Enterprise Mobility and Security Blog

RSS

Hi Everyone,

The sound of bells might have you all wince given the wild opens/closes in the stock market but I’ve got news that should both cheer you up and makes your lives better! Today I am beyond excited to share with you some insightful analyst reviews on the information protection space, an early look on how we plan to integrate the Secure Islands product into our overall information protection offering, and upcoming updates to the Azure Rights Management service. 

Secure Islands

We’re happy to have the Secure Islands team join our Cloud + Enterprise Information Protection team. They are a great bunch of people with whom we’ve worked with for many years. We’re now one team, all focused on one mission. I will share a lot more about our approach in the upcoming months. For now, you should internalize this guidance to secure and protect your organization today.

  1. We will focus our initial energies on the bringing to the masses a merged offering of classification, labelling, and protection (CLP) across our broad Microsoft and Partner ecosystem. We’ll then extend this offer with some of the other valuable aspects of the current Secure Islands offer; we’re not able to get everything in our first release.
  2. We’re driving HARD to get a preview as soon as possible. You will be able to use this offer to run effective POCs and large-scale Pilots. I’ll share more about this release and how to prepare for it later in February.
  3. In the meantime, you can purchase the Secure Islands products from our Secure Islands subsidiary.
  4. Later this spring we will publish a migration path to the merged offering of classification, labelling, and protection (CLP) from the current Secure Islands + RMS offerings.
  5. Watch this space or follow us on twitter (@TheRMSGuy) to learn more about the preview. If you want to evaluate and/or purchase the existing Secure Islands IQP product, email us at AskIPTeam@microsoft.com for details.

Upcoming Azure RMS Release(s)

Here are the features that have recently gone live or will be released during the coming few weeks:

Azure RMS Document Tracking licensing enforcement: The Azure RMS Document Tracking and Revocation site was available to all users to try out during preview. This is (always has been) a premium feature. Starting today we are enforcing that only Azure RMS Premium or EMS/ECS users are able to use the tracking and revocation site.

Updated RMS Sharing app and RMS SDKs on all platforms: Last month we quietly released updated versions of the RMS sharing app and the RMS SDKs. Here’s what we shipped:

    • Support for Document Tracking APIs in our mobile SDKs
    • Only the file owner and people with Co-Owner permissions levels can unprotect files. Previously, the owner and people with Co-Author and Co-owner permissions levels could unprotect files.
    • Native protection for .tif files in addition to .tiff files. We had missed the abbreviated file extension.
    • Error messages have been improved.
    • Performance improvements for encrypting and decrypting content.

Updated Private Preview for RMS Protection cmdlets: RMS Protection Tool could previously encrypt and decrypt documents, but not email. We’ve released a preview version of the tool that can decrypt Outlook files (.PST, .EML, .MSG). If you’d like to evaluate this, email us at askipteam@microsoft.com

Azure RMS logging improvements: It turns out it is really hard for IT leaders to provide credit card information for pay-as-you go services. Our logging was one such service. Come end of January, Azure RMS usage logs will be automatically enabled for all our customers and will be free. Expect a blog post explaining this enhancement soon (and how we’re going to migrate the brave folks that managed to figure out how to pay for this to date).

RMS super user improvements: The updated Admin PowerShell cmdlets for Azure RMS allow you to add/delete modify user groups for Super User access. This is a much asked-for functionality and we hope you love it.

RMS Protection Cmdlets GA: In addition to what’s described above, in this GA version, Super Users and Service Principals will be supported on Azure RMS, making e-discovery much easier than it is today. Once shipped, the RMS Protection Tool will fully replace the Bulk Protection Tool and the Bulk Protection Tool will be deprecated. Expect a blog post explaining GA release soon.

Per above, by late February we’ll share more of what we’ll be doing for 2016. Some awesome features are in the works for all of our customers – from the most cloud friend to the most cloud adverse.

Analyst Reviews

Let’s switch gears now and share with you some great insights from the analysts.

GARTNER

In 2015 Gartner wrote two pieces about the Enterprise Digital Rights Management space:

Jun’15: Gartner #G00275948: The Role of Enterprise Digital Rights Management in Data-Centric Security

Dec’15: Gartner #G00292633: How to Select the Right EDRM Solution                                                                 

Within these papers Mario and Eric offer many observations, recommendation, and tips on how to approach this space. As someone who’s met with over 500 customers 1-1 (and for at least an hour each) I’m happy to say that I’m really aligned with their overall observations. Let’s touch on a few key points…

  • In the December report Eric Ouellet wrote “Interest in enterprise digital rights management (EDRM) capabilities has reached an all-time high, with the ubiquitous adoption of mobile, cloud and collaboration platforms, as well as the proliferation of data-sharing practices in all worldwide industry segments”. His view exactly matches the insane pace of life we’ve had here at Microsoft in the Information Protection team!
  • In the June report Mario wrote “Enterprise digital rights management (EDRM) is a mature technology for enterprise wide persistent protection of data“. This is personally heartwarming as EDRM has long been in Gartner’s famed ‘Trough of Disillusionment’ (Hype Cycle for Data Security, 2015, July 21 2015). He also offered other points of view in the ‘Key Finding’ section that made me smile. I won’t spoil them here so be sure to look them up in #G00275948!
  • Back in June an important observation made by Mario is that “A broader data-centric security strategy requires a combination of EDRM with other technologies such as classification, data loss prevention (DLP) and data­ centric audit and protection (DCAP).” He’s exactly right. At that time I was actively pursuing the purchase of Secure Islands and all of the big DLP vendors are working closely with us. Take a peek at Gartner’s December write up and you’ll see some 2019 predictions that have me absolutely knowing that we’re fully on the right track. WOW!
  • Over the last 9 months a lot has changed in people’s attitudes towards IT SaaS offer.  There was a time where I struggled explaining how the enormous value of a cloud-hosted EDRM offer outweighs the possible disadvantages. In the June report Mario wrote: “Many vendors offer a cloud solution to replace on­-premises servers. This provides the opportunity to scale with future increased use of EDRM, but this should be tested carefully for potential latency issues and security requirements. Note that on-­premises servers need to be in the demilitarized zone (DMZ) for mobile device access as well as external collaboration. This means cloud and the DMZ are not that different for EDRM offers. Moreover, the server does not see the body of the document, which makes cloud EDRM deployments interesting for even cloud-reluctant organizations“. Yes, re-read that last line!!!
  • So, in closing, there are lots of fantastic points made in these two Gartner papers. Overall, I consider these must-read papers. Bravo Gartner! Feel free to send us your thoughts to AskIPTeam@Microsoft.com

Disclaimer: Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.” 

FROST AND SULLIVAN

Another well respected analyst is Frost and Sullivan. They too inventoried / surveyed the space we operating in and came up with a detailed view on the market. In this case, a picture is worth a thousand words:


We’re in an enviable position but we are not slowing down. In fact, we’re going faster/harder to meet your needs.

KUPPINGER COLE

Outside of the US many IT leaders turn to KuppingerCole for input. You may know them from their very well-known ‘European Identity & Cloud’ conference. Last summer Graham Williamson wrote a leadership compass report and, as above, here too a picture is worth a thousand words:

In this chart the vertical axis (height) means nothing. Right is better.  Also, you’ll see several partners of ours (Intralinks, Secure Islands, Titus, and Watchful) who are based on Microsoft RMS protection. Once again, we’re in an enviable position but still not slowing down!

 

 

With this, thank you all for a wonderful 2015! Strap yourselves in for a very wild 2016… we will not disappoint!

Cheers,
Dan on behalf of the wonderful information protection team