(This post was published on the original RMS team blog in July 2009.)
Organizations using AD RMS often take advantage of rights policy templates to enable users to protect information according to a predefined set of rights. Many customers are asking us, what specific policy templates are used by the IT organization at Microsoft? Following are examples of the policy templates used by Microsoft’s IT organization:
- Microsoft Confidential - This template uses the Microsoft All Staff distribution group. This group includes all Microsoft full-time employees (FTEs), contractors, and vendor staff. Any person not included in this distribution group, such as people outside the company, cannot open content protected through this template. This template provides the following rights: View, Reply, Reply All, Save, Edit, and Forward.
- Microsoft Confidential Read Only - This template uses the Microsoft All Staff distribution group. This group includes all Microsoft full time employees (FTEs), contractors, and vendor staff. Any person not included in this distribution group, such as people outside the company, cannot open content protected through this template. This template provides the following rights: View.
- Microsoft FTE Confidential - This template uses the Microsoft All FTE distribution group. This group includes only Microsoft full-time employees (FTEs). Any person not included in this distribution group, such as contractors, vendors, and people outside the company, cannot open content protected through this template. This template provides the following rights: View, Reply, Reply All, Save, Edit, and Forward.
- Microsoft FTE Confidential Read Only - This template uses the Microsoft All FTE distribution group. This group includes only Microsoft full-time employees (FTEs). Any person not included in this distribution group, such as contractors, vendors, and people outside the company cannot open content protected through this template. This template provides the following rights: View.
- Do Not Reply All – This template simply restricts recipients from using the Reply All function. This prevents large volumes of response traffic to messages sent to many recipients.
An end user can specify a rights policy template when she creates new content. This helps to ensure that she can easily comply with her organization’s information security policy. Rights policy templates are an important and commonly-used feature of AD RMS.
You can learn more about rights policy templates in the Microsoft TechNet topic, AD RMS Policy Template Considerations . This topic provides an overview of the technical considerations you must make when using AD RMS rights policy templates. It includes details about specific rights, template location, template distribution, scripting, and other information.