BCA Research, for example, uses FileOpen's IRM software to control what paying customers can do with its intellectual property (IP) once they've downloaded it, says Paul Chow, director of information technology for the global investment research firm. "Our research can be rather expensive and unique, and the Internet makes it easy to abuse IP rights," he adds.
Compliance is another major driver. IRM, for example, helps IT managers deal with federal regulations that hold their firms liable if sensitive data gets compromised by a partner. Pharmaceutical companies and aerospace and defense contractors, in particular, need to follow strict government security regulations when sharing data with their overseas sites and contractors.
Health care providers are being pressured by the federal government to both share protected health information and comply with HIPAA security regulations. "If the American Cancer Registry wants to know how many cancer patients you see, IRM lets you send a document with consolidated data but with patient identities blanked out," says Jack Wagner, executive consultant at Vitalize Consulting Solutions.
Some ERM products also provide auditing, so that when regulators or litigators come knocking, a company can show who looked at what and when, as well as prove that proper security controls are in place, Wagner notes.
Today's ERM market is very much in flux, with a fair amount of consolidation going on. DLP players include EMC subsidiary RSA, Symantec, McAfee, Websense, Code Green and CA. IRM vendors include Microsoft, Liquid Machines, Gigatrust, Oracle and LockLizard. NextLabs claims to offer both technologies on an integrated platform that also includes a policy engine.
Shopping tips: Client-device support is key
Companies shopping for an ERM product need to ensure that their choice matches not just their security needs, but those of internal and/or external customers as well.
One important question to ask upfront is which document formats and applications a product supports. Most IRM offerings work with Adobe PDF and Microsoft Office documents, but some go much further. Gigatrust, for example, supports a range of CAD and engineering formats. Liquid Machines claims to support over 400 file types, while LockLizard supports Flash and HTML.
NextLabs' IRM software is format- and application-independent because it works at the operating system level, according to product manager Andy Han. This limits its ability to control certain functions such as watermarking and content redaction (blocking out words). However, NextLabs supplies a plug-in that provides these features for documents generated by Microsoft Office, Han says.
Another key shopping criterion: which client devices are supported. IRM vendors are just beginning to support mobile devices, allowing IT to curb employees' unfortunate tendency to ignore or forget corporate security policies while on the road. IRM's embedded security controls could prevent a traveling sales representative from sending customer records to a colleague via unsecured Web mail, for example. And if the mobile device gets lost or stolen, the information remains encrypted and inaccessible, says ESG's Oltsik.
Broad support of client devices is also important for customer satisfaction. BCA's customers "don't just want to read our research on their desktops, they want it on their laptop, the computer in the car, at home, on iPhones, BlackBerries, Kindles," says BCA's Chow. Some IRM vendors currently support the BlackBerry; some are promising iPhone support soon. Kindles, not so much.