Data management is one of the prime areas of concern of the modern world. The term ‘data management’ does not just address way of organizing data, but also focuses on data security aspects. With the increasing popularity of ‘Bring Your own Device (BYOD)’ trend, which allows users to use their personal device for professional/official use as well, data security concerns are at peak. BYOD allows users to access official data, which is of confidential nature, from any location. Further, the personal devices of users may not possess sufficient security means to fight malware and similar fraudulent attacks, which poses high data security risk.
Information rights management (IRM) is a subset of technologies that protect sensitive information from unauthorized access such as digital rights management (DRM). It is also referred to as E-DRM or Enterprise Digital Rights Management. This can cause confusion, because digital rights management (DRM) technologies are typically associated with business to consumer systems designed to protect rich media such as music and video (for example, Apple's DRM for iTunes). IRM is a technology which allows for information to be ‘remote controlled’. This means that information and its control can now be separately created, viewed, edited & distributed. A true IRM system is typically used to protect information in a business-to-business model, such as financial data, intellectual property and executive communications. IRM currently applies mainly to documents, emails and any other type of enterprise related data.
Data containerization is a technique/mechanism, which is used to protect data of confidential nature, from unauthorized access by creating an encrypted data store (aka container) on a device or within an app. But a container is not simply an encrypted file—for example, access to data in the container requires secure authentication independent of any other device settings or restriction. The result being that even on a device with no unlock pass-code, no whole device encryption, and no security policies of any type, the contents of the container remain inaccessible unless an authorized user enters valid credentials. Securing data in a container also allows an administrator to wipe all business data from a personal device without wiping any personal data or apps by simply deleting the container. Rather than making sure the entire device is secure—which can limit the end-user from being able to use a smart phone or tablet to its full potential—the containerization concept is to create a compartment within the device, where the corporate data and applications are segregated from the applications and data belonging to the user.
Existing data containerization technologies are restricted to static containers. It is not possible to update the contents of a data container while still keeping the data within the container. Owing to this, if the container is shared further or sent back to the owner who had shared it with the intent of gathering information (forms, for instance), the updates are not propagated. As a workaround, the changes may be saved in a file outside the container and then shared further, but this is extremely risky and prone to issues such as data leaks and so on.
Also, if the data on the device from which the container was downloaded is updated, say by the owner, the container with the end users continues to store stale data even if the owner of the data wishes to propagate the updated data.