Information Rights Management (IRM) is an encryption solution that also applies usage restrictions to email messages. It helps prevent sensitive information from being printed, forwarded, or copied by unauthorized people.
IRM capabilities in Microsoft 365 use Azure Rights Management (Azure RMS).



What does it do? 

IRM uses encryption and usage restrictions to provide online and offline protection for email messages and attachments.
Gives you, as an admin, the ability to set up transport rules or Outlook protection rules to automatically apply IRM to select messages.
Lets users manually apply templates in Outlook or Outlook on the web (formerly known as Outlook Web App).


What does it not do?

Some applications may not support IRM emails on all devices. For more information about these and other products that support IRM email, see Client device capabilities.  


Recommendations and example scenarios 

We recommend using IRM when you want to apply usage restrictions as well as encryption. For example:
A manager sending confidential details to her team about a new product applies the "Do Not Forward" option.
An executive needs to share a bid proposal with another company, which includes an attachment from a partner who is using Office 365, and require both the email and the attachment to be protected.