The world of literature has been undergoing a paradigm shift. While hardcover books and transcripts are still popular, people and enterprises are slowly starting to prefer soft copy documents. They’re easy to share and even more practically, weightless.
But, since they are so easy to share, they also present a problem: a lot of people, even those who shouldn’t have access, might end up viewing and redistributing them as they see fit – unlike a physical copy, it does not take any time to produce a digital copy of a document. So, document security and management systems have been devised to curtail this, but they sometimes fall short.
For example, regular document management systems (DMS) control access to documents in their databases. But, therein lies the problem. If an organization uses such a system, their employees can’t be allowed to copy documents to their own devices. This is rarely possible as most employees bring their tablets and laptops to work and then use these devices to take their work home. And, once an employee has copied a PDF documents onto his or her personal device, it’s out of the organization’s control. Even after the original copy of the document is deleted from the central database, the copy that the employee took home will still be available.
Another popular way to prevent unauthorized users from seeing a particular file is to encrypt it. However, this is also not a complete solution. Once the intended user has decrypted the file, there is nothing stopping him or her from doing whatever he or she wants with the content, including copying and sharing it.
The fact that users will mostly use regular PDF readers is also worrisome. Currently, most of these apps allow functions such as copying and pasting as well as printing which will allow a copy to be retained. Screen grabbing can also be used to save what is on the screen as an image that could later be printed.
So, the best solution to the document security problem will have to be able to do the following:
- Ensure only approved persons can access the PDF document.
- Make sure that copies of a document are deleted when the retention period is over.
- Allow for the retention period to be extended, if needed.
- Revoke access to documents for particular parties.
Digital Rights Management (DRM) systems are by far the best tools to use with regard to document security as they can do all the above. Once implemented, people won’t be able to use the standard copy and paste, print or print screen commands that will allow the copying of a document. In this way, no additional unauthorized copies will be distributed.
Yet, even DRM is not full proof. And, adding a watermark that contains the name of the authorized user could help a great deal since, if a copy of a particular document is indeed made (say a photocopy of a print out), it can be traced to the source of the leak. This will deter authorized people from sharing PDF files.
Sometimes, it might be necessary to allow someone to have a copy of a PDF for a limited time. Conversely, since there are often no enforcement techniques, people will often fail to delete the PDF which results in unauthorized versions being available to them. DRM will use one of two ways to counter this. The first is to make sure that a particular document can’t be viewed once the allowed time has elapsed. The second is to allow you to revoke access to the copy from all the devices on which it is saved.
DRM does also allow you to embed an end-of-use date and change it. Usually, the apps used to open these documents (whether installed on a particular device or a browser add-on) will check the end-of-use date and cross-check that with the current date. They likewise check if the document is still on the server. If the end-of-use date is past or the material has been deleted from the server, then that individual will be denied access.
Worth noting is that these tools are used in conjunction with encryption for maximum security as encryption is used to prevent unauthorized access. The most secure systems like Locklizard use public key technology rather than passwords to control access since passwords can be shared with others (and have to be managed by the document owner).
Using DRM with encryption is the most appropriate way to control who sees your PDF merge documents and when they can do so. Try it with your sensitive documents for that extra layer of security.