• United States
Senior Editor

Digital Rights Management

Feb 24, 20032 mins
Enterprise ApplicationsIntellectual Property

* What you need to know about DRM

Digital Rights Management isn’t just for the entertainment industry. This week we take a look at what network executives need to know about DRM.

According to our author (, DRM is not just a single product or service, but a means of extending corporate security to digital content that is easy to move around. The premise behind DRM is relatively simple: An individual is given rights to a piece of content based on certain conditions (i.e. they can view it once, for a set period of time or can only use it on a particular machine or device.) The content, if stored locally on a user’s machine, is usually encrypted so it cannot be accessed without the proper authentication.

However, implementing DRM from technological and business model standpoints can be tricky. You should consider:

* Data format. In an enterprise there are various data types – documents, spreadsheets, rich media – that need to be secured. When thinking about what product, vendor or service to use in a DRM implementation.

* Puzzle pieces. Whichever DRM system is put in place needs to be integrated with the existing enterprise infrastructure including file management systems, databases, e-mail and Web servers.

* Support the user. Like any type of security infrastructure, you need the right support in place to manage problems such a lost passwords or transitioning workers. When DRM locks a piece of content to a specific PC or person, what happens when a user gets a new PC or the worker takes a new position? The license needs to be moved to the machine or employee taking over the job task.

* Protect your keys. If using a third-party to serve and authenticate licenses, it’s important to keep local copies of the user data in case something happens to the provider.

* Remote users. For traveling workers not connected to a network, there should be a policy implemented with some requirement to “phone home” to check the permissions that allows the users to work offline on the local desktop.

There are many other issues too. For more on this story see: