C. RECIPIENT RECIEVES IRM PROTECTED EMAIL
5. Unable to open Email
When external user tries to open the email it will notice that email is locked with IRM. An error message will be presented to consumer as they are not authenticated to open the content.
6. Justified business cases
In some scenarios a user is justified to pass on this information to a 3rd party. To avoid the transport rules and IRM protection user can add in the word "override" in the subject field.
The email is in this case passed on unencrypted but a copy of the email is sent to the security team for auditing purposes.
A. USER SENDS SENSITIVE INFORMATION
A user in the organisation is preparing an email to an external user. In this email sensitive credit card information is entered.
2. Policy Tips
Outlook detects that sensitive information is being entered and informs the users through policy tips. Through the policy tips the user is being made aware that the email contains sensitive information and will be protected with IRM as it leaves the organisations. *
*Policy tips is a feature that comes with outlook 2013 ProPlus
B. EXCHANGE TRANSPORT RULE
3. Email process
User decides to send the email anyway. As the email passes through the exchange server the message gets examined by the transport role to checks if certain criteria are met.
4. Enforce Rule
In this case the email contains sensitive credit card information. The Transport role detects this and applies IRM protection to the email before it is sent out.
DLP - Exchange
Each step is explained in detail below:
Exchange DLP Explained
Data Loss Prevention Technologies allows you to protect files and content when in use, at rest or when in motion.
In this case, the data is being protected when in motion.
Exchange server 2010 can be configured to prevent emails from going out or protect them with IRM as they pass through, given criteria is met.
Exchange 2013 and Exchange goes further and comes with built in DLP templates that allows you to scan and protect sensitive content that passes through.
In below example an Exchange 2013 server is configured with DLP - PCI Credit Card Template combined with IRM. Work flow explains how the email work flow from the sender to receiver.
Exchange 2010 and Exchange 2013 allows you to take advantage of following features:
Transport Protection Rules - You set a rule to scan and protect an email with IRM if the content or its attachment contains sensitive information.
Access for trusted applications - Allow agents to scan IRM protected content for malware.
Journal Report Decryption - Decrypts IRM protected content for journaling.
IRM Decryption for Search - Allow Exchange Search the capability to index IRM Protected content.
IRM-enabled Outlook Web App - Self-explanatory, IRM protected content can be opened in outlook Web app without any further complications.
IRM-enabled Unified Messaging - A feature that allows users to listen to IRM protected voicemail messages in OWA, outlook and on the telephone. The voicemail can be configured with "Do not forward" IRM policy for private voice mails.
Outlook rules - You can configure so that an email gets directly protected with IRM as fast as you enter in a recipient in the "to" field in an email. This allows you to send emails to a certain group being confident that it is protected from the first keystroke that is being entered to the email. (Requires client to run Outlook 2010 and upwards
DLP Templates - Also, with Exchange 2013 or Exchange online you can take advantage of built in DLP templates. These DLP templates can be combined to work with IRM.
Microsoft Exchange is one of the biggest endpoints where information is exchanged and also where data can leak out. What better place to set up DLP combined with IRM to protect sensitive content?
Microsoft Rights Management works seamlessly with Microsoft Exchange server 2010 and newer.