Product Group Tests

Group Test: DRM

Group Summary

Some of the functionality found in DRM products includes encryption, required authentica­tion to access the IP, copy protec­tion, digitally signed media, and the ability to control the lifecycle of the media. Some of these capabilities are extreme and are required only in special cases, but some are common.

Scroll To Full Group Summary Below

Click for a side by side comparison of products
Click for a side by side comparison of products

Full Group Summary

Some people think of digital rights management (DRM) as copy protection. More accurately, DRM applies funda­mental principles of access con­trol to intellectual property. DRM enforces access to and use of doc­uments, art, music and video, etc., rather than simply preventing the copying of it. That makes DRM a bit more complicated than copy protection or watermarking.

Detractors of DRM tend to oversimplify the problem in order to overemphasize the solution. This tends to make DRM appear as a solution looking for a prob­lem. DRM is not just copy protec­tion. Properly implemented, it does not interfere with legitimate use of the intellectual property. Like any other technology, DRM can be abused and, to be sure, there are credible arguments that such abuse certainly has occurred.
For the purposes of our DRM Group Test review this month, we were not interested in how these tools could be over- or excessively used. So, we have evaluated these products in the context of what they purport to do and how well they do it.

One of the challenges when evaluating DRM products is knowing when you have an actual DRM product in the fi rst place. Another challenge is understand­ing what types and extents of pro­tections are present. The two are interlocked because types of pro­tection may dictate whether the item is, in fact, a DRM product.
A key issue in analyzing a DRM tool is what it does. That addresses both issues. For example, does a DRM product need to take an active approach to protecting intellectual property (IP) rights? If the answer to that is "yes," watermarks don't qualify because they simply are. They don't really do anything. They just identify the owner of the IP. But if the product takes measures to prevent copying, as well as other measures to pre­vent transmission of the product to another user, it may very well be a DRM product. Unfortunately, there are few, if any, universally accepted standards that defi ne what DRM really is.

Some of the functionality found in DRM products includes encryption, required authentica­tion to access the IP, copy protec­tion, digitally signed media, and the ability to control the lifecycle of the media. Some of these capabilities are extreme and are required only in special cases, but some are common. For example, a protected document may shred automatically some period of time after it is opened initially. This is not uncommon, but requiring encryption as part of DRM is. Even so, there are times, such as when the IP is in transit between authorized users, when encryp­tion makes sense. The problem is that none of this functionality by itself defines DRM.

Other functionality that is typi­cal of DRM includes copy protec­tion, protection from conversion to other formats, and automatic shredding.

How to buy DRM
If you are planning to buy a DRM product, be sure of your application. For many applications, enterprise rights manage­ment (ERM) may be better for you. This functionality manages access to information assets with­in an organization's enterprise. ERM focuses more on protect­ing against unauthorized access from within the enterprise than does DRM. If you are focusing on intellectual property that you are going to distribute outside of your direct control, you may have a case for DRM. For the pur­poses of this review, we looked at both ERM and DRM.

How we tested
Testing this product group was straightforward. We installed each product as directed and created appropriate IP. Then we protected the IP and attempted to circumvent the protection. We were interested in ease of deploy­ment, ease of management, and effectiveness of the protections claimed. We insisted that the products be either true DRM or ERM. We avoided single function (e.g., copy protection or watermark only) products.

The value for money category required that the product have both a reasonable acquisition cost, plus a reasonable cost of ownership over time. We did not judge products on whether or not they could be used in a politically unpopular way (for example, preventing fair use copies with no way to circumvent a legal function). All we cared about in testing was the efficacy of the product. We leave the politics of DRM to the politicians.

All Products In This Group Test