Post on 18-Dec-2015
transcript
Deep Dive on Information Rights Management and SharePointBarak Cohen, Neil Wang
SPC073
• How IRM works in SharePoint and in Office 365
• What is new in SharePoint 2013• IRM and PDF• IRM Programmability• Q&A
Agenda
• IRM: Information Rights Management• DRM: Digital Rights Management• RMS: Right Management Server• RMS Online (AADRM): Cloud based Right
Management Service• Publishing License: the license a document is
published with• Usage License: the license to use the document• AD: Active directory• ADFS: Active Directory Federation Services
Glossary
How IRM works?
PL
UL
PL
Protection is persisted with the data, content
can travel anywhere
Prevent the accidental disclosure of sensitive
data by applying usage polices (cannot
forward, cannot print, read-only)
Securely share data with individuals
Email, documents, files
RMSAD
How IRM works in SharePoint (Recap)?
PL
UL
PL
RMS
MSDRM
Document Protectors
AD
GUID
GUID GUID
GUIDGUID
Re-plumbing IRM for the cloud
MSDRM
Office Clients SharePoint
MSIPC
ProtectorsSingle Tenant RMS Server
ProtectorsMulti TenantRMS Service WAC
How IRM works in SharePoint 2013?
PL
UL
PL
SharePoint RMS
MSIPC
New Document Protectors
AD
GUID
GUID GUID
GUIDGUID
How IRM works in SharePoint Online?
SharePoint
RMS
Exchange
AD in Office 365
Tenant 1 , Tenant 2 …. Tenant N Tenant 1 , Tenant 2 …. Tenant N
Start protecting when you subscribe to Office
365
Integrated within Exchange Online,
SharePoint Online and Office, users will use
applications and services they are already familiar
with today.
oOn premises: SharePoint Standard & Enterprise
oOffice 365: E3, E4, A3 and A4 Office Online SKUs
What SharePoint configurations can work with IRM?
SharePoint
AD ADFS RMS
SharePoint Online
ADFS RMSAD
SharePoint Online
RMSAD
On Premises Federated Online
1. Document protection in the cloud (and for subscriptions on premises)
2. Protecting documents is easy (with granular usage rights)
3. Protected documents can be viewed in browser4. Group protection5. Support for PDF in addition to Office formats6. Programmability
6 new document protection features
Document protection in Office 365 with AADRM
rights management
Document protection in SharePoint online
Document protection for subscriptions
Demo: configuring IRM in Office 365 and SharePoint onlineNeil Wang
• Updated simpler UI• Granular usage rights• Office web application support• Group protection
Protecting documents is easy (with granular usage rights)
• Set access rights (print, run scripts to enable screen readers, or enable writing on a copy of the document (new to Office 2013))
• Set expiration date (date after which the document cannot be used)
Usage rights
Protected documents can be viewed in browser
How does WAC work with IRM?
SharePoint
MSIPC
Document Protectors
GUIDGUIDGUID
Web AppsWOPI
Group protection
RMS
AD
SharePoint
users
groups
PL
UL
PL
GUID
PDF support
• Extension to ISO 32000 (PDF Protection)
• A new protector in SharePoint• Standard compliant• Supports discovery payload
• Compatible with 3rd party readershttp://go.microsoft.com/fwlink/?LinkID=231373
Call to action: bring your PDF viewer to market
PDF support
The Foxit PDF reader
Demo: New IRM document protection featuresNeil Wang
Programmability (Farm level)Example PowerShell commandEnable IRM for the farm and configures it to use the default RMS server configured in Active Directory.
Set-SPIRMSettings -IrmEnabled -UseActiveDirectoryDiscovery
Enables IRM for the farm and specifies the URL of the RMS server to use
Set-SPIRMSettings -IrmEnabled -CertificateServerUrl http://myrmsserver
Enable IRM for the specified tenant and specifies the URL of the RMS server to use.
Set-SPIRMSettings –IrmEnabled -SubscriptionScopeSettingsEnabled site = Get-SPSite http://myspserver$subscription = $site.SiteSubscription
Set-SPSiteSubscriptionIrmConfig -Identity $subscription -IrmEnabled
-CertificateServerUrl http://myrmsserver
Disable IRM for the farm Set-SPIRMSettings -IrmEnabled:$false
SPInformationRightsManagementSettings classSPInformationRightsManagementSettings membersSPInformationRightsManagementSettings methodsSPInformationRightsManagementSettings properties
Programmability (Library level)
The Document Leak problem demoNeil Wang
Other interesting sessions in SPCSPC173 - Overview of ECM for teams with Site Mailboxes (Tue 9AM)SPC223 - CMIS and SharePoint 2013: Interop with other ECM systems (Tue 3:15)SPC018 - Best Practices for ECM in the Cloud, and how large organizations can get the most out of Office 365 (Wed 9:00)SPC112 - Customer Showcase: How Clifford Chance, one of the world's largest law firms, has bet its ECM strategy on SharePoint (Wed 3:15)SPC251 - What's New in Managing Your SharePoint Online Environment (Mon 3:45)SPC195 - PowerShell 3.0 Administration with SharePoint 2013 (Tue 9:00)
Read more: IRM in SharePoint 2013 blog
Q&A
Evaluate this session now on MySPC using your laptop or mobile device: http://myspc.sharepointconference.com
MySPC
© 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.