NORTH AMERICA:  
800 707 4492
UK & EUROPE:  
+44 (0) 1292 430290
sales@locklizard.com
Locklizard
  • Products
    • Our DRM software
      • Product Overview
        • Restrict PDF use
        • Watermark PDF
        • Expire PDF
        • Revoke PDF
        • Disable Print
        • Track PDF
      • Safeguard PDF Security
      • Safeguard Enterprise
    • Secure PDF Viewers
      • Viewer Overview
      • Viewer Demo
      • Web Viewer
      • USB Viewer
    • Add-ons
      • All Add-ons
      • Web Publisher
      • Safeguard Portable USB
      • Ecommerce API
      • Command Line
      • Own Branding
      • Custom Email
    • Purchase
    • Book a Demo
  • Solutions
    • Industry sectors
      • All Industries
      • Auctions
      • Engineering
      • Government
      • Healthcare
      • Libraries
      • Mergers & Acquisitions
      • Publishing Ebooks
      • Publishing Media
      • Publishing Standards
      • Membership Associations
      • Reports & Analysis
      • Tax Advisors
      • Training & Education
    • Vertical sectors
      • All Sectors
      • Board Documents
      • Internal Company Use
      • Large Publishers
      • Small Publishers
    • Business processes
      • Processes Overview
      • Secure Document Sharing
      • Sell Documents Securely
      • Document Retention
      • Prevent Document Leakage
      • Internal Document Control
      • Regulatory Compliance
      • Secure PDF Forms
      • Secure Data Rooms
      • Data Room Security
      • Application Integration
    • Business benefits
    • Regulatory compliance
      • Compliance Overview
      • NIST & DFAR Compliance
  • Downloads
    • Free 15 day trial
    • Viewers
      • Windows Viewer
      • Mac Viewer
      • iOS Viewer
      • Android Viewer
    • Writers
    • Manuals
  • Support
    • Support
    • FAQs
    • Guides
    • Videos
    • White papers
  • About Us
    • Contact us
    • Our customers
      • Customer Overiew
      • Case Studies
      • Testimonials
    • Our technology
    • Blog
    • Why Locklizard?
      • Competitors
      • PDF DRM protection
      • Password protect PDF
      • Product Awards
  • Search
  • Menu Menu

GDPR & document security

in Blog, Document Security, DRM, PDF Security

How to send personal information over the web and comply with the European General Data Protection Regulation (GDPR).

GDPR is causing businesses a lot of pain over how to protect sensitive personal data.  This includes not only data at rest but sending documents securely, keeping sensitive data under your control, and complying with GDPR policies such as data retention.  This is easier to achieve than you think.

Data protection and GDPR

A lot of interest has been generated by the EU introduction, back in May 2016, of the GDPR which introduces the explicit requirement on organizations that collect and process personal data (like name and address and phone number and IP address) and especially sensitive data (like racial or ethnic origin, political opinions, religious beliefs, trade union activities, physical or mental health, sexual life, or details of criminal convictions).

And a question we get is how can we send documents securely containing that kind of data and still comply with GDPR?

The Locklizard document security approach, working with Adobe Portable Document Format (PDF), is to encrypt PDF files and then apply DRM controls.  We use the PDF format because it maintains the form and format of the original document.  That was the reason PDF was created, and later standardised by ISO.  And the beauty is you can easily convert any document format to PDF.

By encrypting documents and applying DRM, nothing is now processible.  You don’t need to restrict document forwarding or worry about users copying protected documents.  Stealing a DRM encrypted document achieves nothing because it cannot be read without a license from the supplier and either a Viewer installed on a licensed machine, or a valid logon to a web portal holding and serving the encrypted document to authorized users.  Similarly, for Locklizard installed Viewers, there are no passwords for users to enter or share with others and documents are locked to devices.  You can even control the locations from where users can open protected documents (say an office location so that sensitive documents cannot be taken out of the building on a portable device) or more generally to restrict document access to a country location so that documents can only be shared with authorized third parties in specific countries.

Protecting documents with encryption & DRM to comply with GDPR

Protecting documents with DRM is easy to do.  Let’s go through the steps in the process to protect documents and for users to receive protected documents from you.

  1. The first thing you have to do is create one or more protected documents that contain the personal information you are going to send out.  You do that using the Writer application (where you choose the controls that will be applied to each document).
  2. Select your PDF files that need protecting, right-click on them and choose the option to ‘Make Secure PDF’ from the menu.  From the Writer GUI choose the controls you want to apply (i.e. expire after a number of days use, watermark document with user details, stop printing, stop screen grabbing, log document views, etc.).  Once you have selected your controls press the Publish button. You will now have protected documents (encrypted and with extra DRM protection) that mirror the unprotected PDF files.
  3. Now you need to decide how to distribute your protected documents.  Because the documents are encrypted they may be stored anywhere without there being a risk of the data being extracted or processed by anyone without a license.  You could make them freely available from your web site, and/or distribute them by email, USB, etc.
  4. The next thing you have to do is login to the web-based Safeguard Administration system and add the users who you want to be able to access the secured document(s).  This is a simple action of adding their name, company (optional) and email address and then selecting which documents (or groups of documents) you want them to be able to access.
  5. The Admin system automatically emails recipients with a link to download the Viewer and their license.  Once users have installed the Viewer and clicked on their license file they can then open any documents that you have authorized them to view.  The license registration is a one-time use (unless you authorize more) so if users forward on their registration email to others they won’t be able to use it.

Automating GDPR compliance by securing documents

A simple way to enforce your company document protection policies and ensure you comply with GDPR is to use Safeguard Command Line to automate GDPR document security policies you want to apply.  This is as simple as:

  1. Creating batch files with the DRM controls you want to apply to specific document types
  2. Creating folders on your disk where users store different types of files according to their confidentiality status
  3. Using Windows Scheduler to automate when batch files are run and your documents protected

Safeguard Command Line is also useful if you have a large number of documents to protect since they can be processed automatically in one go.

Keeping sensitive data under your control

An important part of GDPR is keeping data under your control.  We don’t force you to upload your unprotected documents to our servers where they could be compromised – for example, what happens if the encryption process fails or temporary files are created and not deleted?

Your documents remain under your control at all times.  You protect them locally on your computer so unprotected files are not exposed to the Internet.  Your protected documents can be distributed just like any other file and only authorized recipients will be able to view them no matter who they are forwarded to.

Your documents are encrypted with AES encryption both in transit and at rest.  User information held on our administration systems (either hosted by you or by us) is held encrypted in the database so that if a breach was to ever occur your data is still GDPR compliant.

Complying with GDPR policies

GDPR states that you must ensure that personal and sensitive data are protected from theft, and that data must not be held for longer than is necessary for the declared purpose.  Although not an explicit requirement of GDPR, prevention of the possibility of further processing of the data by preventing their ready use would be a helpful means of demonstrating protection of personal data and prevention of ready transfer to unregulated systems for unauthorized processing would be a very good way of demonstrating exceeding minimum requirements.

Locklizard document protection ensures you can demonstrate that you have complied and exceeded GDPR compliance.  You can:

  • protect documents with expiry dates so they can no longer be accessed after the pre-set end date is reached
  • protect documents with limited views so that sensitive data can only be viewed for a set number of times before it expires
  • protect documents with limited prints so that multiple high-quality printouts cannot be made to redistribute data
  • revoke documents at any time in the event of loss or change to authority (a mandatory deletion for instance)
  • enforce document use in specific locations, preventing use in locations that are not considered to have appropriate security
  • log document use so you can be certain who has viewed and/or printed sensitive data

So why are my documents more secure with Locklizard?

Some companies say ‘we do not require a special downloaded component (i.e. software users install) to view protected documents and this means that your recipients can view your documents more easily’.

What this means in reality is that your files can be compromised much more easily:

  1. Users can share login details with others (and therefore access to all your secure documents)
  2. Browser security is inherently weak with only JavaScript and obfuscation being the only tools to stop users removing the document protection
  3. Browser based technology cannot stop third party screen grabber tools or printing to PDF format (if printing has been allowed)
  4. Users may end up using an unauthorized browser that does the obey the DRM controls that have been applied (like preventing copy and pasting of text)

So if you are relying on a browser based system for your document protection and GDPR compliance then good luck.  No doubt their hosting infrastructure is secure, but if users can share login details or the document security is weak due to the lack of environment controls, then in reality anyone can access your protected documents.

 

Tags: data retention, document drm, document encryption, document protection, document security, drm encryption, encrypting documents, gdpr, gdpr compliance, gdpr data protection, protect documents, protect sensitive data, protect sensitive personal data, protecting documents, protecting sensitive information, sending documents securely
Share this entry
  • Share on Facebook
  • Share on Twitter
  • Share on WhatsApp
  • Share on Pinterest
  • Share on LinkedIn
  • Share on Tumblr
  • Share on Vk
  • Share on Reddit
  • Share by Mail
https://www.locklizard.com/wp-content/uploads/2018/05/document-encryption.png 288 479 jofletcher /wp-content/uploads/2015/02/logo.png jofletcher2018-05-31 17:11:142022-12-23 10:42:31GDPR & document security

Free Trial

“Fantastic product… outstanding support.”

“We would recommend Locklizard to others”

“The clear leader for PDF DRM protection”

“Our ebook sales have gone through the roof”

“Simple & secure – protects IPR from theft”

Trusted by:

Protect IPR

See why thousands of companies use Locklizard to safeguard their documents and increase revenue streams.

  • Our Customers
  • Customer Testimonials
  • Customer Case Studies
  • Locklizard vs Competitors

Latest Posts

  • How to password protect a Google DocJanuary 20, 2023 - 8:26 pm
  • Azure Rights Management: How good is its protection?January 10, 2023 - 7:21 pm
  • How to Add a non removable Watermark in WordDecember 30, 2022 - 5:50 pm
  • How to make a PDF non editable without passwordsDecember 20, 2022 - 7:10 pm
  • How to create a stamped PDF that cannot be removedDecember 9, 2022 - 4:17 pm
PDF DRM Features
  • Protect PDF files
  • Stop PDF sharing
  • Stop PDF copying
  • Restrict PDF editing
  • Add PDF watermarks
  • Disable PDF printing
  • Stop screenshots
  • Expire PDF files
  • Revoke PDF files
  • Lock PDF to devices
  • Lock PDF to IP
  • Track PDF opens

How To Guides

Password protect Google Doc
Add a watermark in Word
Make a PDF non editable
How to create a stamped PDF
How to prevent ebook piracy
Password protect a Word doc
How to protect a PDF securely
How to revoke document access
Change PDF security settings
How to disable printing of PDFs
Sell online courses securely
How to add security to a PDF
Encrypt a PDF without Acrobat
Share documents securely
How to prevent PDF sharing
Protect confidential documents
How to publish ebooks securely
How to restrict PDF editing
How to password protect a PDF
How to protect ebooks
How to sell Reports securely
How to make a PDF read only
How to send a PDF securely
How to watermark a PDF
How to lock a PDF from editing
How to encrypt a PDF
How to make a PDF expire
How to password protect a PDF
How to protect online courses
How to email a PDF securely

Try Safeguard today

Start protecting your PDF files and documents from sharing & piracy

PRODUCTS

Product Overview
Safeguard
Safeguard Enterprise

Add-ons

  • eCommerce API
  • Command Line
  • USB Protect
  • Web Publisher
  • Own Branding
  • Custom Email

Secure PDF Viewers

  • Web Viewer
  • USB Viewer

SECURITY FEATURES

Stop copying, editing, saving
Disable PDF Prints
Block Screenshots
Disable Copy Paste
Dynamic Watermarks
Expiry & Self Destruct
Revoke Documents
Device Locking
Location Locking
Track PDF Use

PRICING

Purchase & Pricing
Instant Quote

RESOURCES

FAQs
Locklizard Blog
Knowledgebase
Security Guides
White Papers
Viewer Demo
Videos

DOWNLOADS

Secure Viewers

  • Windows
  • Mac OS X
  • iOS
  • Android

Writers
Product Manuals
FREE Trial

DOCUMENT SECURITY

Share Documents Securely
Protect Online Courses
Stop Ebook Piracy
Document Encryption
Secure PDF Distribution
Protect Confidential Documents
Ebook DRM

Protect PDF Files

  • PDF Copy Protection
  • Lock PDF files
  • Encrypt PDF
  • Secure PDF
  • PDF DRM

INDUSTRY SECTORS

Training & Elearning
Publishing Ebooks
Publishing Standards
Online Libraries
Membership Associations
Engineering
Government
Healthcare
Mergers & Acquisitions
Secure Reports From Theft

  ABOUT US

About Us
Our DRM Technology

Customers

  • Case Studies
  • Testimonials

Locklizard vs Competitors

  • Secure Data Rooms

Company Brochure

  CONTACT

sales@locklizard.com
support@locklizard.com

Business Hours:
Mon – Fri: 8AM to 5PM EST
Tel (US): +1 800 707 4492
Tel (UK): +44 (0)1292 430290

© Copyright 2004-2022 Locklizard Limited. All rights reserved.Privacy Policy|GDPR Policy|Cookie Policy|SITE MAP

Scroll to top