Additionally, it enforces segregation of duties between roles. Every process that is protected by SealedMedia has an audit trail that can be followed for compliance with Sarbanes-Oxley, HIPAA and other regulations.

And it's not just about "who" opens the documents.

Attempts to take screen shots or print documents results in a watermark of SealMedia's logo and not the information held within the document. All of this is centrally controlled by the enterprise rather than relying on the individual or discretionary access control.

This helps enforce security policies and classification policies from the top down. The product also scales well for global environments and works in both online and offline modes. You could go even further by limiting access to a document to a specific time and location (those obviously may need to be relaxed for those that travel extensively such as a VP or CEO).

What impressed me the most was how easy it was to deploy and use. In fact, I'd even go as far to say that even a CEO could use it. In my tests with SealedMedia, I was able to experiment with the product in less than 5 minutes (the footprint is small at 6MB) and as an end-user, it interacted with my desktop and applications transparently.

The product will work with most desktop applications, particularly common Microsoft desktop products, and a variety of non-Microsoft applications such as Lotus notes and CAD applications on Microsoft desktop operating systems. It works with a single sign-on option within Windows domains and has an option for non-Windows authentication.

Additionally, if a user does attempt to access a document they are not supposed to, there is a customizable error screen for who they would contact to get appropriate rights. All in all it was an impressive product.

There were minor issues, however. During my tests my Start button just went black. I suspect, however, that behavior was due to another product interfering with the SealedMedia product. Sadly, I never was able to take the time to troubleshoot it. Additionally, it does still rely on the use of passwords so the issue of "sticky gardens" still may be of issue, but that is, in my opinion, more of a policy and training issue than a specific weakness in the product.

The other issues are somewhat related in that the product must be installed on the desktop and SealedMedia must be kept up to date with application advances. While the rollout over an enterprise takes about an hour, if a client or employee is accessing data in an environment where the new version cannot be installed, well, then they are out of luck.

But this may be a limitation of the inherent security environment in general. I mean, really, would you want your important employees accessing proprietary data from the local coffee shop on some unknown and uncontrolled desktop? Better to have them lug around their expensive laptop and use SealedMedia to protect their documents.

Maybe we can see fewer headlines like "Source: Theft of vets' data kept secret for 19 days" and more "It's sunny! Go out and relax!"

SealedMedia E-DRM 5.0 is available now. Contact the company for pricing

This article was first published on EnterpriseITPlanet.com.