Here is a quick overview of how the DocSend secure data room system works.
- To protect a PDF file you must first upload it to DocSend. The PDF will then be converted to images, encrypted and stored on DocSend’s server.
- To share the PDF you must create a link for it. You need to do this for each user you want to share the PDF with or create a Space and give users access to the Space.
- When you create a link you can add an expiry date, a watermark and either allow or prevent downloading.
- Links are not protected unless you apply a passcode (password) to them. You have to distribute this separately.
- When you create a link to a PDF you enter the email addresses of the user(s) who you want to share that link with. When a link to a PDF file is clicked on, this email address must be entered with the passcode to access the PDF file.
- You need to set up a list of Allowed Viewers otherwise anyone can enter any email address to access the document. The Allowed Viewers list can contain up to 200 email addresses or domains for each link.
- You can optionally have another link sent to the email address that is entered to verify the user (Email Authentication). The link in that email must be clicked on before the document can be opened.
- You have to create a unique link for each user if you want to track activity and use dynamic watermarks.
- If you want to give a user access to 30 documents you have to create 30 links (one for each document). Or you can add 30 documents to a Space and give the user access to the Space – however, every document in a Space has the same controls applied to it since controls are applied to the Space link and not individual documents.
- If you allow downloading then that also enables printing – there are no DRM controls over the downloaded file, only watermarks.
Single document access
Each time you add a document you have to create a link to it and distribute that link to each user.
Controls are set at the link level – you can create multiple links per document each with different controls set on them.
- Upload document
- Create links to the document – if you want different controls you have to create a link for each. Each time you create a link you enter an Account (or create a new one) who is given access to the link in their profile. An account is basically a user or company name.
Group document access
When you create a Space you can add documents to it. Every user must be given a link to the space.
If you want to watermark PDF files and track use then each user must be given their own unique link.
- Upload document
- Create a space
- Add content to the space (your uploaded documents)
- Create links to the space
DRM controls
Controls that you can apply to a link are:
- Expiry date and time
- Allow downloading
If you want to allow printing then you must allow downloading.
If you allow downloading then this creates an unprotected PDF file – in other words it removes all protection including tracking and expiry.
If you want to set a different expiry date/time for each user for the same document then you have to create a unique link to that document for each user.
Watermarks
You can add watermarks to a link – this then either shows on a single document or all documents in a Space.
- You have to create a unique link for each user if you want to use dynamic watermarks.
- Users must authenticate their email for dynamic watermarks to work.
- Watermarks are retained in downloadable PDF files but can be removed using a PDF Editor.
Email Verification & domain locking
You can enter an email address or domain (that means anyone from that domain is authorized to open a document – so don’t add gmail.com!) that must be entered before the document will open.
Optionally, you can get the system to send an additonal link to the email address to prove you are the owner of it (or at least have access to the email account).
But what happens if you are given a generic email address by the user that is only being used for the purpose of opening DocSend documents? The email account could actually be used by multiple users – so everyone logs into the same email account to pickup any validation links rather than the original user having to forward them.
Despite the cliams “this enhancement is key in preventing forwarded emails from being viewed by unauthorized visitors”, it does not stop users forwarding the verification link (or browser cookie) to others.