decide to initially pilot with. This consulting should also identify the roles and responsibilities of users in both the business and the IT organization. For example, who owns the classification? Who managers the server? Who supports the business in using IRM?

This business consulting will then help you understand how to configure the IRM server to meet the needs of your use cases. A good document on Oracle IRM classification design can be found here.

Another key aspect to this initial consulting is devising the communication & awareness strategy for all involved. When deploying an IRM technology to secure documents you must think through how to communicate the impact of this to the end users and business owners.

This stage may, for very large and complex security deployments be several months and this depends on how complex the use cases are, how well organized your business is and how many other technologies are involved. I have also seen this stage take under a week. There are some Oracle IRM customers who have gone from a blank server to a running system protecting documents in under a week!

The second type of consulting during this phase is the technical assistance to install, configure and customize the IRM service. For a well planned out deployment, the installation phase should take only a day. Configuration such as SSL, integrating with LDAP, using HotFolders can then take a few more days. This technical consulting time should also include training of the operational and support staff who will be managing the IRM service. For help on what is involved in installing an IRM service, please refer to the quick guide.


Test & Pilot (2-4 weeks)

Prudent organizations will go through a test and pilot phase before introducing the service to your larger community of real business users. This phase usually requires little to no assistance from an Oracle IRM partner, you should by this stage have a fully working IRM service, have identified a few use cases and started to protect some documents.


This phase is a good chance to go through some basic functional testing and cover areas such as;

  • Use the IRM service with a small number of users who are amenable to the initiative and understand the use cases you are trying to solve.
  • If external users are going to access sealed content, involve a few in the pilot to ensure accessing sealed content externally works as expected.
  • Rehearse end user training. Send out the introduction emails and see how your pilot users respond and how well they understand them.
  • Give the operations and support staff some time to get accustomed to the service. Test and support processes and try failing over the IRM server to make sure monitoring and alerting works as expected.



Go Live & Ongoing Operation (~)

At this stage you should now be well versed in IRM and be ready to launch the service for more use cases, more users and across the business. The Go Live point is typically where the service is prompted from a testing/pilot phase to production. If your preparation, design and pilot phases have been done well, Go Live should be uneventful.


Ongoing operation is then the continued live use of Oracle IRM within your business. You may find that other areas of the company start presenting use cases and asking for their own classifications. It is good practice to re-engage with an Oracle IRM partner a few months after you go live to go over any new requests and get a little more help on continuing the use of the technology. This should only be a few days of work but there is a lot of experience these partners can give you that will ensure your ongoing and future use of Oracle IRM is successful.

Tuesday Jun 08, 2010

New Oracle Information Rights Management release (

Just released is the latest version of the market leading document security technology from Oracle. Oracle IRM 11g is the result of over 12 years of development and innovation to allow customers to provide persistent security to their most confidential documents and emails. This latest release continues our refinement of the technology and features the following;

  • Continued improvements to the web based Oracle IRM Management Website
  • New features in the out of the box classification model
  • New Java APIs improving application integration support
  • Support for DB2 as the IRM database.


Over the coming months we will see more releases from this technology as we improve format support, platform support and continue the strategy to for Oracle IRM as the most secure, scalable and usable document security solution in the market.

Want to learn more about Oracle IRM? View our video presentation and demonstration or try using it for your self via our simple online self service demo. Keep up to date on Oracle via this blog or on our Twitter, YouTube and Facebook pages.

Thursday Jun 03, 2010

The challenge of communicating externally with IRM secured content

I am often asked by customers about how they handle sending IRM secured documents to external parties. Their concern is that using IRM to secure sensitive information they need to share outside their business, is troubled with the inability for third parties to install the software which enables them to gain access to the information. It is a very legitimate question and one i've had to answer many times in the past 10 years whilst helping customers plan successful IRM deployments.


The operating system does not provide the required level of content security

The problem arises from what IRM delivers, persistent security to your sensitive information where ever it resides and whenever it is in use. Oracle IRM gives customers an array of features that help ensure sensitive information in an IRM document or email is always protected and only accessed by authorized users using legitimate applications. Examples of such functionality are;

  • Control of the clipboard, either by disabling completely in the opened document or by allowing the cut and pasting of information between secured IRM documents but not into insecure applications.
  • Protection against programmatic access to the document. Office documents and PDF documents have the ability to be accessed by other applications and scripts. With Oracle IRM we have to protect against this to ensure content cannot be leaked by someone writing a simple program.
  • Securing of decrypted content in memory. At some point during the process of opening and presenting a sealed document to an end user, we must decrypt it and give it to the application (Adobe Reader, Microsoft Word, Excel etc). This process must be secure so that someone cannot simply get access to the decrypted information.


The operating system alone just doesn't have the functionality to deliver these types of features. This is why for every IRM technology there must be some extra software installed and typically this software requires administrative rights to do so. The fact is that if you want to have very strong security and access control over a document you are going to send to someone who is beyond your network infrastructure, there must be some software to provide that functionality.


Simple installation with Oracle IRM

The software used to control access to Oracle IRM sealed content is called the Oracle IRM Desktop. It is a small, free piece of software roughly about 12mb in size. This software delivers functionality for everything a user needs to work with an Oracle IRM solution. It provides the functionality for all formats we support, the storage and transparent synchronization of user rights and unique to Oracle, the ability to search inside sealed files stored on the local computer.

In Oracle we've made every technical effort to ensure that installing this software is a simple as possible. In situations where the user's computer is part of the enterprise, this software is typically deployed using existing technologies such as Systems Management Server from Microsoft or by using Active Directory Group Policies.


However when sending sealed content externally, you cannot automatically install software on the end users machine. You need to rely on them to download and install themselves. Again we've made every effort for this manual install process to be as simple as we can. Starting with the small download size of the software itself to the simple installation process, most end users are able to install and access sealed content very quickly. You can see for yourself how easily this is done by walking through our free and easy self service demonstration of using sealed content.


How to handle objections and ensure there is value

However the fact still remains that end users may object to installing, or may simply be unable to install the software themselves due to lack of permissions. This is often a problem with any technology that requires specialized software to access a new type of document.


In Oracle, over the past 10 years, we've learned many ways to get over this barrier of getting software deployed by external users. First and I would say of most importance, is the content MUST have some value to the person you are asking to install software. Without some type of value proposition you are going to find it very difficult to get past objections to installing the IRM Desktop. Imagine if you were going to secure the weekly campus restaurant menu and send this to contractors. Their initial response will be, "why on earth are you asking me to download some software just to access your menu!?". A valid objection... there is no value to the user in doing this.

Now consider the scenario where you are sending one of your contractors their employment contract which contains their address, social security number and bank account details. Are they likely to take 5 minutes to install the IRM Desktop? You bet they are, because there is real value in doing so and they understand why you are doing it. They want their personal information to be securely handled and a quick download and install of some software is a small task in comparison to dealing with the loss of this information.


Be clear in communicating this value

So when sending sealed content to people externally, you must be clear in communicating why you are using an IRM technology and why they need to install some software to access the content. Do not try and avoid the issue, you must be clear and upfront about it. In doing so you will significantly reduce the "I didn't know I needed to do this..." responses and also gain respect for being straight forward. One customer I worked with, 6 months after the initial deployment of Oracle IRM, called me panicking that the partner they had started to share their engineering documents with refused to install any software to access this highly confidential intellectual property. I explained they had to communicate to the partner why they were doing this. I told them to go back with the statement that "the company takes protecting its intellectual property seriously and had decided to use IRM to control access to engineering documents." and if the partner didn't respect this decision, they would find another company that would. The result? A few days later the partner had made the Oracle IRM Desktop part of their approved list of software in the company.



Companies are successful when sending sealed content to third parties

We have many, many customers who send sensitive content to third parties. Some customers actually sell access to Oracle IRM protected content and therefore 99% of their users are external to their business, one in particular has sold content to hundreds of thousands of external users. Oracle themselves use the technology to secure M&A documents, payroll data and security assessments which go beyond the traditional enterprise security perimeter.


Pretty much every company who deploys Oracle IRM will at some point be sending those documents to people outside of the company, these customers must be successful otherwise Oracle IRM wouldn't be successful. Because our software is used by a wide variety of companies, some who use it to sell content, i've often run into people i'm sharing a sealed document with and they already have the IRM Desktop installed due to accessing content from another company.


The future

In summary I would say that yes, this is a hurdle that many customers are concerned about but we see much evidence that in practice, people leap that hurdle with relative ease as long as they are good at communicating the value of using IRM and also take measures to ensure end users can easily go through the process of installation.


We are constantly developing new ideas to reducing this hurdle and maybe one day the operating systems will give us enough rich security functionality to have no software installation. Until then, Oracle IRM is by far the easiest solution to balance security and usability for your business. If you would like to evaluate it for yourselves, please contact us.

Monday May 03, 2010

New success stories for Oracle IRM and blog translations

While we have been busy with the release of Oracle IRM 11g, we've had some customers create a few more success stories for us. These have now been added to our success stories page on this blog, quick links to them are below.


Also the announcement has generated a lot of interest globally within Oracle and as such our friends in Latin America have been asking for some translated pages on the blog. So the first of these are now available in Brazilian Portuguese for both the Oracle IRM overview and the simple demonstration online where anyone can self register and experience Oracle IRM protected content.


If you work for Oracle sales and would like to translate any of the information on this blog please contact us.

Monday Apr 19, 2010

Content Rights Expiry Options in Oracle IRM 11g

Among the many enhancements in IRM 11g, we have introduced a couple of new rights expiry options that may be applied to any role. These options were supported in previous versions, but fell into the "advanced configuration" category. In 11g, the options can be applied simply by selecting a check-box in the properties of a role, as shown by the rather extreme example below, where the role allows access for just two minutes after they are sealed.


The new options are:


  • To define a role that expires automatically some period after it is assigned
  • To define a role that evaluates expiry relative to the time that each document is sealed


These options supplement the familiar options to allow open-ended access (limited by offline access and the ever-present option to revoke rights at any time) and the option to define time windows with specific start dates and end dates.

The value of these options is easiest to illustrate with some publishing examples:


  • You might define a role with a one year expiry to be assigned to users who purchase a one year subscription. For each individual user, the year would be calculated from the time that the role was assigned to them.

  • You might define a role that allows documents to be accessed only for 24 hours from the time that they are published - perhaps as a preview mechanism designed to tempt users to sign up for a full subscription. Upon payment of a full fee, users can simply be reassigned a role that gives them greater access to exactly the same documents.




In a corporate environment, you might use such roles for fixed term contractors or for workflows that involve information with a short lifespan, or perhaps as part of a compliance process that requires rights to be formally re-approved at intervals.

Being role-based, the time constraints apply to any number of documents - including documents that have not yet been created. For example, a user with a one year subscription would have access to all documents published in the relevant classification during the year without any further configuration.

Crucially, unlike other solutions, it is not the documents that expire, but the rights of particular users. Whereas some solutions make documents completely inaccessible for all users after expiry, Oracle IRM can allow some users to continue using documents while other users lose access. Equally crucially, a user whose rights have expired can always be granted fresh rights at any time - for example, because they renew their subscription or because a manager confirms that they still need the rights as part of a corporate compliance process. By applying expiry to rights rather than to documents, Oracle IRM avoids the risk of locking an organization out of its own information.

Thursday Apr 08, 2010

Oracle Information Rights Management (IRM) 11g released!

Oracle Information Rights Management 11g
Wow! The year 2010 has to date been amazingly busy, many things going on here in Oracle and the strategic vision of security technologies just got stronger with the release of Oracle IRM 11g. IRM was acquired into Oracle a few years ago and the first major task was to port the entire platform over to Fusion Middleware.

This involved a total rewrite of the server from a Windows based C++ process to a JEE application running in the Oracle WebLogic application server. This major engineering task comes with many great benefits, mainly the fact the technology is now hosted inside WebLogic Server, Oracle's enterprise class application server. As such we can leverage the authentication models which are provided with WebLogic and at last gain real time support for LDAP authentication. Windows based authentication is still available and the new IRM 11g web based management pages can leverage common SSO authentication techniques.

In moving to this new platform we were able to certify against a much wider variety of platforms, you can now run your IRM server on RedHat, SUSE and Oracle Enterprise Linux, Windows, AIX, Solaris and HP-UX against either Oracle or a Microsoft database. The full range of certified platforms is available here.


Another aspect of 11g is that in accordance with Oracle product standards we localized the client software in 27 languages! This was very welcome for our customers in Japan, Singapore, China and other countries that use double byte character based languages.

Broader Enterprise Reach
  • Built on Fusion Middleware and Java EE
  • Broad platform certifications
  • Standard 27 Oracle languages
  • SSO authentication: OAM, Windows auth, Basic auth to LDAP
Extensible, First-Class Security
  • Extensible classification model for application integrations
  • FIPS 140-2 certification
  • Hardware Security Module for key storage
With the chance of moving the entire server solution to a new platform we were able to radically change some aspects of the technology. One area customers had often asked for was the ability to externalize the rights model. For example one of our high tech customers fell under strict regulation by the US government, such as ITAR and export control law required the customer to enforce controls to who could access certain information.
Oracle IRM is an excellent solution to enforcing controls over what information an employee can access, however, some customers, like this one, had already built an application which stored and managed the policies and rights around their employee's and what they can access. With 10g IRM all this information would need to be imported/sync'd into the server. With 11g we saw the chance to introduce a powerful new feature and let the IRM server leverage a rights model from an external system. In building this new functionality, we immediately found integration examples within Oracle. Our own collaboration platform, Oracle Beehive, uses the Oracle IRM 11g server to provide security to documents stored within Beehive. However, the rights model is in Beehive itself, the Oracle IRM server simply passes on rights requests to Beehive and it dictates what IRM allows the user to do with content. This powerful feature is also allowing us to integrate with all of the Oracle applications (PeopleSoft, JD Edwards, Siebel, E-business suite etc) and in the future Oracle IRM will be the built in document security provider to all of these applications.

Now we didn't forget our own built in classification system, the context model. This is the out of the box classification system that has been improved on from the 10g release and reflects best practice for an enterprise document classification system based on feedback from our customers over 10 years.

New features in the context model

Over the coming weeks I will be going into more detail on the features of Oracle IRM 11g. I'll also be putting up a brand new guide to walk you through the installation and initial configuration of Oracle IRM. However its worth going over some of the new features in the context model.


Roles are now defined at the server level and you choose which ones to make available to each context. This means you can now have a role defined as "external contractor" and say allow them the ability to print content. This role may exist in 20 different classifications your business is securing content against. Then a law may change which requires you prevent contractors to your business from printing content. A simple change to the role at the server level is then reflected to every context that role is used in AND then reflects EVERY single IRM secured document accessed by an external contractor. No other IRM or document security solution brings you such powerful features that can scale into the billions of documents.

Another common request was to add relative time based rights expiry to the context model. Whilst this functionality had always been available in Oracle IRM, it wasn't easily accessed from the context model. In Oracle IRM 11g, you can now set the following time restrictions.

  • Accessible at all times: A user can access content at any time, access is revoked by taking the role away from the user.
  • Within a period after role assignment: A user can access content for a period after the role was initially assigned, so you can give a user access to all information in a context for say 3 weeks, after those 3 weeks pass, this user can no longer access content.
  • Within a period after document sealed: Similar to the above, except now a user can only access content for 3 weeks after the document creation date. This is a great way to allow users to only access information for say 3 days after it has been published. This is often used by customers using IRM to protect sensitive content they are selling to users and that content is often valuable based on the time period for which you access it and is therefore different for each published document.
  • Role active during time period: For example a user can only access content between 1st March 2010 and 1st September 2010.


Overall, Oracle IRM 11g is by far the leading document security solution on the market and Oracle's serious investment in this security technology is evident from our continued advancement in features and functionality. Over the coming 12 months we have even more cool technology to release, but for now 11g will be enabling our customers to deploy even more secure, scalable and usable security to their businesses most sensitive information.

Monday Dec 21, 2009

IRM for CRM - Protection and Auditing for CRM Reports

In a recent article on ComputerWorld, David Taber highlighted the need to "prevent key CRM data from walking out the door", observing that "Your employees not only have access to a significant amount of data, but also know what the data means and how to separate the marginal from the important." and that "Given the number of layoffs and the turnover of sales reps these days, the risk has grown."

David goes on to comment "If a user is allowed to run any reports, they can typically run almost all of them and export the results to a CSV file." - which they may then print or distribute as they choose. There are tools that can block the usage of CSV files, but actually you want to target just the ones that pose a risk.

Amongst the recommendations made to mitigate the resultant risk, it is proposed that an organization should "dramatically limit" the use of mass import/export tools.

The problem with this recommendation, and with the suggestion that you might block the creation of CSV files, is that while seeking to reduce risk it also reduces the usefulness of the CRM system to its users. The data export function exists to help employees make use of CRM data - to get their jobs done. The tension between security and usability is clear.

Within Oracle, we use IRM to address exactly this issue by sealing CSV files as they are created by the export function. This allows the employee to run whatever reports they need as usual, but protects the data automatically. This approach has no impact on any other uses of the CSV format - the protection is targeted on the files that constitute a risk.

The export files are sealed to a classification that allows them to be shared with other Oracle employees, but guards against accidental or malicious exposure to 3rd parties. As and when the employees leave the company, their rights are automatically revoked. Simple.

Sealing also addresses another concern raised in the article - the creation and usage of the export data is fully audited.




Oracle IRM protects and tracks your sensitive information no matter where it goes. It combines business friendly encryption with role based usage rights and auditing.

11g quick guide


« July 2016