Office 365: Information Rights Management

Information Rights Management is being rolled out to Office 365 right now.  I read about it here, and decided to go into my tenant and try it out.  This is very exciting!  What is Information Rights Management?  The quick explanation is that it lets you have tighter control over what happens to your files (mostly just MS Office files) once they have been emailed out or downloaded to people’s computers.  You can define things like whether they are allowed to print it, or even set the content to expire after a certain date.  This is not a new thing, but it’s always been something out of reach and very expensive, and now I see that it exists right there in my (Office 365 Enterprise E3) tenant!!!!

I tried it out today, and wanted to share with you the steps I went through to turn it on.  You need to be an Office 365 admin to be able to do this.

1. In Office 365, at the top right, click the Gear or the Admin button and go to Office 365 Admin.
2. Expand Service Settings on the left, and click Rights Management.
   8/2/2016 Update: Expand Settings on the left, click Services and add-ins, and then click Microsoft Azure Rights Management.
   
3. Click Manage Microsoft Azure Rights Management settings.
4. On the left it will say Rights Management is not activated.  Click the Activate button.  Do you want to activate Rights Management, click Activate.
   
5. Back at your Office 365 admin center, expand the Admin section on the left, and choose SharePoint.
6. In your SharePoint admin center, click Settings on the left.
   
7. Scroll down to the Information Rights Management section, and choose Use the IRM service specified in your configuration.  Click Refresh IRM Settings.  Scroll down and click OK.  This won’t work if you haven’t done all the previous steps.  I know, because this is the part that I tried first.  
   
8. Now go to the library in SharePoint that you would like to protect with Information Rights Management.  (note that this is something completely different than an information management policy).  Go to the Library Settings page.
9. Click Information Rights Management.
   
10. Check the box to restrict permissions on this library on download.  Give it a name and description.
    
11. Click the Show Options link in gray.  THIS IS AWESOME.  This stuff only applies to the file when people open it in the client software, and has nothing to do with what can be done with the file if they’re looking at it in the browser.
    
12. You can read all about these additional settings here:  Apply Information Rights Management to a list or library.  Notice that under the Configure document access rights, I left a bunch of boxes unchecked.  This only applies to people who only have SharePoint permissions to read or view these files.  I don’t want them to be able to print it, and I don’t even want them to be able to type in it at all.  Click OK.
13. I logged in as a user who only has read permissions to this library.  Notice that when I click the File menu, the options such as Save, Save As, and Print are grayed out:
    Also, when I try to type in the file, simply nothing happens.  This is so cool, people as for this type of thing ALL the time!  Oh, and by the way, when using IRM, apparently there is no more option to edit the file in the browser using Office Web Apps.

Here are some reference links:

Using Azure Rights Management: http://technet.microsoft.com/library/en-us/jj585006

Office 365 trust center: http://trust.office365.com/