ComputerWorld has a big story about protecting documents with ERM software:

Corning's research and development staff uses the software to encrypt critical documents and apply rules that determine not just who has access to the files but also whether they can print, copy or forward them to others. The system also establishes a chain of custody, providing an audit trail of who accessed a document when and what they did with it. "We can put our hands on our hearts and say we know we are compliant," Scott says.

He says that only because he isn't paying attention. This kind of thing dampens the productivity of the staff that is forced to use it (partly by getting in the way, partly by artificially limiting the applications that they can use). Meanwhile, all you need to circumvent the protections is a camera phone (and OCR software, if you want to get sophisticated).

Oh, and that's not the worst part. Here's another leak:

The system is now in pilot, with a full rollout expected this month. It wasn't difficult to set up, and users find the interface easy to use, Pretorius says. But he wasn't able to avoid other integration issues related to antivirus, e-mail archiving and enterprise content management systems. Once content is encrypted, it can't be scanned. Without adequate safeguards on the desktop, some users could encrypt infected files and spread a virus by routing them to others.

Pretorius' e-mail archiving software, Veritas Software Corp.'s KVS Enterprise Vault, doesn't have rights to view encrypted files and therefore can't index them for searches. But he says users are willing to live with that for now. "It's an ease-of-use concern against security," Pretorius says.

Yeah, and Pretorius fell on the wrong side of that one. I wonder how he'll feel the first time this decision bites back...