Since the worldwide implementation of AD RMS at Microsoft, each day, an average of approximately 5,000 documents and e-mail messages are protected to be consumed by 80,000 unique users. These numbers continually grow as an increasing number of users adopt AD RMS technologies as their preferred means of helping to protect their confidential e-mail and documents.

This paper discusses the need that Microsoft IT had for protecting confidential business data, the reasons for deploying RMS over other possible solutions, and how AD RMS works. This paper also offers detailed lessons learned and best practices derived from the RMS server and client deployment and usage experience of Microsoft IT. It assumes that readers are technical decision makers and are already familiar with the fundamentals of both public key cryptography and symmetric key security systems, the benefits that such systems offer, and the components required to implement the systems.