Information Protection and Control (IPC) in Microsoft Exchange Online with AD RMS whitepaper

Due to increased regulation, the consumerization of IT (CoIT) and the “Bring Your Own Device” (BYOD), enterprises of all sizes are facing growing needs to protect sensitive information. At the same time, enterprises have a need to share that same information amongst appropriate employees within and outside the corporate network.

Microsoft Active Directory Right Management Services (AD RMS) provides the capability on-premise to create and consume protected content such as e-mail and documents. As of today, such a capability is also leveraged by the Microsoft Exchange Online services through the Information Protection and Control (IPC) features to apply persistent protection to e-mail messages and attachments.

Built on existing Microsoft documentation and knowledge base articles, this paper presents how to leverage the corporate on-premise AD RMS infrastructure in the organization’s Office 365 tenant, and more especially with Microsoft Exchange Online.

This document is intended for system architects and IT professionals who are interested in understanding the basics of cross-premise support for AD RMS on-premise and Exchange Online along with planning and deploying such a deployment model in their environment. It also provides basic instructions for setting up and configuring an AD RMS single-node cluster in a test lab environment for the cross-premise deployment with Exchange Online.

This paper is part of a series of documents on the identity and security features of Office 365, and more especially is the second guide of the series. It indeed completes a first whitepaper entitled Microsoft Office 365 Single Sign-On (SSO) with AD FS 2.0 also available on the Microsoft Download Center. This first whitepaper of the series is intended to provide a better understanding of the different single sign-on deployment options for the services in Office 365, how to enable single sign-on using corporate Active Directory credentials and AD FS 2.0 to the services in Office 365, and the different configuration elements to be aware of for such deployment.

Supported Operating Systems

Windows 7, Windows Server 2008, Windows Server 2008 R2, Windows Vista

• Active Directory from on-premises to the cloud
• Office 365 Single Sign-On with AD FS 2.0 whitepaper
• Office 365 Single Sign-On with Shibboleth 2 whitepaper
• Information Protection and Control (IPC) in Office 365 Preview with Windows Azure AD Rights Management whitepaper