IRM allows you to prevent currently known snapshot features from being used; however, with the constant advance of technology, it is impossible to prevent someone using a completely new piece of snapshot software before the IRM software has been updated.
IRM will not prevent your Domain Administrator from having access to the documents.
8. Domain Admin
Similarly, IRM cannot prevent hackers from attacking and breaching your network. It is not designed to provide functions in any way similar to a good firewall. IRM is designed to work WITH your security systems, not INSTEAD of them.
Should a hacker get hold of a user’s credentials that has Super User access, then the hacker can remove protection from the content before transferring the files to their end.
Therefore, we recommend IRM Super User group to be mostly disabled and only used sparingly in situations where it is absolutely necessary
4. Super User Group
There is no way to use software to prevent someone using their phone to capture an image of an open document once it has been accessed and displayed on a monitor.
IRM is designed to manage the access rights to documents and to control the interactions the user can have with that document; it cannot prevent a person taking a photograph of that document.
However, the likelihood of this occurring is minimal given the fact that simply taking a photograph on a very small phone screen is not going to be useful for data thieves and is not going to be useful in sharing the document as it is not particularly reliable.
However, it is worth pointing out and making sure it’s clearly understood that IRM will only serve to monitor access rights/user input on any given document.
7. IT Security
IRM is designed to plug the holes in pre-existing security features, and provide you with protection the depth of which you never had before.
It is absolutely NOT a substitute.
IRM is designed to work with traditional IT security, firewall restrictions, disk encryption, and antivirus, it is in no way meant to serve as an alternative to these things.
IRM is not designed, marketed or intended for use as an alternative to antivirus, and can do nothing to stop your systems getting infected by malicious software.
However, the upside to this is that viruses and malicious software are rarely after single documents. They are usually more concerned with wiping your entire system or copying all of your content over to their end to be sorted through at a later date.
IRM will continue to be effective in this situation, so no matter where the documents are copied to they will remain unreadable if the hackers do not have appropriate access rights.
This means that if you learn your documents have been stolen, you can simply completely kill access to them and they will be rendered completely unusable.
3. Stolen Credentials
IRM cannot take the place of your current security systems or due diligence, it is merely meant to further help and improve them. For example, IRM can do nothing to prevent the document being accessed if the data thief has stolen the credentials of someone who legitimately has access to the document.
They may then potentially revoke the IRM protection on that document. It is therefore of the highest importance that you maintain strong password policies and security framework.
Limitations with IRM
In this Section we will discuss the reality of what IRM offers you and what it will not. Nobody is suggesting it is a perfect system doing everything, and you need to be aware of the following when considering your IRM solutions from DPRMS.