Rights Management Services enables you to restrict access to documents and email to specific people and to prevent anyone else from viewing or editing them, even if they are sent outside the organization.
Exchange Online IRM Integration. Enables users of Exchange Online to IRM protect and consume e-mail messages (and attachments).
SharePoint Online IRM Integration. Enables SharePoint Online administrators to create IRM-protected document libraries so that when a user checks-out a document from the IRM-protected document library, protection is applied to the document no matter where it goes and the user has the usage rights to that document as they were specified for the document library.
Office IRM Integration. Enables Microsoft Office users to be able to IRM protect content using predefined policies provided by the service within an organization. Office applications that include these capabilities are Word, Excel, PowerPoint and, Outlook. In addition to this, Visio support is also available.
Enhance security of your SharePoint libraries by using IRM to set up appropriate permissions.
Help keep your information safe, online or offline, because your files are protected whether they’re viewed using Office Online or downloaded to a local machine.
Seamless integration with all Office documents helps guard your organization’s intellectual property.
Apply custom templates based on your business needs in addition to using default Rights Management Services templates.
Examples of policies you can apply to email and documents with Rights Management for Office 365 are:
Do not forward (email)/ Restricted Access (Office apps): Only the recipients of the email or document will be able to view and reply. They cannot forward or share with other people or print.
CompanyName Confidential: Only people inside your organization (that is, people with an Office 365 account @companyname.com) can access the content, make edits, and share with others inside your company
CompanyName Confidential View Only: People inside your organization can view this content but cannot edit or change it in any way. They can print and share with other people inside your company.
Levels of Protection
Native
For text, image, Microsoft Office (Word, Excel, PowerPoint) files, Visio files, .pdf files, and other application file types that support RMS, native protection provides a strong level of protection that includes both encryption and enforcement of rights (permissions).
Generic
For all other applications and file types, generic protection provides a level of protection that includes both file encapsulation using the .pfile file type and authentication to verify if a user is authorized to open the file.
Azure Rights Management Connector
The Microsoft Rights Management (RMS) connector lets you quickly enable existing on-premises servers to use their Information Rights Management (IRM) functionality with the cloud-based Microsoft Rights Management service (Azure RMS).
All users can easily protect documents and pictures both inside your organization and outside, without having to install additional infrastructure or establish trust relationships with other organizations.
You can use this connector even if some of your users are connecting to online services, in a hybrid scenario. For example, some users' mailboxes use Exchange Online and some users' mailboxes use Exchange Server.
The RMS connector supports the following on-premises servers: Exchange 2010/2013 Server, SharePoint 2010/2013 Server, and file servers that run Windows Server and use File Classification Infrastructure (FCI) to classify and apply policies to Office documents in a folder.
The Microsoft Rights Management sharing application is an optional downloadable application for Microsoft Windows and other platforms that provides the following:
Protection of a single file or bulk protection of multiple files as well as all files within a selected folder.
Full support for protection of any type of file and a built-in viewer for commonly used text and image file types.
Generic protection for files that do not support RMS protection.
Full interoperability with files protected using Office Information Rights Management (IRM).
Full interoperability with PDF files protected using SharePoint, FCI, and supported PDF authoring tools.
Scenarios
Prevent loss of intellectual property and proprietary information.
Limit e-mail and file access to only a specific list of individual users or groups identified by their e-mail addresses.
Limit the use of e-mail and/or files to only a limited set of rights such as the right to view the document while blocking other actions such as copying or printing.
Resources
Microsoft Azure Rights Management
How Applications Support Azure Rights Management
Activate Rights Management (RMS) in the Office 365 admin center
Configure IRM (in Exchange Online) to use Azure Rights Management
Set up Information Rights Management (IRM) in SharePoint admin center
Configuring Super Users for Azure Rights Management and Discovery Services or Data Recovery
