Last month Gartner released another research paper titled “Getting Your Organization Ready to Deploy Enterprise Digital Rights Management”, authored by Eric Quellet who has written many papers on Enterprise Rights Management at Gartner. This paper is based on 4 key findings, 3 of which I think are very significant namely;
- The overcomplication of deployments by attempting to accomplish to many goals.
- A lack of proper preplanning and predeployment activities to successfully leverage Enterprise Rights Management.
- Sometimes Enterprise Rights Management is not the right solution required to protect sensitive documents.
This paper recommends that organizations get a clear understanding of the capabilities and functions of the Enterprise Rights Management solution and how this software tool will meet its needs. It also recommends that organizations pilot Enterprise Rights Management using a small number of users to ascertain that all vendor claims meet their requirements.
This paper forecasts that by 2015, 35% of organisations will have a critical need for Enterprise Rights Management, but less than 1% will be able to deploy the technology due to a lack of solution standardization. I want to believe this is a good thing because the lack of standardization fosters innovation, Enterprise Rights Management needs to continue to evolve to be able to address the increasing complexity of security threats out there.
Eric said it is essential for the entire organization to fully understand the impact of Enterprise Rights Management on their daily jobs and the daily operations of the organization. A proof-of-concept deployment is key to a successful implementation and acceptance of Enterprise Rights Management and should be mandatory as well as properly planned for.
Other considerations before deployment of Enterprise Rights Management is data classification, establishing a project plan, planning rollback and reliability, integration with content aware data leakage prevention among many other factors.
Eric concludes that while Enterprise Rights Management remains a very popular topic of conversation, it remains a difficult solution to implement and use within most organizations. Like most data leakage prevention tools it the the overcomplication of requirements that makes it difficult for a successful implementation. There are successful implementations by the likes of Oracle and Fasoo that have over half a million licenses within a single enterprise so it can be done.
I recommend that managers get a copy of this research paper as there is so much that could be learnt during planning and deployment. It is also essential that the right solution is chosen among the the myriad number of solutions out there. I posted a blog a few months ago titled “types of Enterprise Rights Management solutions” to help organizations understand what is currently on offer.
In conclusion this paper is should only be used as a guide in the decision making process, as this will ensure that managers have sufficient armoury to justify the deployment of Enterprise Rights Management to senior management. On the other hand it may be that Enterprise Rights Management is not the right solution for the organization after a proof-of-concept. Whatever the decision, proper planning is the key to a successful implementation.
