Enterprise Rights Management

Enterprise Rights Management (ERM) changes the security paradigm. ERM enables the sharing of information in support of collaboration and productivity while securing the data through dynamic centralized policy controls.

With Sitrof, your information is fully encrypted at all times and the processes are transparent to the end-user with no adverse effects to work practices.

Sitrof favors ERM solutions that provide "policy propagation." This means that when an authorized user accesses a file, ordinary functions like copy, paste, save as, and PDF conversion remain available; but the information they cut and paste into a new document retains the original security policies and settings.

ERM: Keeping track of data

Users within most chain-of-trust can easily transpose critical data into new documents and formats and your organization has no way of knowing about it. The best security policies can be in place, but truly there's little or no security because there's no way to monitor for compliance and ultimately enforce violations.

ERM enables you to manage, monitor, and enforce policies governing the access and use of data at rest, in motion, and in use. Security policies for access and use are embedded directly into the information itself, providing you with the security you need and where you need it. According to CIO/Insight, no legacy solutions have been able to address the ‘unstructured data’ security dilemma like enterprise rights management.

Among the benefits of this solution are:

  • The use of encryption to protect data at rest, in back-end systems, in transit on the network, and while in use at endpoint systems
  • The enabling of data sharing and data protection between internal users and the chain-of-trust
  • The granular control over the actions that may be applied to data (e.g., read-only, print, cut-and-paste, edit, save)
  • The enabling to proactively prescribe via policies what actions a user may apply, as opposed to what they may not
  • The ability to provide persistent protection, even when network access is unavailable
  • Access to detailed visibility into the enterprise's data flow for monitoring and audit (e.g., who accessed it, how they accessed it, and how it was used)
  • The power to enable dynamic role-based policy creation for integration with identity and access management systems