Locklizard Competitors

DRM Document Security, Secure Data Rooms & PDF Security solutions

Locklizard competitors providing DRM (Digital Rights Management), encryption & copy protection

There are many document DRM solutions available in the marketplace, and they all use different technologies to control document access and use.  Many technologies are just not secure and they are certainly not suitable for secure document sharing.

Here we cover how Locklizard differs from other PDF DRM & Document Security software with stronger security, simple management, and significant cost savings.

PDF Password Protection

PDF password protection systems are freely available and enable you to encrypt a PDF with a password and additionally apply PDF restrictions (stop editing, printing, copying).  Users enter the password used to protect the PDF to decrypt and view it.

There are only 3 things you need to know about protecting PDF files with passwords:

  1. you need to give users the document open password (or master password) for them to open it.
  2. users can share password protected PDF files and their password with others, or just remove it.
  3. once users have the open password they can remove all permissions or restrictions.

To remove all restrictions users can use a free PDF password recovery tool, Google Drive, a Mac, or just a PDF reader that does not honor the controls.

So clearly PDF password protection is pretty useless as a means of protecting PDF files and controlling document use.

More information on Adobe PDF password protection and other poor security mechanisms can be found here PDF security weaknesses.

Secure Data Rooms & Other Cloud Document DRM systems


Secure Data Room systems require users to login to a web portal to view ‘protected’ documents in a browser.

Most companies make a big thing about how secure their data (server) systems are (protected by firewalls etc.) but that is just diverting people from the real issue of how good (or not) their document protection is.

There are many issues with secure data rooms:

  1. You have to upload your unprotected documents to a third-party server in the cloud outside of your control.  While documents are encrypted, you have no control over what happens to the unprotected documents you uploaded – if anything goes wrong with the process are any temporary files left behind?
  2. To view ‘protected’ documents, users have to login with an ID and password.  There is nothing preventing them from giving this information to others.  This can defeat the whole purpose of preventing document sharing.
  3. In most systems, the same login credentials can be used at the same time on multiple devices.
  4. Users can screen grab high quality document content using screen grabbing tools.
  5. If printing is allowed, users can print to PDF files and other unprotected file formats.
  6. Document tracking stats are useless because you have no idea who you are actually tracking (just ‘someone’ that has access to the login credentials).
  7. Usually documents are decrypted on the server and delivered to the client in plain text.  That is a lot of tempoary files sitting on the server unprotected.  Also browsers create their own temporary files so it is possible for users to extract the plain text files.
  8. To apply document restrictions or DRM controls, these systems use JavaScript since there is no software application installed on the client (i.e. a dedicated Viewer).  This provides a rather limited set of controls (for instance you cannot stop third party screen grabbing tools, stop printing to file drivers such as PDF printers etc.).
  9. The browser environment is not only slow, but inherently insecure.  JavaScript is executed in the browser and can therefore be manipulated – you cannot prevent users installing plugins or injecting JavaScript directly into the browser to bypass DRM controls.  For an example, see How Secure are Google Docs?.
  10. You cannot distribute your protected documents as you see fit or easily integrate protected documents into your existing systems – users have to login to a data room with a fixed layout that you cannot change.
  11. Document controls are limited (e.g. an expiry date and time) and are set at the file, data room or link level.  For example, if you want 10 documents to expire at different times for each user, then you have to create 10 files, 10 data rooms, or 10 links per user.  It soon becomes unmanageable.
  12. Users have to be online to view protected files.  Where offline support is provided, documents are either unprotected, protected with a password, or use JavaScript which can put users computers at risk from malicious code execution.
  13. Costs can rapidly esculate – you are tied into monthly pricing which can soon add up over a period of time.
  14. Generally there is no option to host on-premise in your own environment.

  Two-factor authentication (2FA)

To try and counteract the fact that the login process is insecure (i.e. login details can be shared), some secure data room systems use 2FA as an additional verification measure – this could be a key code sent to a cell phone, a QR code that is scanned, or a link sent to an email address.  However there is nothing to stop users passing this information on to others as well.

Since users find 2FA rather annoying if they are not benefitting from it in any way, some companies make this process easier by storing a cookie on the users device so they only have to authenticate again when the cookie expires.  This however makes the system less secure since users can edit cookies and copy them from one device to another – ‘Cookie Quick Manager’ (a Firefox plugin) for example lets you edit cookies (change expiry dates) and backup and restore single cookies on to other devices.  Other systems like Google Authenticator enable users to backup individual codes and transfer them to other devices.

  Tracking

The graphs and data might look great, but they are totally meaningless.  Here you have to understand what or who you are actually tracking – anyone who has the login details.

You cannot rely on IP addresses since users regularly change them (they are dynamically allocated by ISPs); users can use a proxy to access the Internet (included with many anti-virus software); or use a VPN that has a dedicated IP address (so everyone sharing that VPN logs in using the same IP from different locations).

  Multiple file type support

Most of these systems say they support multiple file types.  In reality they convert files to HTML or PDF format on upload.  That is why users can only download PDF files and why printing is often not aligned correctly (if files are converted to HTML).

  Offline use

If you want users to be able to view documents without an Internet connection (use offline) then they have to be able to download them.  Some systems do this as unprotected PDF files (so users have full control over them and even watermarks can be easily removed in PDF Editing software) while others use JavaScript or plugins to provide some protection.  Both JavaScript and plugins can be bypassed and they put users systems at risk of malicious code execution.

PDF DRM with Plug-ins or JavaScript


Instead of using a dedicated PDF Reader or Viewer application (where you have full control over the environment), some systems provide a plugin to Adobe Acrobat Reader or use JavaScript to interact with it.

  PDF Plugins

Plugins are just not safe.  We do not use plug-ins to other applications for several reasons:

  1. plug-ins may conflict with one other.
  2. plug-ins may be used to compromize security plug-ins.
  3. the applications being plugged into were not designed to operate in a secure manner, and it is not possible, as a plug-in, to control what the application can do, so any ability to compromise the application will also compromise the security.

Some PDF DRM solutions actually force users to turn off security in Adobe Reader for their plugins to work – if a user’s system is hacked because of this, then who is held legally responsible?

Locklizard PDF DRM security cannot be compromised by plug-ins because we prevent all plug-ins from being loaded so that no vulnerabilities can be introduced.

  JavaScript

We do not use JavaScript in our installed Viewers to control access to and use of PDF content.  This is because it can be easily manipulated by attackers to compromise user’s systems – this is true even for certified (digitally signed) PDF files.

If you force users to use a PDF security solution that uses JavaScript then you might want to consider the legal implications very carefully.

Adobe recommend that you disable JavaScript in Adobe Reader due to the fact that it is unsafe – it is regularly used by hackers to gain access to computers.  Other major security companies also recommend you disable JavaScript in PDF Readers.  More information on these vulnerabilities can be found at PDF Security Issues.

Enterprise Rights Management Systems (ERM)


ERM systems (e.g. (Microsoft RMS, Adobe LiveCycle ES, etc.) are mainly for internal company use for secure document collaboration across multiple file types.

  1. They use full-blown PKI systems to operate so are complex and time consuming to set up.
  2. They require system administrators to create complex policies to govern document use.
  3. They are focused on internal company use (i.e. not for protecting revenue generating content) since key management is an issue.
  4. They assume that documents to be controlled are inside the domain.

For an analysis on Microsoft RMS security see How secure is Microsoft RMS?

How Locklizard compares to our competitors


Our PDF DRM software is simple to use and requires no prior setup to become operational.

Locklizard has taken a different approach to document security by avoiding known security weaknesses and complex implementation.

How our system works:

  1. We use our own installed secure PDF Viewers – so we have full control over the environment and can enforce DRM controls
  2. We don’t use passwords, plugins, JavaScript, or temporary files (document decryption done in memory only)
  3. Key management is handled transparently by the licensing server and Viewer software, so there are no complex keys to generate, distribute, manage, or for users to pass on to others
  4. No uploading of unprotected documents to servers where they could be compromized – protect documents on your desktop and distribute protected PDFs just like any other file
  5. We lock documents to devices so they cannot be shared, and optionally to locations so you can control BYOD use
  6. We prevent screen grabbing and printing to PDF files and other unprotected file formats
  7. DRM controls are expansive and flexible – you protect just one file for all users and control access on a user basis – so you can have the same file expire at different times for different users – see PDF expiry
  8. Offline documents contain the same level of security as online ones

  Cost Savings

We provide perpetual licenses for long-term use saving you thosands over competitor offerings.

Our prices are for unlimited use – we don’t charge per document or user.

You can host on-premise (on your own servers) or use our AWS hosted systems.

Customer Testimonials