Secure Data Rooms & Other Cloud Document DRM systems
Secure Data Room systems require users to login to a web portal to view ‘protected’ documents in a browser.
Most companies make a big thing about how secure their data (server) systems are (protected by firewalls etc.) but that is just diverting people from the real issue of how good (or not) their document protection is.
There are many issues with secure data rooms:
- You have to upload your unprotected documents to a third-party server in the cloud outside of your control. While documents are encrypted, you have no control over what happens to the unprotected documents you uploaded – if anything goes wrong with the process are any temporary files left behind?
- To view ‘protected’ documents, users have to login with an ID and password. There is nothing preventing them from giving this information to others. This can defeat the whole purpose of preventing document sharing.
- In most systems, the same login credentials can be used at the same time on multiple devices.
- Users can screen grab high quality document content using screen grabbing tools.
- If printing is allowed, users can print to PDF files and other unprotected file formats.
- Usually documents are decrypted on the server and delivered to the client in plain text. That is a lot of tempoary files sitting on the server unprotected. Also browsers create their own temporary files so it is possible for users to extract the plain text files.
- To apply document restrictions or DRM controls, these systems use JavaScript since there is no software application installed on the client (i.e. a dedicated Viewer). This provides a rather limited set of controls (for instance you cannot stop third party screen grabbing tools, stop printing to file drivers such as PDF printers etc.).
- The browser environment is not only slow, but inherently insecure. JavaScript is executed in the browser and can therefore be manipulated – you cannot prevent users installing plugins or injecting JavaScript directly into the browser to bypass DRM controls.
- You cannot distribute your protected documents as you see fit or easily integrate protected documents into your existing systems – users have to login to a data room with a fixed layout that you cannot change.
- Document controls are limited (e.g. an expiry date and time) and are set at the file, data room or link level. For example, if you want 10 documents to expire at different times for each user, then you have to create 10 files, 10 data rooms, or 10 links per user. It soon becomes unmanageable.
- Costs can rapidly esculate – you are tied into monthly pricing which can soon add up over a period of time.
- Generally there is no option to host on-premise in your own environment.
Two-factor authentication (2FA)
To try and counteract the fact that the login process is insecure (i.e. login details can be shared), some secure data room systems use 2FA as an additional verification measure – this could be a key code sent to a cell phone, a QR code that is scanned, or a link sent to an email address. However there is nothing to stop users passing this information on to others as well.
Since users find 2FA rather annoying if they are not benefitting from it in any way, some companies make this process easier by storing a cookie on the users device so they only have to authenticate again when the cookie expires. This however makes the system less secure since users can edit cookies and copy them from one device to another – ‘Cookie Quick Manager’ (a Firefox plugin) for example lets you edit cookies (change expiry dates) and backup and restore single cookies on to other devices. Other systems like Google Authenticator enable users to backup individual codes and transfer them to other devices.
Tracking
The graphs and data might look great, but they are totally meaningless. Here you have to understand what or who you are actually tracking – anyone who has the login details.
You cannot rely on IP addresses since users regularly change them (they are dynamically allocated by ISPs); users can use a proxy to access the Internet (included with many anti-virus software); or use a VPN that has a dedicated IP address (so everyone sharing that VPN logs in using the same IP from different locations).
Multiple file type support
Most of these systems say they support multiple file types. In reality they convert files to HTML or PDF format on upload. That is why users can only download PDF files and why printing is often not aligned correctly (if files are converted to HTML).
Offline use
If you want users to be able to view documents without an Internet connection (use offline) then they have to be able to download them. Some systems do this as unprotected PDF files (so users have full control over them and even watermarks can be easily removed in PDF Editing software) while others use JavaScript or plugins to provide some protection.