by

Rms Sharing App For Mac

-->
  1. Rms Mobile App
  2. Rms Sharing App For Mac Windows 10
  3. Rms Sharing App For Mac Download
  4. Rms Sharing App For Mac Download
  5. Microsoft Rms Sharing Application Pc

Applies to: Azure Information Protection, Office 365

Use the following information to identify the applications and solutions that natively support the Azure Rights Management service (Azure RMS), which provides the data protection for Azure Information Protection.

For these applications and solutions, Rights Management support is tightly integrated by using the Rights Management APIs to support usage restrictions. These applications and solutions are also known as 'RMS-enlightened.'

Sharing

Rights Management Sharing Application for Windows.; 2 minutes to read; In this article. Applies to: Active Directory Rights Management Services, Azure Information Protection End of support notification: The Rights Management sharing application for Windows is now replaced by the Azure Information Protection client.Support for this older application ended January 31, 2019.

Unless stated otherwise, the supported capabilities apply to both Azure RMS and AD RMS. In addition, AD RMS support on iOS, Android, macOS, and Windows Phone 8.1 requires Active Directory Rights Management Services Mobile Device Extension.

RMS-enlightened applications

The following table displays RMS-enlightened client applications from Microsoft and software vendors.

For information about viewing protected PDF documents, see Protected PDF readers for Microsoft Information Protection.

Information about the table columns:

  • Email: The email clients that are listed can protect the email message itself, which automatically protects any attached Office files that are not already protected. In this scenario, the client’s preview feature can display the protected content (message and attachment) to authorized recipients. However, if an email message itself is not protected but the attachment is protected, the client’s preview feature cannot display the protected attachment to authorized recipients.

    Tip: For email clients that don't support protecting emails, consider using Exchange Online mail flow rules to apply this protection.

  • Other file types: Text and image files include files that have a file name extension such as .txt, .xml, .jpg, and .jpeg. These files change their file name extension after they are natively protected by Rights Management, and become read-only. Files that cannot be natively protected have a .pfile file name extension after they are generically protected by Rights Management. For more information, see the File types supported from the Azure Information Protection client admin guide.

Device operating systemWord, Excel, PowerPointEmailOther file types
WindowsOffice 365 apps [1]
Office 2010
Office 2013
Office 2016
Office 2019
Office for the web (viewing protected documents) [2]
Web browser [3]		Outlook 2010
Outlook 2013
Outlook 2016
Outlook 2019
Outlook from Office 365 ProPlus
Web browser [4]
Windows Mail [5]		Visio from Office 365 apps, Office 2019, and Office 2016: .vsdm, .vsdx, .vssm, .vstm, .vssx, .vstx
Azure Information Protection client for Windows: Text, images, pfile
SealPath RMS plugin for AutoCAD: .dwg
iOSGigaTrust
Office Mobile
Office for the web [2]
TITUS Docs
Web browser [3]		Azure Information Protection app (viewing protected email)
BlackBerry Work
Citrix WorxMail
NitroDesk [5]
Outlook for iPad and iPhone [5]
TITUS Mail
Web browser [4]		Azure Information Protection app (viewing protecting text and images)
TITUS Docs: Pfile
AndroidGigaTrust App for Android
Office for the web [2]
Office Mobile (unless using sensitivity labels, limited to viewing and editing protected documents)
Web browser [3]		9Folders [5]
Azure Information Protection app (viewing protected emails)
BlackBerry Work
GigaTrust App for Android [5]
Citrix WorxMail
NitroDesk [5]
Outlook for Android [5]
Samsung Email (S3 and later) [5]
TITUS Classification for Mobile
Web browser [4]		Azure Information Protection app (viewing protected text and images)
macOSOffice 365 apps
Office 2019 for Mac
Office 2016 for Mac
Office for the web [2]
Web browser [3]		Outlook 2019 for Mac
Outlook 2016 for Mac
Web browser [4]		RMS sharing app (viewing protected text, images, generically protected files)
Windows 10 MobileOffice Mobile apps (viewing protected documents using Azure RMS)
Web browser [3]		Citrix WorxMail
Outlook Mail (viewing protected emails)
Web browser [4]		Not supported
Blackberry 10Web browser [3]Blackberry email [5]
Web browser [4]		Not supported
Footnote 1

Includes:

  • Office apps minimum version 1805, build 9330.2078 from Office 365 Business or Microsoft 365 Business when the user is assigned a license for Azure Rights Management (also known as Azure Information Protection for Office 365)
  • Office 365 ProPlus apps
Footnote 2

Supported only with Microsoft SharePoint and OneDrive, and the documents are unprotected before they are uploaded to a protected library.

Footnote 3

For Office attachments that are protected by using Office 365 Message Encryption with the new capabilities.

Footnote 4

If the sender and the recipient are part of the same organization. Or either of the following conditions:

  • The sender or the recipient are using Exchange Online.
  • The sender is using Exchange on-premises in a hybrid configuration.
Footnote 5

Uses Exchange ActiveSync IRM, which must be enabled by the Exchange administrator. Users can view, reply, and reply all for protected email messages but users cannot protect new email messages.

If the email application cannot render the message because the Exchange ActiveSync IRM is not enabled, the recipient can view the email in a web browser when the sender uses Exchange Online, or Exchange on-premises in a hybrid configuration.

More information about Azure RMS support for Office

Azure RMS is tightly integrated into the Word, Excel, PowerPoint, and Outlook apps, where this functionality is often referred to as Information Rights Management (IRM).

See also: Office Applications Service Description

Windows computers for Information Rights Management (IRM)

The following Office client suites support protecting files and emails on Windows computers by using the Azure Rights Management service:

  • Office apps minimum version 1805, build 9330.2078 from Office 365 Business or Microsoft 365 Business when the user is assigned a license for Azure Rights Management (also known as Azure Information Protection for Office 365)

  • Office 365 ProPlus

    These editions of Office are included with most but not all Office 365 subscriptions that include data protection from Azure Information Protection. Check your subscription information to see if Office 365 ProPlus is included. You'll also find this information in the Azure Information Protection datasheet.

  • Office Professional Plus 2019

  • Office Professional Plus 2016

  • Office Professional Plus 2013

  • Office Professional Plus 2010 with Service Pack 2

All editions of Office (with the exception of Office 2007) support consuming protected content.

When you use the Azure Rights Management service with Office Professional Plus 2010 and Service Pack 2 or Office Professional 2010 with Service Pack 2:

  • Requires the Azure Information Protection client for Windows.

  • Not supported on Windows 10.

  • Does not support forms-based authentication for federated user accounts. These accounts must use Windows Integrated Authentication.

  • Does not support overriding template protection with custom permissions that a user selects with the Azure Information Protection client. In this scenario, the original protection must first be removed before custom permissions can be applied.

Mac computers for Information Rights Management (IRM)

The following Office client suites support protecting files and emails on macOS by using Azure RMS:

  • Office 365 ProPlus

  • Office Standard 2019 for Mac

  • Office Standard 2016 for Mac

All editions of Office for Mac 2019 and Office for Mac 2016 support consuming protected content.

Tip: To get started with protecting documents by using Office for Mac, you might find the following FAQ useful: How do I configure a Mac computer to protect and track documents?

More information about the Azure Information Protection app for iOS and Android

The Azure Information Protection app for iOS and Android provides a viewer for rights-protected email messages (.rpmsg files) when these mobile devices don't have an email app that can open protected emails. This app can also open rights-protected PDF files, and pictures and text files that are rights-protected.

If your iOS and Android devices are enrolled by Microsoft Intune, users can install the app from the Company Portal and you can manage the app by using Intune's app protection policies.

For more information about how to use app, see the FAQ for Microsoft Azure Information Protection app for iOS and Android.

More information about the Azure Information Protection client for Windows

For more information, see the following resources:

  • Azure Information Protection client administrator guides:

  • Azure Information Protection client user guides:

Download the relevant app by using the links on the Microsoft Azure Information Protection page.

More information about the Rights Management sharing app

Rms Mobile App

For Mac computers, the Rights Management sharing app offers a viewer for protected PDF files (.ppdf), protected text images, and generically protected files. It can also protect image files, but not other files. To protect Office files on these computers, use Office for Mac or Office 365 ProPlus.

For more information, see the following resources:

Download the Rights Management sharing app for Mac computers by using the link on the Microsoft Azure Information Protection page.

Mac

More information about other applications that support Azure Information Protection

In addition to the applications in the table, any application that supports the APIs for the Azure Rights Management service can be integrated with Azure Information Protection, which includes:

  • Line-of-business applications that are written in-house by using the RMS SDKs

  • Applications from software vendors that are written by using the RMS SDKs.

For more information, see the Azure Information Protection Developer's Guide.

Mac presentation app. MacOS Mojave or later required. Downloading apps requires an Apple ID. IOS 12 or later required. Pages for Mac, Numbers for Mac, and Keynote for Mac are available on the Mac App Store.

Applications that are not supported by Azure RMS

The following applications that are not currently supported by Azure RMS include the following:

  • Microsoft OneDrive for SharePoint Server 2013

  • XPS Viewer

In addition, the Azure Information Protection client has the following restrictions:

  • For Windows computers: Requires a minimum version of Windows 7 Service Pack 1

RMS-enlightened solutions

For the latest information about solutions that support the Azure Rights Management service and Azure Information Protection, see the blog post, Microsoft Ignite 2019 – Microsoft Information Protection solutions Partner ecosystem showcase.

Next steps

To check for other requirements, see Requirements for Azure Information Protection.

For more information about how the most commonly used applications support the Azure Rights Management service, see How applications support the Azure Rights Management service.

For information about how to configure the most commonly used applications for the Azure Rights Management service, see Configuring applications for Azure Rights Management.

Rms Sharing App For Mac Windows 10

Before I discuss the limitations of any product, I try my best to point out all of the things I appreciate about a product. In general, you will not hear Microsoft tell you about product limitations. I suspect it is a culture thing. But then again, do you expect a new car salesman to tell you about the limitations of the car they are trying to sell you?

So let me first point out that I have been a longtime fan of Microsoft’s Rights Management Services (RMS) which debuted in Windows Server 2003. As the product evolved over the years into what is now called Azure Information Protection, I became an even greater admirer of the product as well as the team within Microsoft responsible for its development.

A key milestone came when RMS was ported to Azure, because it became easy to enable (with one mouse click), eliminating the effort to configure servers on-premises, and especially the underlying Public Key Infrastructure (PKI) environment that RMS required.

Brother iPrint&Scan is a free application that lets you print from and scan to your Windows Phone device. Brother scan software für mac. Use your local wireless network to connect your Windows Phone device to your Brother printer or all-in-one.

With the rise in popularity of Office 365 (100 Million subscribers), many began to take advantage of RMS because it is included for free in the most popular business subscription (known as the “E3” license).

One of my favorite RMS features came in September of 2015, when Microsoft announced Document Tracking and Revocation capabilities (here). I’m still amazed by how cool this feature is, allowing you to see a map of the world and the location of where your documents have been opened!

Another key milestone in the evolution of RMS came when they acquired Secure Islands (announced by Takeshi Numoto on 11/9/2015). Six months later, Dan Plastina (@TheRMSGuy) first announced on 6/22/16 (here) that RMS would be rebranded as “Azure Information Protection” (AIP) and later reached general availability in October 2016 (here).

AIP is a truly jaw-dropping experience. As you are authoring content, the document will automatically be labeled and encrypted with a strong 2048 bit encryption key on-the-fly if sensitive information is found (ex: credit card numbers, social security numbers, or data you define as sensitive using regular expressions).

As a consultant, my job is to listen to customer problems, and then recommend solutions. This leads me to the title of this post – AIP Limitations.

1. External Sharing using AIP with business partners who are still running Office 2010 (or older) needs improvement

When you protect a document with AIP, and you want to send that document to an external user, things go smoothly if they are running Office 2013 or Office 2016.

However, a lot of companies still run Office 2010. This is what their experience would look like:

“Dear External User,

We would like to share sensitive documents with you. If you are running Office 2013 or 2016, and if you have an Office 365 subscription, then you should be able to open the attachments without a problem.

Otherwise, if you are using Office 2010, you will need the following before you can open the documents we send you:

      1. Local Administrator Rights are required to install the Azure Information Protection Client
      2. Download and install the Azure Information Protection Client
        1. If you are running Windows 7, you first need to install KB 2533623 (This will require a reboot)
        2. Note: Office 2010 require Microsoft Online Services Sign-in Assistant version 7.250.4303.0. This version is included with the AIP client installation, however, if you have a later version of the Sign-in Assistant, uninstall it before you install the Azure Information Protection client.
        3. Note: The AIP Client will automatically install the .NET 4.6.2 Framework, so be sure not to deploy this on any machine that has known compatibility issues with the 4.6.2 framework.
      3. Be advised, that in some cases, even if you follow all of the steps above, you may still get an error message when attempting to open an RMS or AIP protected document in Office 2010. The work-around is to create a few registry entries for the service location as documented in the AIP Client Admin guide (here).

If you do not have an Office 365 Subscription, you will need to sign up for “RMS for Individuals” (this is a free identity platform that allows you to open the documents we send to you).”

2. Ad/Hoc External Sharing using an AIP Label is not possible

Let’s say you get a call from a new customer or business partner who wants you to send them a Microsoft Word document. The document is too large to email so you host it in online storage (ex: OneDrive, SharePoint, Dropbox, etc). You might be tempted to click an AIP label that says “Business Partner” or “Client Confidential” but that would not work in the current implementation of AIP, because the Labels must be associated with an RMS Template, and RMS Templates must be associated with Mail Enabled Security Groups, and those Groups must contain a Contact Object. Since normal end-users cannot create contact objects in their Active Directory or Azure Active Directory, they must submit a helpdesk ticket for the external contact to be created, then added to the appropriate Mail Enabled Security Group. You get the picture that this process just broke down fast. Essentially, there is no way with AIP today to associate a label with ad/hoc external sharing. Labels can only be used for defined and known business partners who are pre-configured as contact objects in a group associated with an RMS template that is then tied to a Label. It would be just as exhausting to implement this in a process as it was to type this all out I am sure!

Rms Sharing App For Mac Download

3. There is no Mac OSX client for Azure Information Protection.
The work-around, as best as I can tell, is to have Mac users try the legacy “RMS Sharing App” for Mac OSX. This was the application written before the AIP client was released.

4.In April of 2016, there was a vulnerability discovered in the RMS technology that allows someone with View rights to escalate their privilege and change the document by stripping RMS from the document (which could be potentially undesirable if they then re-share that document with unauthorized parties, or if that document is exposed in the wild (ex: lost/stolen laptop, ransomware, etc). This is documented on Wikipedia here, and proof of concept code is available for testing from GitHub (here). This issue isn’t too great in my opinion, because it requires that one of the named users who is authorized to view the document has to compromise the document. In other words, an unauthorized party cannot break the 2048 bit encryption.

5.OneDrive.
Protecting documents with AIP or RMS automatically when they are uploaded to OneDrive is currently not a great idea. First, Microsoft has removed the navigation button permitting you to do this, so you would have to find the direct hyperlink to the document library settings to enable IRM on your OneDrive document library. Even if you were to do this, it would prevent you from sharing any of those documents with outside users because there is no straight-forward way to make a OneDrive library’s IRM settings understand external users. It essentially ends the ad/hoc sharing capabilities of OneDrive. Perhaps that is why MSFT removed the navigation button for site settings in OneDrive.

So given these limitations, what do I recommend?

  • I recommend you use AIP to protect sensitive information that should be accessible to internal employees, or known/named individuals from business partners. When communicating with the business partner for the first time, try to find out if they use Office 2010, and if so, warn them that it will be a rocky road for them (see sample email template above). Fortunately, Office 2013 and 2016 seem to natively open AIP encrypted documents.
  • If you need to share documents with encryption in transit, then use Office 365 Message Encryption (OME). The limitation of OME (today) is that the recipient can save the document and do anything they want to it (the encryption does not follow the attachments after the recipient saves it to their computer). This will be resolved with the upcoming Secure Email feature that was announced at the 2016 Ignite conference.
  • If you need to securely share emails and documents with Gmail users, then wait for the upcoming Secure Email solution that was announced at the 2016 Microsoft ignite conference (watch the video here, starting around the 46 minute mark).

Will things get better? In many cases, yes, however, not for the external user who needs to edit the AIP/RMS protected document using Office 2010.
The proposed Secure Email solution will make it seemless for any user to VIEW AIP/RMS protected documents by providing a web-browser experience. But if the business process requires the external user to make changes and send those back, my understanding is that capability is not going to be in Secure Email when it is released (from what I have heard anyway). To be clear, if the external user is given edit rights, and if they are still on Office 2010, they are going to have the same pain points as I described above with Office 2010.

AIP can be licensed in one of four methods:

Rms Sharing App For Mac Download

  1. You can get AIP as a standalone license for $2/user/month.
  2. You can get AIP as part of the Azure Active Directory Premium P1 or P2 license families.
  3. You can get AIP in the Enterprise Mobility + Security E3 or E5 license families.
  4. Or you can get AIP as part of the Secure Productive Enterprise E3 or E5 license families.

If you just need the original RMS capabilities (encryption, access control and policy enforcement) then you can license that individually or as part of the Office 365 E3 license.

Microsoft Rms Sharing Application Pc

If you need the Document Tracking and Revocation Capabilities, you’ll find that in the Enterprise Mobility + Security E3 or Secure Productive Enterprise E3.

Note: AIP automatic labeling is an advanced feature that requires the AADP P2, or EMS E5, or SPE E5 license. Otherwise, the down-level version of AIP requires the user to manually label documents they create.