Every corporation has sensitive information that should not be shared with all employees. If such sensitive data is leaked, the consequences could range from minimal to dire. Yet, information sometimes still needs to be shared with some relevant parties. For example, PDFs may need to be shared with employees, customers, and, in some instances, even lawyers.
So, how can you share sensitive documents with the people who need to see them without letting anyone else from gaining access? This is tricky since the people with whom you share the files may be the very same people who want to share the files with every Tom, Dick, and Harry, especially when they are motivated by financial gain. Luckily, you can share files without worries by controlling how authorized users can interact with the files using document DRM security.
To stop authorized users from copying, printing or forwarding a file, you first need to ensure that standard file applications cannot be used to open the file – even if you use a plugin to add security features. This is because these applications will allow various functions (such as copying and pasting, printing, and highlighting) which could be used to create an unprotected version of the file. And while at first glance you may think a plugin will disable these features, once the application is updated the plugin often no longer works. So, you need to counter this problem by using a proprietary viewer with Digital Rights Management (DRM) technology built in.
Once a file is protected by DRM controls, the user will not be able to highlight and copy anything from it. Also, options like save as, which will allow file conversions, are unavailable. The users will also not be allowed any editing privileges so the integrity of the file is always maintained. And, DRM will prevent a protected document from being downloaded as an unprotected file if it is being viewed on the web.
In addition, screenshots and screen grabbing methods are disallowed. However, people can still take photos of an open file with a camera and there is nothing that can stop this. For this particular reason, it is wise to employ dynamic watermarks that will effectively name the source of the leak if photos are taken and distributed. The possibility of the watermark evidence being used to sue someone for illegally distributing information will probably deter people from taking such a reckless action.
While it is virtually impossible to stop someone from forwarding a document to another person, you can prevent the receiver from viewing that file. This is because they are not likely to have a PDF viewer that allows them access to the file. Even if that person has the viewer, he or she still will not be able to view the file because the viewer will check for a decryption key on the host computer.
It is impossible to have this key unless the system admin issued it and, if the viewer cannot find the decryption key, the PDF viewer will check with the administration server which will show that the party is unauthorized. Therefore, the file will not open.
With regard to printing out a PDF, DRM controls can be set to never allow printing. If printing is required in some cases, you can set the allowable number of prints to a certain amount. This can be defined in the settings for each particular document on a user basis. Again, to prevent any printout from being scanned to create another PDF, a dynamic watermark may be required.
Also, if you were to allow printing, it is essential that the DRM software disallows the “print to file” option. This is because when a user “prints to file”, he or she creates another PDF that does not have the protections that your primary document has.
As well as locking protected documents to specific devices, document DRM can also enforce the locations from where your protected PDFs can be used. For example, you may want to restrict access to a specific country or a specific location base on an IP address (say an office location). In this way you can ensure your protected documents cannot be used even if users take their laptops or other portable devices home with them.
All the above will prevent an unauthorized copy from circulating and finding its way into the wrong hands.
Using document DRM is therefore a great way of ensuring that even if your sensitive documents fall into the wrong hands they cannot be viewed, and that authorized users cannot share sensitive information with non-authorized parties.