News tid-bit: Yesterday I tweeted (follow @TheRMSGuy) a link to a cool YouTube video showing off RMS at the 200 level. It's perfect to share with your CSO or ITPro co-workers.
As you all know by now, Microsoft Rights Management service (RMS) has released a significant update. Many of you have asked for details on the licensing terms... what's this going to cost me? Given I have X, do I need to get Y or not? etc. Here are the terms, grouped by organizational profile. This blog focuses on the Azure RMS service. The AD RMS service licensing terms remain unchanged. I do apologize for what may appear as duplicated text for those reading them all. As usual, let us know if you have questions.
Office 365 -based Organization
On-Premises Organizations using Azure RMS
Solutions partners find themselves needing to perform protection operations on data for other organizations. In these use cases, the solution partner asks their customers to bring their own licenses (BYOL) as part of their Azure Active Directory configuration. We do things this way given the above terms outline a model where an organization pays only once for the right "to use RMS with any enlightened application or service".
For example, let's say a CAD company builds a virtual 'Construction meeting room' for 3 organizations to collaborate. The files are protected by the CAD company for the use of the other organizations. In this case the CAD firm is permitted to protect the files 'on behalf' of the other organizations using an instance of the Azure RMS service. They simply require that every user from each of these other organizations purchase licenses for all of their users visiting this meeting room. As you look at implementing this offering, please be sure to contact us at AskIPTeam@microsoft.com to discuss your specific use pattern. This pattern would apply to most 'virtual meeting room' type services. We thought you'd like this one... after all, what better of a price than free!.
Also note that there is no 'mega solution offer' model where a partner acts as the RMS server for many companies (or many virtual rooms). Though possible today with SPLA ADRMS licensing terms, it's highly ill advised as the same RMS root security key would be protecting data for different organizations. Each virtual room should be a different Azure RMS tenant with its own root security key. This way important actions such as retiring a Azure RMS subscription have the expected effect of killing all remaining protected content. Again, as you look at implementing RMS in your service, please be sure to contact us at AskIPTeam@microsoft.com to discuss your specific use pattern.
If you have any specific questions please contact your Microsoft sales associate. They'll help you out, or they'll know where to find us. If you prefer to ask us directly then send the question(s) to AskIPTeam@microsoft.com but please CC your Microsoft sales contact.
Dan on behalf of the RMS team
Disappointed. Was hoping to get ballpark pricing and understand if azure active directory from other tenants can authenticate to my on prem or hosted solution