In the previous three posts we discussed and evaluated the need for IRM protection. If you have made it this far, congratulations are in order!
We have completed a comprehensive assessment and we are confident that IRM is the right protection for your sensitive data, and not a moment too soon!
In the following sections you will see which deployment strategy is best suited based for you based on the analysis done in the previous sections.
If you haven't seen the previous posts, we recommend doing so now before coming back to this post.
In this section we will take what we've learned in the previous posts and apply it to choose the correct RMS deployment for IRM that will be suitable for your organisation’s needs. We will then look at where it is best to start our deployment within the organisation.
ON PREMISES, CLOUD OR HYBRID?
Here we will take a look at which type of RMS deployment is suitable for your organisation. If you have not yet identified your needs, you should go back and look at the previous posts as this will help you identify the hotspots in your organisation where IRM is needed.
Are you already a Microsoft Office365 or Azure AD subscriber?
If you already are storing files in the cloud on services like SharePoint, using Microsoft Exchange Online and in general have adopted the cloud based way of working, we highly recommend going with the cloud based solution.
You are already there, all you need to do is activate the services and your organisation is ready to go!
Does your organisation have a requirement to share documents with external partners?
While both ‘on-premises’ and ‘cloud’ allow you to share with the outside world, there are significant differences in how you implement the sharing strategy.
If you are choosing on-premises there are requirements on both your organisation and the partner organisation you are sharing with to install Active Directory Federation services and set up trusts. Adding new partners as you go along, you will need to repeat the process for each partner.
Unless you have a longstanding partnership and the plan not due to change for some time, this could very well be highly worth the effort and resources required for transparent access.
We, however, recommend the cloud solution if you are sharing with many organisation and need to quickly send that one document over to anyone, because it gives you easy control for revoking documents should the need arise.
There are no extra implementations required for you or your partner, it just works and comes with extensive tracking and monitoring capabilities.
However if you have no need to share your data externally and are just looking to protect the data within your own organisation, perhaps you are even only looking at locking down and protection of data at reset (archive data), then we would recommend using the on-premises solution.
Are you a company with resources to spare and secure finances?
An on-premises RMS installation requires a great deal of resources and SQL licensing. This can be a challenge for smaller or medium companies with budget restraints to contend with. Depending on the budget, a cloud-based solution may make much more financial and practical sense?
Company Security policies
What if your company’s security policy does not allow cloud storage and your budget does not allow for on-premises deployment?
There’s no need to worry!
Unless your data is in the cloud, Microsoft RMS only sends authentication information to the cloud and for Rights Management reasons no actual data is being sent.
If your security policies are even more stringent, you can even bring your own tenant key to the cloud.
Based on the above factors we would decide if a cloud or on-premises solution is the best way to enhance your organisation’s data security.
But what is the best way to actually start deployment?
That is the topic of the next post so join us again next week.