Over the past three years digital rights management and enterprise rights management have gained attention because of copyright issues involving digital media and leakage of sensitive data. Unfortunately, the terms are often used interchangeably even though they mean different things.

DRM and ERM share common technical concepts, such as encryption to control access to data and application- or device-level functionality to control usage. But DRM focuses on securing static content tied to a per-user access and usage license, while ERM focuses on controlling dynamic content tied to a business process that users may come in and out of on a regular basis. ERM enables companies to extend security to third-party partners, suppliers and customers.

Here are a few more key differences:

-- Content monetization vs. life-cycle control: DRM restricts the access and use of digital files; its business problem is optimal monetization of digital content while protecting the interests of copyright holders.

Today, this content is in the form of music and video files. The goal is to restrict content access to its owner, which is an individual consumer. By contrast, ERM controls access to and usage of electronic data in various formats such as word processor documents, spreadsheets, e-mail, PDF files and CAD diagrams. ERM allows for persistent control of content (regardless of where or when access occurs) and enables an enterprise to control access to intellectual property or other confidential business information that needs to be secured for privacy, competitive or compliance reasons.

Unlike DRM, which tends to deal with static and published content (one song to one consumer), ERM focuses on controlling information throughout its life cycle, and that life cycle is often highly collaborative.

-- The ecosystem and technical implementations differ: Both approaches include the notion of a policy server in which rights are defined, an encryption mechanism that controls access to the data, and a software client or device that enforces the policy (which authenticated user has what rights based on content).

DRM tends to focus on the media format and device, with the two most common systems offered by Apple and Microsoft. Apple's FairPlay software is exclusively tied to the encrypted Advanced Audio Coding format, iPod media player and the iTunes online store. Microsoft is more open with Windows Media DRM in that it licenses components of the DRM platform to other vendors for use.

With ERM, the controls are tied to the native applications, which have the ability to produce and consume protected data in several formats. For example, Microsoft Word supports a number of file formats (.doc, .txt, .xml, .dot, .rtf, .wps, .htm and .html). ERM enablement is accomplished with a provider's software developers kit (SDK) and associated APIs and delivered using one or more of the following approaches: natively by the application vendor, through a plug-in or by an ERM integration agent that leverages the strength of the SDK approach with the flexibility and time to market of a plug-in.

ERM solutions with SDKs include Microsoft's Rights Management Services and Adobe's Policy Server. ERM vendors by acquisition include EMC and Oracle, which use plug-in approaches to application enablement and do not offer an SDK.

Each approach has its advantages and disadvantages; however, only the integration agent provides cross-application control such as secure clipboard, the ability to support all of an application's file formats interchangeably, and enterprise-class management of multiple applications, which simplifies distribution, upgrades and integration.

As a steward of customer and corporate data, understanding the difference between the often controversial DRM and ERM is critical to your organization's agility and long-term success with controlling electronic information.

Gaudet is vice president of product management and marketing for Liquid Machines, which provides an ERM system that supports out-of-the-box integration with Microsoft's RMS. He can be reached at egaudet@liquidmachines.com.