Last week I did a review on a Gartner paper released in May 2010 titled “Enterprise Digital Rights Management”, following on from this, Gartner released another paper in June 2010 titled “Key Selection Criteria for Enterprise Digital Rights Management Solutions”. This paper before its release was much anticipated by myself and many other professionals who work with Enterprise Rights Management. So does this paper help potential clients know what to consider when it comes to selecting an Enterprise Rights Management solution? Well read on and let’s find out.
This paper was authored by Eric Quellet and Ray Wagner, and they start out by stating that the success of Enterprise Rights Management deployments depends heavily on features, functionality and livability of the solution with end users. Every requirement is different, and organisations should choose their Enterprise Rights Management solution based on what their requirements are and not on what the Enterprise Rights Management solution has to offer. Sometimes an Enterprise Rights Management solution is not what is required, as such a thorough analysis should be carried out as to whether it is the right solution.
This paper clearly states that you need to understand the capabilities and functionality of the Enterprise Rights Management solution and match it to your real world needs. I posted a blog a few months ago on the types of Enterprise Rights Management solutions out there. Eric and Ray advocate for a proof-of-concept (POC) deployment before an organisation takes on Enterprise Rights Management, and this should take into consideration features, functions, seamlessness and integration into existing systems. Eric and Ray also list the importance of POC deployments.
This paper identifies three main selection criteria namely High-Importance Selection Criteria, Medium-Importance Selection Criteria and Low-Importance Selection Criteria. Under the High-Importance criteria Eric and Ray list usability, existing workflow support, rollback/recovery capability, internal user support, external user support, policy management, data lifecycle/change management, integration with document and content management systems, support for compliance and legal discovery activities, native document format support, comprehensive permission control and Microsoft windows/active directory and third-party directory support.
Under medium importance this paper advices that the following selection criteria should be considered; Third-party directories and strong authentication support, usage tracking, retrofitting existing assets, integration with content-aware DLP, offline/forced online support, on-premises and cloud based deployments and finally scalability. Under this selection criteria, I would probably move scalability to high-importance because even if organisations plan to start off with a small user base, when it comes to extending the solution to a larger user base the Enterprise Rights Management solution might not scale and may suffer all sorts of performance issues.
Finally, under low importance the following criteria is listed; ease of deployment, management console and reporting, key management and hardware security modules, default policies and mobile device support. When looking at the entire spectrum of Enterprise Rights Management solutions out there, you may find that some are stronger in medium selection criteria, than they are in the high-importance selection criteria but provide the core functionality over and above the other solutions out there. Therefore it is very important to perform a comprehensive risk-benefit analysis on whether to choose one solution over the other.
In conclusion, this paper is a very good resource to help managers get executive approval in the deployment of Enterprise Rights Management, although in itself not definitive. However, follow the advice given in this paper and you’ll find that you are more than halfway at finding a solution that meets your organisation’s requirements for an Enterprise Rights Management solution. I highly recommend this paper.
