Information rights management is a technology that allows you to limit the transfer, copying, printing, and other unauthorized actions on data by prohibiting them in protected documents and email messages. This allows you to avoid unauthorized access to messages that have confidential data, both in case of accidental information leak to third parties and intentional information disclosure attempts.

    Each file protected by IRM is placed in an encrypted container along with a special label that defines the access rights to it. The essence of IRM is that even if such a container falls outside the network, it will be completely useless without access rights to the document. This action is similar to the forced encryption of data placed on removable media, which is often found in access control systems for ports and peripherals. IRM technology allows the export of confidential information in encrypted form only, which allows you to always protect the company from accidental leaks, and quite often, from planned information disclosure attacks.

    Azure IRM allows you to automatically or manually protect documents at various stages of their life cycle using tools integrated into the operating system and the Microsoft Outlook mail client.

    Azure IRM is responsible for authenticating users by requesting rights from the IRM server, protecting and logging work with documents and email messages under IRM policy.

    IT Partner responsibilities #

    1. Gather data and customer requirements to configure IRM system
    2. Prepare a list of labels, rules, and policies
    3. Configure Azure IRM for email. Create rules and policies
    4. Install Azure Information Protection clients as agreed with the client
    5. Check the correct operation of the IRM system according to the required settings

    Client responsibilities #

    1. Coordinate Client resources and staff schedules
    2. Provide a dedicated point of contact responsible for working with IT Partner
    3. Coordinate any outside vendor resources and schedules
    4. Configure all network equipment, such as load balancers, routers, firewalls, and switches
    5. Install Azure IRM agent, if it's not done by IT Partner
    6. Review and approve engagement deliverables in a timely manner

    Additional cost items not provided by the project #

    Upon completion of the project, we will provide a project closeout report. This document will indicate the final project status including acceptance criteria matching, outstanding issues, and the final budget. If you require more extensive documentation, it can be provided for an additional fee. 

    Prerequisites #

    1. Office 365 E3 and newer or Azure Information Protection P1/P2
    2. Administrative access to your Office 365 Tenant

    Plan #

    The plan may vary depending on your needs.

    1. Kickoff meeting
    2. Gathering Azure IRM performance requirements
    3. Azure IRM Service activation
    4. Configuring policies and rules
    5. Installing clients on devices
    6. Verification and fixing issues

    Success Criteria #

    1. A list of labels and rules by which the security policy will be configured has been prepared according to the requirements of the client
    2. The IRM policy is configured according to the list of requirements
    3. Azure IRM Client is installed on required devices
    4. The client's employees can use the functionality of the email protection according to the developed requirements

    Related services

    Configure and Enable DLP Policies

    DLP-system (Data Leak Prevention) is a specialized software that protects the organization from data leaks. This technology is not only the ability to block the transfer of confidential information through various channels, but also a tool for monitoring the daily work of employees, which allows you to find security weaknesses before the incident.

    Rapid Start: Remote Work

    Let us give your employees the tools, resources, and solutions they need to be as productive, creative, and secure as possible when working from any location and on any device.