Overview of document DRM & PDF security systems.
There are many document DRM solutions available in the marketplace, and they all use different technologies to control document access and use. Here we cover the main types of systems and how they work.
Firstly, why use Document DRM?
Using document DRM can bring many benefits such as:
- Revenue protection
- IPR theft prevention and protection of confidential information
- Enforcement of compliance with regulation
- Secure sharing
- Cost and time savings
See how you can benefit: Document DRM Benefits
What should I be looking for in a Document DRM solution?
Not all document DRM systems are equal. Many use technologies that are just not secure.
Below we cover each type of system in more depth.
Web based Document DRM systems
Many document DRM systems have gone down the route of users logging into a web page to view ‘protected’ documents in a browser. This is how ‘secure’ data room solutions work so users do not have to install an application or a plug-in to Adobe Acrobat to view protected documents.
There are many issues with this approach:
- You have to upload your unprotected documents to a third-party server in the cloud. You are told they are then encrypted (it would be hard to prove this unless you had access to the server) and one assumes your unprotected documents are then deleted. So there is a chance that unprotected documents can be compromised if anything goes wrong during that process. Many of these companies make a big thing about how secure their data (server) systems are (protected by firewalls etc.) but that is just diverting people from the real issue of how good their document protection is (or not).
- To view a ‘protected’ document a user has to login with an ID and password. There is nothing preventing them from giving this information to others. This can defeat the whole purpose of preventing document sharing.
- Often documents are decrypted on the server (assuming they were encrypted to begin with) and delivered to the client in plain text. Browser systems create temporary files so it may not be difficult in this situation to extract the plain text file without any controls on it.
Locklizard Secure Web Viewer
Locklizard provide a Web Viewer if publishers want to go down this route (our main document Viewers are installed on a device). However, our Web Viewer differs in that:
- Only protected documents (ones that you have encrypted and have DRM controls applied to them) are uploaded to the cloud server. You cannot upload unprotected document formats.
- Protected documents are decrypted on the client device in memory – no temporary files are created.
- You can lock use to specific locations on a per user basis – this can happen automatically when a user logs in for the first time – they can only login from that same location in future.
- You can stop users using credentials from multiple devices at the same time. This helps prevent users sharing login credentials since only one person can login (with the same credentials) to the system at a time.
Adobe and Password protection
This is the most commonly used PDF protection method available. It is free but pretty useless.
Basically, in the Adobe PDF standard there are two passwords you can apply to encrypt a PDF file:
- The Document Open password – required to open the PDF
- The Permissions password – required to set, change, or remove PDF restrictions
The stronger the document open password the longer it will take to crack or remove with PDF password remover tools. The permissions password however can be broken trivially no matter how strong it is due to inherent weaknesses (or flaws) in the design of the Acrobat Standard Security handler. See How Secure is PDF? by Bryan Guignard (Adobe Certified Expert).
In fact, when it comes to removing PDF permissions you don’t even need to use a PDF password remover program – there are other simpler methods – Google Drive, using a Mac, or a third party PDF reader that does not ‘honor’ the controls – to trivially remove the permissions password and do what you like with the document.
You therefore must add a Document Open password to the PDF or the permissions password can be simply removed. However, the dilemma here is that people you are sending protected PDF documents to need to have the Document Open password in order to read them and so can give these to others. So, the only protection provided is if someone (i.e. an unauthorized user) gets hold of a protected PDF, not knowing what the password is. But even here PDF password remover companies provide PDF cracking tools that will remove the Document Open Password unless it is very strong.
More information on Adobe Security and other poor security mechanisms can be found here – PDF Security weaknesses.
Plugins to Adobe Acrobat
Rather than have users install a separate PDF Reader application, some PDF DRM companies plug in to Adobe Acrobat. These, however, rely on Acrobat Security since that is what they plug in to for their protection to work. So that is not a great start.
- Some plugin manufacturers make users turn off security in Adobe (like certified mode and/or protected mode) in order for their plugins to work.
- When Adobe Acrobat does an update, the plugin may stop working since it relies on various components that may have been updated and now no longer work in the same way.
- Anyone can produce a plugin for Acrobat and so one can be produced that either deliberately or by chance bypasses the DRM security plugin.
- Plugins can clash with one another so users may have to uninstall other plugins in order for the PDF DRM plugin to work, or vice versa.
- Plugin manufacturers often make a big thing about how they are easier to install than EXE applications. Yet plugins are EXE files that have to been installed with Admin rights.
Enterprise Rights Management Systems (Microsoft RMS, Adobe LiveCycle ES, etc.)
These systems rely on implementing full-blown PKI systems to operate so are complex and time consuming to set up.
They require system administrators to create complex policies to govern document use and are really focused on internal company use (i.e. not for protecting revenue generating content).
For an analysis on Microsoft RMS security see How secure is Microsoft RMS?
How Locklizard’s Document DRM works
Locklizard has taken a different approach to document security by avoiding known security weaknesses and complex implementation.
How our system works:
- We use our own installed secure PDF Viewers (so we have full control over the environment)
- We don’t use passwords, plugins, or temporary files (decryption done in memory only)
- Key management is handled transparently by the licensing server and Viewer software, so there are no complex keys to generate, distribute, manage, or for users to pass on to others
- No uploading of unprotected documents to servers where they could be compromized
- Stop unauthorized sharing of documents
- Stop users copying and pasting document content into other applications
- Stop users editing/modifying document content
- Stop screen grabber applications taking screenshots
- Control printing – stop prints, limit prints, or allow unrestricted printing
- If you enable printing then we prevent printing to file drivers (e.g. PDF printers)
- Dynamically watermark content with user details – name, email, company, date/time
- Expire documents after a no. of views, days, prints, or fixed date, on a user or global basis
- Expire user access to all documents on a fixed date
- Revoke documents and/or user access anytime
- Allow offline use, allow flexible use, or always enforce users to be online
- Lock use to specific authorized devices or USB sticks
- Prevent use on BYOD or control BYOD use by location
- Lock user access to documents by country and IP locations (i.e. stop use outside the office)
- Log document prints and views
Most document DRM systems lock you into subscription pricing with the system hosted on their servers in the cloud.
Locklizard lets you choose whether to purchase a subscription or perpetual license (one- time payment) to suit your own requirements. You can host the system on your own server (under your own control) or on our servers (for a small yearly hosting fee).