Three ways to protect PDF documents

How can you safeguard your organisation's documents?

Losing sensitive data costs companies an average of $3.8 million per security breach, a recent study carried out by the Ponemon Institute has found.

As well as the financial risk involved, the company's reputation and loss of customer loyalty are also at stake when internal information falls into the wrong hands, not to mention the consequences if legal requirements are breached, particularly with the new GDPR regulations.

Safeguarding the many documents that a company creates, distributes, edits and stores throughout those documents' lifecycle is an extremely difficult task, particularly when it comes to paper documents. But digital documents present challenges of their own when it comes to security. With staff spending more time working away from the office, and increasingly accessing company documents from their own devices or through the cloud, managing how and where digital documents are stored, accessed, shared and edited is becoming a major challenge.

PDF formats are the most popular for exchanging and archiving documents. Managing documents in digital processes based on the PDF format offers a far more secure alternative, with many professional PDF tools already featuring security functions that can be combined with appropriate tools to create an end-to-end secure workflow. In fact, 72% of IT experts surveyed by the Ponemon Institute believe that document security can contribute to maintaining data confidentiality, integrity, authenticity, availability and usability.

Advertisement
Advertisement - Article continues below

There are a number of different ways to protect PDF documents at all stages of the workflow to ensure that data doesn't fall into the wrong hands.

Password protection

A good PDF solution will allow differentiated access for creating, editing, saving, printing and reading PDF documents. In terms of password protection, there are two levels that are necessary for a sufficient level of security: permission to open a document and permission to edit it.

Protecting the document against being opened is important if only a defined group of recipients is allowed to open it. One example is if confidential information is sent by email - in principle, anyone who gains access to the email can also read the document. However, if the document is secured with a password, only the actual intended recipient in possession of the correct password will be able to open it.

Permissions passwords play an important role, particularly when collaborating with internal or external co-workers, or when communicating with customers. For example, team members may be able to view, print out and add comments to a project plan, but should not be allowed to remove or add pages to it. Similarly, customers should be able to fill in forms and sign documents, but not to modify the text in any way.

It is possible with some PDF providers to go further and use encryption to ensure that protected files can't be read by unauthorised people. But there are potential problems to be aware of with encryption, including meeting various compliance standards, and whether the encryption can be recognised by older PDF applications.

Confidential information removal

In many circumstances, personal data should be removed before a document is circulated to protect it, in a process often referred to as redacting. It is not enough to simply put a black line across the information that should be concealed, as an experienced PDF user would easily be able to remove this line again. Instead, the information must actually be removed permanently. Redacting the section in question simply indicates that sensitive data has been removed, which is particularly relevant for authorities and other public bodies that are required by law to highlight where information has been removed.

All private companies have to handle personal information that is subject to data protection, and must not be passed on to third parties. The consequences for non-compliance under GDPR regulations are severe. Therefore, a PDF tool must be capable of permanently removing this information in a traceable way, including potentially revealing metadata and hidden information.

Certificate-based signatures

It is becoming increasingly common to sign documents with a digital ID, which approximately corresponds to a signature on a paper document. If unauthorised changes are made to a document after it has been signed, the digital signature becomes invalid.

Documents may be signed several times by different people. When deciding on a PDF tool, it's best to opt for an application that not only enables documents to be signed, but also to be stamped with a digitally-authenticated timestamp. This indicates that the contents of any data file haven't been changed since that time.

Digital IDs not only allow a PDF solution to authenticate documents, but also to protect them. This is a process known as certifying, which allows the owner of the document to apply a signature and document protection at the same time. The signee can completely lock the document, or allow certain actions to be available for others such as form filling or commenting.

Featured Resources

The IT Pro guide to Windows 10 migration

Everything you need to know for a successful transition

Download now

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Software-defined storage for dummies

Control storage costs, eliminate storage bottlenecks and solve storage management challenges

Download now

6 best practices for escaping ransomware

A complete guide to tackling ransomware attacks

Download now
Advertisement

Recommended

Visit/security/354156/google-confirms-android-cameras-can-be-hijacked-to-spy-on-you
Security

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019
Visit/pdf-software/29855/why-it-s-time-to-take-your-documents-digital
document management systems (DMS)

Why it’s time to take your documents digital

13 Aug 2019

Most Popular

Visit/security/identity-and-access-management-iam/354289/44-million-microsoft-customers-found-using
identity and access management (IAM)

44 million Microsoft customers found using compromised passwords

6 Dec 2019
Visit/cloud/microsoft-azure/354230/microsoft-not-amazon-is-going-to-win-the-cloud-wars
Microsoft Azure

Microsoft, not Amazon, is going to win the cloud wars

30 Nov 2019
Visit/operating-systems/microsoft-windows/354297/this-exploit-could-give-users-free-windows-7-updates
Microsoft Windows

This exploit could give users free Windows 7 updates beyond 2020

9 Dec 2019
Visit/hardware/354237/five-signs-that-its-time-to-retire-it-kit
Sponsored

Five signs that it’s time to retire IT kit

29 Nov 2019