1. Field of the Invention
The present invention generally relates to content and information rights management, and more particularly to systems and methods that allow the enforcement of organizational and regulatory policies in relation to content irrespective of content location.
2. Relevant Background
Document or content management systems (DMS or CMS) generally include the collection of procedures (e.g., manual, computer-based) used to manage work flow in a collaborative environment (e.g., intra-business, business to business collaboration). DMS and CMS can allow for a large number of people to contribute to and share stored data (e.g., emails, documents, movies, pictures, phone numbers, scientific data). DMS and CMS can provide various functions such as aiding in the easy storage and retrieval of data, reducing repetitive duplicate inputs, and the like. As a CMS can serve as a central repository for content and files in various directories and folders, a CMS can increase the version level of new updates to an already existing file.
For example, Enterprise Content Management (ECM) is a formalized means of organizing and storing an organization's documents and other content that relate to the organization's processes ECM is primarily aimed at managing the life-cycle of information from initial publication or creation all the way through archiving and eventually disposal. ECM applications can be delivered via on-premise software (e.g., installed on the organization's own network), software as a service (SaaS) (web access to information that is stored on the software manufacturer's system), hybrid solutions composed of both on-premise and SaaS components, and the like. ECM aims to make the management of corporate information easier through simplifying storage, security, version control, process routing, and retention.
In conjunction with CMSs, enterprise administrators often implement Information Rights Management (IRM) systems (e.g., Enterprise Rights Management, Enterprise Digital Rights Management (DRM), Document Rights Management, Intelligent Rights Management, or the like) to track use of and limit unauthorized access to the content both inside (e.g., while the document is stored on a server-side repository) and outside of one or more networks (e.g., outside of an organization's firewall on a personal desktop, laptop, or mobile device). IRM technology can “follow” a document (in addition to all subsequent copies of the document) both inside and outside of an organization to ensure that users have only those types of access specified by the document creator or other administrator of the organization. That is, IRM systems often use persistent usage policies that remain with the document or content even after the information is transferred between entities, servers, and the like, and may be used to protect many types of information such as financial data, intellectual property, executive communications and the like. In contrast, shared secret passwords associated with documents merely address an “allow/deny” (e.g., all or nothing) policy that, if obtained by unauthorized users, can allow full access and manipulation to the documents
IRM technologies often allow for several levels of security. Some of the functionality offered by IRM systems includes industry standard encryption of the information (e.g., utilizing Rivest, Shamir and Adleman (RSA), Advanced Encryption Standard (AES), etc.), use protection such as controlling copy and paste, preventing screen shots and printing, offline use that allows users to create/access documents without needing network access for certain periods of time (e.g., 4 hours), auditing various types of access and/or changes to documents, just to name a few.
As an example, consider a chief executive officer (CEO) who wishes to send an email message containing sensitive information about a forthcoming reorganization to his or her executive staff. Using an information rights management system enabled email application, such as those currently known, the CEO selects a template to specify that recipients may read the email message for a particular period of time, but not copy, paste, edit or forward that message (i.e., the CEO specifies various “permissions”). Upon receipt, the recipients may view the message using the email application during the particular time period (e.g., 4 hours). After the time period has expired, the recipients would no longer be able to view the email. These types of restrictions can also be applied to intranet content and electronic documents using known IRM systems.