SharePoint 2013 – New Features in Information Rights Management (IRM)

With the Introduction of new Office 2013 there have been new additions to Information Rights Management (IRM) in SharePoint 2013.Firstly, What is Information Rights Management (IRM) – It is a file-level technology from Microsoft where it uses permissions and authorization to help prevent sensitive information from being printed, forwarded, or copied by unauthorized people. SharePoint supports use of IRM on documents that are stored in document libraries. By using IRM, you can control which actions users can take on documents when they open them from libraries in SharePoint. This differs from IRM applied to documents stored on client computers, where the owner of a document can choose which rights to assign to each user of the document.

Prerequisites -
* The permissions are enforced by using authentication, typically by using Active Directory directory service (AD DS). A Microsoft account can be used to authenticate and grant permission if Active Directory is not implemented.
* Before you apply IRM to a list or library it must first be enabled in Central Administration for your site. It can be configured on a subscription level (new in Office 2013) for cloud-Office 365 services.
* To enable IRM on Libraries admins Must have at least Design Permissions on that library.
* A Server administrator must install Protectors on all front-end Web servers for every file type that they Want to protect using IRM. A protector is a program that controls the encryption and decryption of rights-managed files of a specific file format.
Here is the List of New and Old Features in Information Rights Management (IRM) -

• IRM on Library Files and List attachments - If the IRM is enabled for a library, it applies to all of the files in that library. In the list however, it applies only to files that are attached to list items, not the actual list items.
• Easier to use IRM Settings - Settings UI for a document library has been made easier to use (New).
• New UI settings- Admins can now set the following
  • Set access rights, including rights to print, run scripts to enable screen readers, or enable writing on a copy of the document (new to Office 2013)
  • Set expiration date (the date after which the document cannot be used
  • Control whether documents that do not support IRM protection can be included in the library
  • Control whether Office Web Apps can render the documents in the library (new in Office 2013)
• Office Web Apps can render Protected documents - This means that if an authenticated user does not have a compatible Office client, they can still view the documents using Office Web Apps. Note that in the case of Web Apps, the document is presented in read-only mode.
• Prevent Opening documents – Admins can Prevent Opening documents in the browser for a Document Library by simply selecting a check box on the Information Right Management setting page.
• Protect Documents for a group – An admin can choose an Active Directory group and use it to stamp the usage license for the file. Then, documents that are downloaded can be used by all the members of the group, and the user who downloaded the copy can transfer the copy to any member of the group directly.
• IRM supports PDF files – Since PDF documents are integrated better into SharePoint 2013, PDF readers can register a control to allow simple opening of PDF files, and PDF documents can be protected with Microsoft IRM services.
• IRM by Tenant - IRM Integration can now be configured to be tenant aware, thus providing the ability for each tenant to have different IRM settings.