Problems that RMS Solves

Author Name
Yoshi Munchakoopas
  • Author Name
  • Author Name
  • Author Name

Business Requirements

Protect all file types

In previous implementation of Rights Management, only Office files could be protected, using native protection. Now, generic protection means that all file types are supported.

Protect files anywhere

When a file is saved to a location (protect in-place), the protection stays with the file, even if it is copied to storage that is not under the control of IT, such as a cloud storage service.

Share files securely by email

When a file is shared by email (share protected), the file is protected as an attachment to an email message, with instructions how to open the protected attachment. The email text is not encrypted, so the recipient can always read these instructions. However, because the attached document is protected, only authorized users will be able to open it, even if the email or document is forwarded to other people.

Support for all commonly used devices, not just Windows computers

Supported devices include:

Support for business-to-business collaboration

Because Azure RMS is a cloud service, there’s no need to explicitly configure trusts with other organizations before you can share protected content with them. If they already have an Office 365 or an Azure AD directory, collaboration across organizations is automatically supported. If they do not, users can sign up for the free RMS for individuals subscription.

Support for on-premises services, as well as Office 365

In addition to working seamlessly with Office 365, you can also use Azure RMS with the following on-premises services when you deploy the RMS connector:

Easy activation

Activating the Rights Management service for users requires just a couple of clicks in the Azure portal.

IT Administration Requirements

Ability to scale across your organization, as needed

Because Azure RMS runs as a cloud service with the Azure elasticity to scale up and out, you don’t have to provision or deploy additional on-premises servers.

Ability to create simple and flexible policies

Customized rights policy templates provide a quick and easy solution for administrators to apply policies, and for users to apply the correct level of protection for each document and restrict access to people inside your organization.

For example, for a company-wide strategy paper to be shared with all employees, you could apply a read-only policy to all internal employees. Then, for a more sensitive document, such as a financial report, you could restrict access to executives only.

Broad application support

Auditing and monitoring

You can audit and monitor usage of your protected files, even after these files leave your organization’s boundaries.

For example, you work for Contoso, Ltd. You are working on a joint project with 3 people from Fabrikam, Inc. You email these 3 people a document that you protect and restrict to read-only. Azure RMS auditing can provide the following information:

IT must maintain control of data


If you are familiar with the on-premises version of Rights Management, Active Directory Rights Management Services (AD RMS), you might be interested in the comparison table from Comparing Azure Rights Management and AD RMS.

Security, Compliance, and Regulatory Requirements

Azure RMS supports the following security, compliance and regulatory requirements:

For more information about these external certifications, see the Azure Trust Center.