Three ways to protect PDF documents

How can you safeguard your organisation's documents?

Losing sensitive data costs companies an average of $3.8 million per security breach, a recent study carried out by the Ponemon Institute has found.

As well as the financial risk involved, the company's reputation and loss of customer loyalty are also at stake when internal information falls into the wrong hands, not to mention the consequences if legal requirements are breached, particularly with the new GDPR regulations.

Advertisement - Article continues below

Safeguarding the many documents that a company creates, distributes, edits and stores throughout those documents' lifecycle is an extremely difficult task, particularly when it comes to paper documents. But digital documents present challenges of their own when it comes to security. With staff spending more time working away from the office, and increasingly accessing company documents from their own devices or through the cloud, managing how and where digital documents are stored, accessed, shared and edited is becoming a major challenge.

PDF formats are the most popular for exchanging and archiving documents. Managing documents in digital processes based on the PDF format offers a far more secure alternative, with many professional PDF tools already featuring security functions that can be combined with appropriate tools to create an end-to-end secure workflow. In fact, 72% of IT experts surveyed by the Ponemon Institute believe that document security can contribute to maintaining data confidentiality, integrity, authenticity, availability and usability.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

There are a number of different ways to protect PDF documents at all stages of the workflow to ensure that data doesn't fall into the wrong hands.

Password protection

A good PDF solution will allow differentiated access for creating, editing, saving, printing and reading PDF documents. In terms of password protection, there are two levels that are necessary for a sufficient level of security: permission to open a document and permission to edit it.

Protecting the document against being opened is important if only a defined group of recipients is allowed to open it. One example is if confidential information is sent by email - in principle, anyone who gains access to the email can also read the document. However, if the document is secured with a password, only the actual intended recipient in possession of the correct password will be able to open it.

Permissions passwords play an important role, particularly when collaborating with internal or external co-workers, or when communicating with customers. For example, team members may be able to view, print out and add comments to a project plan, but should not be allowed to remove or add pages to it. Similarly, customers should be able to fill in forms and sign documents, but not to modify the text in any way.

Advertisement - Article continues below

It is possible with some PDF providers to go further and use encryption to ensure that protected files can't be read by unauthorised people. But there are potential problems to be aware of with encryption, including meeting various compliance standards, and whether the encryption can be recognised by older PDF applications.

Confidential information removal

In many circumstances, personal data should be removed before a document is circulated to protect it, in a process often referred to as redacting. It is not enough to simply put a black line across the information that should be concealed, as an experienced PDF user would easily be able to remove this line again. Instead, the information must actually be removed permanently. Redacting the section in question simply indicates that sensitive data has been removed, which is particularly relevant for authorities and other public bodies that are required by law to highlight where information has been removed.

All private companies have to handle personal information that is subject to data protection, and must not be passed on to third parties. The consequences for non-compliance under GDPR regulations are severe. Therefore, a PDF tool must be capable of permanently removing this information in a traceable way, including potentially revealing metadata and hidden information.

Certificate-based signatures

It is becoming increasingly common to sign documents with a digital ID, which approximately corresponds to a signature on a paper document. If unauthorised changes are made to a document after it has been signed, the digital signature becomes invalid.

Advertisement - Article continues below

Documents may be signed several times by different people. When deciding on a PDF tool, it's best to opt for an application that not only enables documents to be signed, but also to be stamped with a digitally-authenticated timestamp. This indicates that the contents of any data file haven't been changed since that time.

Digital IDs not only allow a PDF solution to authenticate documents, but also to protect them. This is a process known as certifying, which allows the owner of the document to apply a signature and document protection at the same time. The signee can completely lock the document, or allow certain actions to be available for others such as form filling or commenting.

Featured Resources

Staying ahead of the game in the world of data

Create successful marketing campaigns by understanding your customers better

Download now

Remote working 2020: Advantages and challenges

Discover how to overcome remote working challenges

Download now

Keep your data available with snapshot technology

Synology’s solution to your data protection problem

Download now

After the lockdown - reinventing the way your business works

Your guide to ensuring business continuity, no matter the crisis

Download now
Advertisement
Advertisement

Recommended

Andrew Daniels joins Druva as CIO and CISO
Cloud

Andrew Daniels joins Druva as CIO and CISO

22 Jul 2020
University of California gets fleeced by hackers for $1.14 million
ransomware

University of California gets fleeced by hackers for $1.14 million

30 Jun 2020
Australia announces $1.35 billion investment in cyber security
cyber security

Australia announces $1.35 billion investment in cyber security

30 Jun 2020
CSA and ISSA form cyber security partnership
cloud security

CSA and ISSA form cyber security partnership

30 Jun 2020

Most Popular

How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

3 Aug 2020
How do you build a great customer experience?
Sponsored

How do you build a great customer experience?

20 Jul 2020
Labour Party donors caught up in Blackbaud data breach
data breaches

Labour Party donors caught up in Blackbaud data breach

31 Jul 2020