...Although it provides an audit trail for document use, ERM doesn't supply compliance with Sarbanes-Oxley financial record dictums, and is overkill for a bank looking only to keeping client records confidential. In addition, adds The Burton Group senior analyst Trent Henry, "there's a fairly significant amount of complexity, and concerns about interrupting work and efficiency."
Because of ERM's nascent presence in the market, for example, many CIOs are unsure how to set rights management in an offline environment-such as when the CFO is on a four-hour flight with his laptop, unable to authenticate his credentials to a spreadsheet file. "What is also going to change," says Henry, "is the burden on individual users." They must understand what sorts of policies and templates to apply when creating documents, so as not to needlessly encrypt an internal memo on, say, office kitchen rules.