Data room security & secure document sharing.
Many companies look to online data rooms or virtual data rooms for securing documents with third parties. But are they as secure as they appear? If you are looking to share documents securely in the cloud then be careful what you are buying.
What is a secure data room?
A secure data room is a cloud hosted document sharing system that provides some limited controls over how documents can be accessed and used online.
Document publishers upload PDF files and Office documents to a secure data room system where they are made available to users via a link – this may be a link to an individual file or a data room (a group of documents).
Security controls that can be applied are usually a watermark, an expiry data and whether documents can be downloaded and printed.
Data rooms are not as secure as you may think they are
So you think your documents are safe in a secure data room? Companies that offer these services state that they ‘enable enterprises and outside collaborators to come together and share sensitive information easily and securely’. Well easily might be true, but securely is another matter. Many companies quote high security credentials or use terms such as ‘world-class security’ (whatever that means?), telling you that your data is stored on high security servers and encrypted with military grade encryption, that their systems are ISO certified, compliant with various standards, and there are multiple back-up systems protecting your data. Well that certainly sounds secure, but it is really marketing hype that masks the real security issue. Your documents being hacked or stolen from a server is the last of your worries if the document security system in place has major pitfalls.
So what is it they are not telling you about just how secure your documents really are?
The not so secure data rooms
The ability to share documents securely online with total ease of use is a security conundrum. The easier things seem to be the greater the actual weaknesses.
What happens to documents after you upload them to the data room?
Firstly, to have your documents made available in a secure data room for viewing online, you must upload your unprotected files to a server. What happens to those unprotected documents – are they backed up anywhere, are temp files created, and what happens if the encryption process fails? These are all areas of concern because if a data room server is hacked it might just be that your unprotected documents will be too.
Loopholes in the ‘security’ of a secure data room
In order for users to view your secure documents they must navigate with their browser to a URL and login to a portal (or alternatively click on a link to a specific document). Users have to be online to download a document (they can later be viewed offline) and enter a username and password each time to access the system. Below we examine the failures of this approach.
- The login process
A login process that relies on entering a username and password as a method of protecting documents is a not a great method as a basis for document security. If I have a username and password to login to a system there is nothing stopping me sharing this information with someone else. They can then log in to view any secure documents I am authorized to view. There is nothing you can do to prevent this because credentials are not locked to a device – they can be used on any device that has a browser installed. So although a username/password login process may be convenient for the user (assuming they don’t mind remembering yet more login details), it is not advisable as an entry point for a document security system.
- Locking documents to locations
Some secure data room systems say they can lock documents to a specific location. However, users can circumvent this by using a browser proxy. On the other hand, with installed viewers, you can lock documents to specific devices – this makes it much more difficult for users to share secure documents (especially over the Internet) because they have to share the physical device. Documents locked to devices can be additionally locked to country and IP locations to further enhance security and prevent document leakage.
- Zero installation = less secure
- Stopping screen grabbing
- Printing to PDF, XPS and other file formats
If you allow printing then users can print your secure documents directly to PDF and other file formats. This is because the browser environment has no control over the printer driver. The safest option is therefore to not allow users to print documents in a secure data room but this may not be a convenient option. And whilst you can watermark printed documents with user credentials, some file formats may not support these.
- Browser security
Browser based viewers are easy to manipulate with script injections, in-line script editing, and browser plugins which can remove the security controls.
Just as many companies have produced alternatives to the Adobe Acrobat PDF Reader, companies can also produce their own browsers which users can use to view your secure documents. These browsers however may not obey the DRM controls you have applied because there is no reason for them to. This is a current issue for Adobe Acrobat which is based on an honour system rather than a security based one when allowing DRM and other plugins to interact with its system.
- Offline use
Having users always online (i.e. connected to the Internet) is great for document revocation – you can revoke users and documents instantly. It may not be so great however for users – if a user needs to view your secure documents when travelling, what then?
Most secure data room systems therefore let you choose whether you want to let users download documents or not. However those documents have NO protection applied to them (so no expiry, print controls, tracking, etc.). And watermarks in downloaded PDF files can be easily removed.
Is it possible to maintain usability while ensuring security?
When using a secure data room to host your documents you need to consider how confidential your documents are and what risks you are willing to live with.
Web browser viewers are easy for users to use because they don’t have to install any software. But they do have to login each time to view your protected documents and remember yet another set of credentials.
Installed viewers on the other hand only require the user to install the software once and then click on a link to register. Documents are then transparently opened in the viewer if the user has been granted access.
An installed Viewer is the most secure option for secure document sharing.
Locklizard have implemented a full range of secure viewers (Secure document Viewers – which are best), allowing the best overall security solution to be matched to document requirements. This is a step forward to allowing publishers to develop more thorough security profiles to match document sensitivity.
If you want to further explore what document security issues you need to think about for secure document sharing then see PDF DRM Security – 10 things you should know.