Skip navigation

Of Location Services and Secure Documents

This week, I have several short topics to discuss. I'll bring you up-to-date about location-based services and let you know about an interesting update to Microsoft's enterprise rights-management solution.

Using Location-Based Services in the Enterprise
Last fall, my wife and I drove up to Maine a few times, looking for potential vacation homes. We ended up not buying anything, but that doesn't mean we didn't find the sites we were looking for. Thanks to a Microsoft-branded Pharos GPS locator and a copy of Microsoft Streets & Trips 2005 running on my laptop, we were able to quickly and easily find each location we planned to visit, despite the fact that we had never been to the area.

Those trips weren't my first exposure to GPS, but that experience served as a helpful reminder that GPS is useful to nontechnical users: My wife was quite intrigued by the device despite having a nonchalant attitude about technology in general. Streets & Trips is a useful application as is, but when coupled with a GPS Locator, it takes on an all-new level of functionality. With GPS, you can see exactly where you are. And you can change your directions dynamically to meet your needs. If you take a wrong exit, for example, you can easily get back on track.

Although Streets & Trips is decidedly consumer-oriented, the Microsoft MapPoint client is a Microsoft Office System application aimed at businesses. Those two tools, plus Microsoft Pocket Streets 2005 for Pocket PC, Pocket Streets 2005 for Smartphone, and the Web-based MSN Maps & Directions, all use Microsoft's back-end MapPoint Web Service to provide mapping and location services. Microsoft also offers a MapPoint Location Server (MLS) product to businesses that need to track shipments, vehicles, and salespeople in the field. These products are typically coupled with GPS technology in cell phones, PDAs, or laptops.

This week, MLS got a bit more interesting thanks to a new agreement between Microsoft and Sprint. In what I'm told will be the first of several such agreements in the United States, MLS can now integrate with the Sprint Business Mobility Framework. This means that an MLS server sitting behind the firewall in your corporate network can now communicate with mobile devices--primarily cell phones and smartphones at this time--using an MLS provider for Sprint. Previously, Microsoft had partnered with mobile operators in Canada and Europe to provide similar services.

The deal with Sprint is interesting because it's only the beginning. Previously, companies seeking to discover asset location in real time had to resort to expensive black box solutions, each of which came with its own set of capabilities. With MLS and Sprint, and eventually other mobile carriers, this type of service can be had more inexpensively. And developers creating custom applications won't need to worry about the differences between each network: An MLS provider will do that work for them.

Pharos GPS products

MapPoint Location Server

Sprint Mobility Framework

Windows RMS SP1
Last month, Microsoft released Windows Rights Management Services (RMS) Service Pack 1 (SP1), a major update that current RMS users will likely want to deploy quickly. For those still sitting on the fence, SP1 might put the product over the top.

I covered RMS fairly extensively in December 2003 when the product first shipped (see the URLs below). The basics haven't changed: The product is still a software platform that offers policy-based protection for sensitive information. With SP1, however, the product has become more useful to more customers.

First, you can now deploy RMS to secure networks that will never be connected to the Internet (a so-called air gap network). Previously, two RMS components required an Internet connection--the client, during deployment, and the server enrollment-request process. Now, you can perform both of these functions offline--a huge benefit to organizations that would likely benefit most from the security features in RMS, including government agencies.

Microsoft has also created a feature called a server lock box in RMS SP1 that enables server-based applications such as Windows SharePoint Services (WSS) and email gateways to permit the deployment of centralized document policies. Numerous third parties are taking advantage of this feature right now. For example, you might want sensitive corporate documents to be archivable and searchable when used within your network, but you need them to be protected if they're sent via email. Or, you might want to scan incoming email documents for viruses, then protect them with RMS after they've been deemed clean.

Microsoft Exchange Server users can also use a new SP1 feature to create dynamic query-based groups to which you can apply policy. For example, you could create a group that included only those Active Directory (AD) users who live in a certain state or work in a specific office. You can apply policies to that group as usual, but the people making up the group would fluctuate and you wouldn't have the overhead of manually managing the group members.

I'll write more about this update at a later date, but that's the gist of it. You should also know that RMS SP1 will be the last update to RMS until the Longhorn timeframe. At that point, Microsoft will look to improve the B2B prowess of the product by supporting external document collaboration.

But the most interesting thing about RMS isn't the platform, per se, but the applications that are written to take advantage of it. On that note, numerous exciting applications for RMS are now available, and more will be available soon. I'll look at those solutions in a future commentary.

Protecting Sensitive Documents with Windows Rights Management Services

Deploying Windows Rights Management Services

Windows RMS Client Experience and Partners

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.