Document DRM: Enforcing Electronic Document Retention Policies
Using Document DRM to enforce electronic document retention
Electronic document retention
In the digitized age document management becomes an increasingly complex issue to grapple with. As the ability to create documents faster and with more automation has increased, so the technical amount of information that is processed and can be stored, maintained and administered increases. And although much information is created internally (database transaction records, emails and so on) a large amount of information is created and used externally (product specifications, test results, policy and procedure manuals and so on).
The two big problems with document retention are setting a retention period and ensuring effective deletion.
Document retention periods can vary from country to country, and by subject matter. So, for instance, income tax and corporation tax records are commonly held for 6 years, insurance (particularly life assurance) may have to be kept for 40 years, and some personnel records up to the age of 75 for the person referenced. This article is not intended to be advice or recommendations on specific periods, and you should seek guidance from national advisers.
And scattered across every corporate network are copies of documents that have been completely forgotten because there is no completely foolproof auditing mechanism. A quick check on three of our admin machines revealed files dating back to 2002 which perhaps should not really have been there. It turned out they were copies of some old ISO standards so no harm done – but it could have been different.
And that is the problem. When you have so many machines around, some, like the Bring Your Own Devices (BYOD) which are completely outside of corporate control anyway.
Electronic document retention and document DRM systems
It is a little known fact that Digital Rights Management (DRM) systems have a really valuable role to play in electronic document lifecycle management because they can enforce document retention periods and document destruction.
Electronic document lifecycle is all about ensuring that enterprise documents are created correctly, only issued when approved, are retained and are available only for the time period required by regulation. After that point documents must cease to be available. This also has to apply to documents that did not originate from inside the enterprise, but came from outside sources (typical examples of documents from outside include purchase orders consultant’s reports business correspondence reports on product tests).
The really difficult problem for the Information Manager (and their DMS) is to solve how to control the life of electronic documents that go outside of the enterprise, and therefore outside the control of a Document Management System (DMS). DMS systems only ever control documents inside their own databases – they don’t control documents as part of email, or in long term storage and backup. But, most importantly, they don’ t ensure that all instances of the document are removed from wherever they have gone to.
Why should this matter?
Well, in most industries there are two critical things – to be absolutely certain that you have all the information that regulators require, and that you have no information whatsoever that is not required.
This is not to suggest that enterprises are doing anything wrong in only keeping information as long as is necessary. Far from it. Corporate bodies (and governments) are obliged to take all reasonable steps to protect the interests of their shareholders, and that means removing theoretical liability by never having any documentation that is not actually necessary.
The major problem is that if information is also in the hands of people outside the direct control of the enterprise, then the enterprise cannot guarantee that the information will not be revealed.
But help is at hand! Document DRM systems are the only ones capable of providing the extended use controls over electronic documents that have gone outside of a DMS. But even then, not all Document DRM systems are equal.
At one level, a Document DRM system must be able to enforce that an electronic document cannot be used once its time is up.
At another level, a Document DRM enforcement system must be proactive in ensuring that access is prevented, by deleting it from the computer system on which it is held. Of course, with modern backup systems, you can likely always recover the original protected file, but the important point is that if the Document DRM enforcement system is actively preventing any access to the information, then it can be argued that it is not, and never can be accessible, and therefore does not exist.
At the same time, if, as a result of litigation, the process of discovery is taking place, then as soon as information is found under discovery then it must continue to be available regardless of any enterprise policies that may be relevant.
So this means that any Document DRM system must be capable of supporting several administrative functions. It must be possible to extend access to electronic documents beyond the date at which they should have been deleted. It must also be possible to delete all permissions for controlled documents so that they can never be recovered and accessed even if the controlled versions can be found.
And, the Document DRM system must actively prevent continued attempts to access documents once they have passed their ‘use by’ date.
Ordinary encryption systems simply do not ‘cut the mustard’ in this environment, because once the recipient has decrypted the information there are no abiding controls being applied to the documents. That is the power of DRM – to continue to apply the controls that the original information owner required, regardless of the desires of the recipient of the information.
Ensuring document retention & destruction requirements are met
When looking at a Document DRM system to achieve these results, make sure that it will impose an end date of use, so that you can be sure it will not be available past that date. But also make sure that you can change the end date! This is important because if the information has to be disclosed during litigation or the inquiries of a regulator, then you need the ability to make sure the information stays available until that process has ended, and once it has that access is ceased.
Make sure that you can remove the rights to use from recipients once their need to use the information has ended, and that you can delete any references to the protected documents so that once electronic document destruction has taken place the document contents cannot be recovered even if the protected document is available.
DRM controls provide you with a very effective means of enforcing electronic document retention and destruction without the need to reprocess backup tapes or try to recover information from email systems or other organizations.
Enforcing document retention policies with Document DRM
Locklizard Document DRM products enable you to enforce electronic document retention and destruction policies for your PDF documents and web based content. Information can be set to expire on a given date and once that date is reached, content is no longer viewable.
Locklizard has two different solutions available depending on which is more operationally convenient to you. Both of them allow you to distribute controlled documents which have fixed end of use dates (equivalent to date for deletion).
The first uses the installed Viewers approach. When an installed viewer is loaded to open a secure document it checks the date which is the end of life of the document with the current date. If the date is exceeded it will not open the document, so effectively it has been destroyed. This happens even where there is no check with the server (authorised offline documents). Where there is a server check, checks are also made to see that the document record has not been deleted from the Server, the document has not been revoked, and also that the user is still authorized. If any of these is true access to the document ceases at that time.
The second uses the browser based Web Viewer system. This works slightly differently because controlled documents are always downloaded new from the server each time they are used. So the end by date in the document is checked with server time and if it is exceeded the document will not open. Obviously, if the document has already been deleted or revoked for that user then the document will not be served.
Locklizard Document DRM enforces electronic document retention and destruction policies inside and OUTSIDE the enterprise ensuring document retention periods are kept, and your digital document retention and destruction requirements are met.