Information Rights Management (IRM) & SharePoint - can the system administrators view the content of a protected file?
-
21-08-2019 - |
Question
We are considering deploying a MOSS site for our HR department but there is some concern over the system administrators being able to access the highly confidential material regarding performance and salaries. It appears that IRM is the silver bullet we are looking for providing the MOSS System Administrators CAN NOT open the documents to view the content.
Can anyone confirm that IRM will secure the content from our Sys Admins in our MOSS Site?
Thanks! -Tim
Solution
There are 2 ways in using IRM with SharePoint:
SharePoint integrated mode: In this mode, IRM is applied on the document on the fly with correct permission when the user download it. In this case the document is stored unprotected, so administrator with direct access to the SQL database can view the content of the document.
"Standard": If IRM is applied on the document before uploading it to SharePoint, the document is stored protected (there are 2 protections: SharePoint permissions AND IRM permissions). So even SQL administrator won't be able to extract the document in this case. However, there are some side effects: for example search won't work as the search engine won't be able to extract the content of the document.
In your case, you will need to use the second solution: encrypt the documents before uploading them to SharePoint.
OTHER TIPS
Have you looked at Adeptol Rights management for sharepoint at www.adeptol.com