Search This Blog

Friday, February 5, 2016

SharePoint Online, Windows Intune, Information Rights Management and a cherry pie

SharePoint Online, Windows Intune, Information Rights Management and a cherry pie

A short story on how Windows Intune, Information Rights Management SharePoint Online can work together while eating a delicious cherry pie.

First things first. What's what?

SharePoint Online 

Organizations use SharePoint to create websites. You can use it as a secure place to store, organize, share, and access information from almost any device. All you need is a web browser, such as Internet Explorer, Chrome, or Firefox.

Windows Intune

Microsoft Intune offers features for the management of mobile devices and applications, and pc management from the cloud. With Intune enables organizations to their employees virtually anywhere and on virtually any device access to enterprise applications, data and business information sources and at the same time secure.

Information Rights Management

Within SharePoint IRM protection is applied to files on the list and library level. Before your organization can make use of IRM protection, you must first set up Rights Management. IRM SharePoint Online is based on the Active Directory Rights Management service Microsoft Azure (Microsoft Azure AD RM) to encrypt and assign usage restrictions.

How can Windows Intune, IRM and SharePoint Online benefit from each other?

Really short: Windows Intune enables organizations to mark devices as trustworthy, or not. This makes it possible to say (for instance) : hey! Only devices I trust are allowed to access to SharePoint Online or corporate email.

A typical flow for conditional access might look as follows:

Use conditional access to manage access to Microsoft Exchange On-premises, Exchange Online, Exchange Online Dedicated, and SharePoint Online.

This shows how Microsoft Windows Intune and SharePoint Online work seamlessly together.

How does IRM help in this picture?
IRM helps secure confidential content in the following ways:
- prevent an authorized user to copy content for unauthorized use, customize, print, fax or copy and paste.
- prevent an authorized user to copy the content with the print screen feature of Microsoft Windows.
- prevent an unauthorized user to display the content that is sent in an e-mail message after being downloaded from the server.
- Access to content is limited to a specified period, after which users must confirm their credentials and need to download the content again.
- Assists in the implementation of corporate policy for use and dissemination of content in your organization.


Microsoft has done a great job in advanced security and protection of your intellectual property. Please use your own intellect by properly following the plan-do-act circle!

No comments:

Post a Comment