2021: IT and document security predictions.
2021 will see IT security demands increase as businesses move more data to cloud services and publishers expand their digital distributution of revenue generating content.
Protecting documents and data in distributed and remote systems
2021 is starting out to be pretty similar to 2020 in terms of economic growth (or lack of it) and the global response to the Covid pandemic.
The world economies have been stalling as a result of trade tensions between the USA and a number of nations, principally China, and this has an impact over the ability to fund development of high tech hardware, systems and software and the need of markets to provide demand. This will affect everything from atomic power stations to transport to medical and the Internet.
Continuing reliance on cloud-based systems will take place increasing risks
Data being exposed to the cloud is rapidly increasing and proving to be ever more valuable to a wide range of parties for financial gain – the the need to protect sensitive and confidential documents will therefore become a priority. Both public and private sectors will have to up their IT security measures to prevent hacking attacks, data breaches (due to badly configured systems or malicious users), and theft of IPR (training course materials, research reports, etc.) by third parties.
Password based access control systems are looking to be increasingly past their sell by date so is PKI going to make a comeback or will additional authentication methods like 2FA become the norm? Where is the agreed method of management and supporting standards?
Rapid development of AI is needed to increase flexibility & reduce costs
The deskilling of blue-collar jobs will accelerate as nations seek to bring their industries back home. This will be achieved by a combination of AI/robotics to drive up quality and reliability of product, and a sharp reduction in longer term production costs.
One major strength coming from robotics will be the rapid ability to re-purpose them for major assembly changes. Another strength will be seamless change of operating between shifts and schedules, allowing a just-in-time response to changes in demand rather than a just-too-late attempt.
Delivery of education and training services will change
The number of people continuing to work and study remotely from home will continue to rise steadily. Gone are the days of large gatherings such as the big conferences and physical training sessions. Organizations are looking more than ever at how to protect their Intellectual Property now it is being accessed outside of the network boundaries and can be more readily shared.
Document DRM (Digital Rights Management) will play an important role in defining how content is accessed and used, and how long it is made available for, and exactly who gets to use it. Locklizard Safeguard PDF Security and similar PDF DRM enforcing technologies will increasingly be used to secure training courses, to control digital piracy and reduce the free distribution of teaching documents. At the same time, controlled access to some research works will increase in order to demonstrate the technical competence of authors.
Provision of access to communications will need more infrastructure
The provision of Internet capacity will need to be increased substantially to match the demand for digital services to try to avoid Internet poverty outside cities. Sir Arthur C Clarke in his “Beyond the global village (1992)” made the point that communications would lead to national revolutions as information/news passed freely – allowing every village to become global. But when rich countries do not have homogenous access to high-capacity broadband what hope is there for poor nations?
The onset of the pandemic will push new working practices in working from home that will increase local broadband demand, including demand for conferencing, secure document sharing (collaboration), DRM protected information sharing, secure remote access to the workplace, secure document distribution, security of connections and authorisation, and remote management.
Provision of multi-purpose school IT equipment will need to change
Delivery of education and training materials to students requires something to deliver it to – phone, tablet, laptop, desktop. The most disadvantaged sectors of society face barriers to access education through lack of access to home computing power and there is little thought about the management, distribution and control of services especially in the primary education sector. Equipping schools with ‘loan equipment’ that children can have access to may solve some problems.
Pre-configured systems that include DRM protection services simplifies access and use while maintaining control of IPR. Locking DRM controls to specific devices makes it harder to steal IPR and the hardware less attractive to steal because of its ready availability will deny the development of a stolen goods market.
Security demands will change to support larger public infrastructure
As dependence on infrastructure increases so does the need to protect the physical and the logical structures being created. There will develop a need to have a public broadband service offering basic access through public Wi-Fi portals where infrastructure is replicated to provide fault tolerant access.
Vandalism against physical public services will be reduced by wireless communications following cell phone mast approaches, but denial of service attacks may be problematic. The incentive for government will perhaps be access to ‘public’ communications so the security of the architecture will of real interest, as will the risk management process.
Increased movement to digital distribution and secure document distribution
For Publishers selling information (eBooks, research reports, training courses, etc.) the trend for digital distribution is only going to increase and so will the need to therefore sell documents securely. A move to distributing content online can make sense for businesses from both efficiency and green credentials.
Digital transmission instead of physical transmission helps save:
- Environment – saving paper and therefore trees, and removing packaging for shipment
- Vehicles – no vehicles used for shipping (or ships or aircraft)
- Time – don’t have to spend time printing and handling or packaging goods
- Cost – printing, packaging and shipping costs are all saved plus the manual processing time involved
- Copying – one physical copy can easily be run through a professional photocopier
- Replacement – protected documents can easily and quickly be re-sent without extra costs or risks
The downside is that digital documents can be easily replicated so there will be increased demand for document DRM security to protect IPR from piracy and theft.
PDF Password Security approaches use by date
It looks like the ID/Password access control procedure is finally getting to the point where another technology needs to take over without becoming too restrictive or too easy to subvert – the constant challenge of security. PDF password protection has proven to be totally useless and no improvements have been forthcoming due to the reliance on old architecture, namely the Adobe PDF Security Handler.
Public Key Infrastructure (PKI) was tried in the 90’s but was found to be technically challenging and expensive and presented several points of weakness that have been avoided by the credit and debit card suppliers.
Locklizard have pioneered a secret login process using encrypted keystores on hard drives or USB tokens, that works on the basis that the owner of the device is the licensed entity without allowing them to transfer their licenses to other parties, or compromise document content. This approach simplifies access authority and avoids the rush for a mobile phone when Two Factor Authentication (TFA) is being used (always a problem in wireless dead spots or where the phone is being used).
Secure PDF forms and protection of form data
There are many occasions when pre-set forms are required as part of a business process or an education process. In business, order specifications and vendor onboarding details are common requirements. In education examination papers and enrolment (now online) require that the form contents are protected from being captured whilst in transmission or at rest. This requires that the data content be encrypted so that it can arrive at the application without being altered or disclosed.
Adobe PDF forms can be easily modified since their only protection is a PDF password restricting access – however, users can remove PDF password protection using PDF password recovery tools. Form data is not encrypted and so can be altered after submission, and even digital signatures are not be relied upon. So a new approach to secure PDF forms and securing form content and data needs to occur.
Libraries to provide increased remote access and secure ebooks
The role of libraries as major handlers of IPR (books, pictures, sound and video) will have to change considerably. As libraries become constrained by the number of people gaining physical access to their collections (or not during lockdowns) so there will be pressures to grant remote access and to facilitate that by creating scanned images of the works both for ordinary public access and for approved readers and curators.
Indeed, although the function of curation may not change, the way in which it is carried out is likely to change. The scanned copies must be the standard reference and must not be changed however much they may contain ’facts’ that the author(s) wished to present whether verified or not.
Libraries will need to increase their investment in IT and DRM control systems (such as ebook DRM) and become purveyors of their collections to new and changing markets. Accessibility and use may increase to satisfy a market that has more time to study but does so by remote access rather than in person. So controlled digital lending and distributing library ebooks securely will become a priority.
2021: The year ahead
So 2021 will continue to progress much like 2020 but with rapidly increased reliance on cloud based services where access and information needs to be protected as a priority rather than an afterthought.
Changes to work practises and work processes will be significant and bring about major re-engineering in order to recover infrastructure costs. For instance, remote warehouse management and the reliance on automated (AI) will significantly alter interfaces with both suppliers and customers.