Most of us handle confidential documents that need an additional layer of safety.
We handle a lot of information in mails that we don't want others to share further.
There are also some kind of documents that solely belong to the organization and should not be shared with anybody outside the organization (who does not have the company domain name in their email id).
We want to confine the document to only a set of users that can be identified by their email ids.
We want to share the document with others (through mail or using SharePoint/One Drive for Business) but we don't want them to edit it, copy it, modify the contents or even print it.
The IRM feature in Office 365 is a powerful feature that will safeguard our files, mails and company's intellectual property with an extra layer of security.
MS Office documents (Word, Excel and PowerPoint) can be protected with this IRM at the File tab. When we click on the File tab, we can see the "Protect document" feature.
When we click this option, we can see "Restricted access" option. This will provide all the Safety policy templates provided by the Enterprise. (Unrestricted access will be the default). We can choose one of those templates to apply the respective policy. (If a policy is to be frequently used, a request to create the template can be sent to the O365admin)
We can also define our own customized safety policy by choosing "Restricted access" option. Here we can include specific email ids of users who can read or change the content (can't print).
If we want allow printing or copy content (for read only users) or if we want to set an expiry date (time bomb) for the document, we can click on "More options on the "Permissions" dialogue box.
IRM protection can be applied to PDF as well as XPS files too.
Any document with such an IRM feature applied carries with it this security policy and so travels along with the document – whether through mail or into SharePoint or OneDrive for Business. So, this policy gets activated at the time of opening the document.
Even mails from Microsoft Outlook can be protected likewise with an IRM policy. The permissions are found under the "Options" tab. Once applied, the mail will carry with it this policy and will apply this policy at the point of access.