DRM, DLP and Cybersecurity
The purpose of this post is to examine how Digital Rights Management (DRM) and Data Loss Presentation (DLP) software, when used together, can potentially improve the cybersecurity of an organisation. With the nature of work has changed due to COVID-19 we need to explore new ideas for companies to keep their people and assets safe.
Integrating DRM and DLP together has the potential to provide holistic data protection and IT security strategy.
Though with enterprise DRM (aka information rights management (IRM)) and DLP have historically been perceived as stand-ins for one another or as competing services. This partly stems from the fact that both DLP and DRM vendors use similar jargon to describe their services: wrap data in protection, file security, secure sensitive data, access permissions, selective encryption, remediation and enforcement. But feature priorities for DLP and DRM vendors are quite different and are in fact complementary to one another.
As a technology, DLP was designed to identify sensitive data (in motion, in use or at rest) and then perform basic remediation/enforcement actions based on the data’s classification (e.g. allow, encrypt, block or quarantine). But giving admins and users advanced remediation powers and policy-based access and protection controls like automatic encryption, geo-fencing, IP-fencing, read-only modes and the capability to revoke and adjust access to data after it’s been shared have not been high on DLP vendors’ agendas. Wrapping advanced controls around data is the speciality of DRM/IRM.
On the other hand, enterprise DRM solutions historically focused solely on DRM-encryption and providing end-users with controls over how data was shared and what recipients could do with it. This meant that the security of a document was left solely up to the end-use, and the importance or sensitivity of the data was not weighed properly prior to its dispersion. Obviously, this posed a threat to corporate security and was viewed as a flaw in the DRM solutions of old.
DRM ensures that only intended recipients can view sensitive files regardless of their location. This assures protection of data beyond controlled boundaries so that an organisation is always in control of its information. DRM policy stays with the document even if it is renamed or saved to another format, like a PDF. This provides a more complete solution to limit the possibility of a data breach.
By integrating DLP and DRM, organisations can:
- Allow DLP to scan DRM-protected documents, and apply DLP policies.
- Enforce DLP policy engines to encrypt or reclassify a file to create a DRM-protected document.
- Secure data persistently and reduce the risk of losing it from both insiders and outsiders.