Employees need to be able to share documents with each other and with customers, partners, and suppliers, but once these documents leave the cozy confines of your firewall, making an electronic or physical copy becomes a simple matter. This is where information rights management (IRM) comes into play. IRM enables an organization to build policies around document types and user groups and to apply a set of rules to ensure that you can apply an element of control when employees share documents. A good way to think about it, says Melissa Webster, an analyst at IDC, is as digital rights management for corporate documents. At the core of any IRM system is the policy server where you define a set of rights as broadly or narrowly as you require. Information rights management provides one way to protect documents wherever they go, even if it places a requirement on end users to load a client.