Enterprise DRM: Protect Your IP & Collaborate to Innovate
By Priya George
Jim Murphy believes that you have to collaborate more effectively to foster innovation for your business. You’ve got to create an environment that makes it easy for you and your partners to freely share ideas. At the same time, you have to protect your IP, and the pressure is higher with easier access to information for competitors and recent events that indicate you have little recourse once it’s exposed. This is where you can implement enterprise Digital Rights Management (EDRM) into your security and content management strategies.
You have to protect the IP
In May last year, in a case known as Apple vs. Does, a California appeals court ruled against Apple’s attempt to force a couple of rumor sites to reveal their sources when they published an insider account of a new Apple product alleged to be in development. The product idea itself, a breakout box for Apple’s music editing application GarageBand, to be called Asteroid, may be of little consequence, but the case has weighty implications for companies striving to protect trade secrets and Intellectual Property (IP).
The California Court of Appeals ruling read, “It is often impossible to predict with confidence which technological changes will affect individual and collective life dramatically, and which will come and go without lasting effects. Any of them may revolutionise society in ways we can only guess at. The lawful acquisition of information necessary to anticipate and respond to such changes is the birthright of every human, formally enshrined for Americans in our state and federal constitutions. The publications at issue here fully implicated that birthright and the interests protected by those constitutional guarantees.” Certainly, there are all sorts of implications about the freedom of the press and the nuances of staid and professional journalism practices versus modern blogging. We’re likely to hear much more about that angle in the future.
But there are also implications for any enterprise creating innovative products. Essentially, such companies carry more responsibility and have less recourse in protecting any trade secrets or IP that leaks through their four walls, whether carried out by involved personnel or accessible through gaps in the security infrastructure.
You’ve Got to Collaborate to Innovate
With enterprises extending their businesses by concentrating on core competencies and partnering or outsourcing noncore functions, more sensitive information, secrets, and ideas in the early stages of their development are leaving the four walls. Someone puts them in their blog, and all bets are off.
Horns of a Dilemma: Is Collaboration at Odds with IP Protection?
In order to collaborate effectively and actively with partners, companies have to be easy to work with. Such innovation itself requires flexibility. It requires an environment that encourages free-flowing ideas, accommodating the various environments and business interests of partner companies and suiting the preferences and work habits of their constituents.
Unfortunately, capturing innovation and protecting IP seems to require the opposite of an environment conducive to collaboration and sharing. Everyone has to use the same, often inflexible, structured system. You want to share, but you don’t want to give anything away. You want people to get together and—as the hackneyed expression goes—create ideas by 'thinking outside of the box.' Then you tell them, effectively, 'Here’s the box you have to use. You must put them in here.'
Protecting IP and trade secrets has to involve protecting the information assets and documents that very likely, by dint of being collaborated upon by parties with various means of access and various systems, must leave the safety and security of a repository, extranet, or portal environment.
Moreover, once the involved collaborators get access to such assets and documents, what’s to prevent them, whether through innocent neglect or devious intent, from getting into damaging hands? Are the remnants still on their PC, in a document folder, a web cache file or an e-mail archive? Have they downloaded a version to their hard drive to review it on an airplane? Can they forward it to others via e-mail? Can they save it to a flash drive? Can they capture a screenshot or copy and paste a key passage or image from a larger file?
Time to Consider Enterprise DRM
Digital Rights Management (DRM) seeks to protect information at the asset level, allowing persistent security controls regardless of the asset’s location or source. Most of the standalone DRM market has been devoted, thus far, to consumer-oriented copyrighted material like software, music, and video, where content providers, publishers, and distributors have extremely high interest in ensuring that people that access their information have paid for it.
Add the word 'Enterprise,' and we’re no longer just talking about meticulously scrutinised and thoroughly reviewed, copyrighted, legally approved documents. We’re talking about shared ideas in the course of their development. We’re talking about the records of online brainstorming sessions, review processes, and communications. We’re talking about information vital to the future of your business. Information that in competitors’ hands, whether accessible to them directly or published on a rumor blog, could spell disaster for your newest, most promising product and service initiatives.
The marketplace
Because of the factors above, and in light of compliance concerns as well, AMR Research believes that EDRM will have to be a more deliberate consideration for companies pursuing collaboration and outsourcing strategies.
Nevertheless, it seems increasingly likely, given software market consolidation and the fact that companies will have to address EDRM in the context of broad content management and compliance strategies that the market won’t stand alone. Surely, vendors in various specific categories like Product Lifecycle Management (PLM) address DRM when using their specific, often proprietary, systems and file formats. But companies need a more comprehensive, pervasive approach.
No system today is foolproof or perfect—as exemplified by the too numerous ways people have found to circumvent DRM assurances in the consumer-oriented music market. Change is inevitable among the vendors and their products, and standards bodies and open source efforts are likely to step up more prominently soon. Still, while today’s EDRM market may be immature and the software imperfect, the requirements are starting to gel. Companies need persistent protection. They need portability and offline support. They need integration with existing systems, from security assets, to content management systems, to e-mail and collaboration platforms, to enterprise applications. They need support for many formats. They need logging and auditing. They need to easily scale and manage EDRM across a massive and growing range of data and document types. They need appropriate usability at the right level of personnel, whether it’s security focused IT, content policy people, or collaborators themselves. They need to govern and manage appropriate transfer of access rights from party to party.
Of all the information a company needs to secure, none is more important than the Intellectual Property (IP)—the written knowledge, information, and know-how a company possesses—used to drive the product innovation engine. The fact is companies that innovate effectively are more successful.
