Secure Distribution & DRM

Secure Document Distribution: Securely distribute documents & PDF files

  Free Trial & Demo

“Fantastic product… outstanding support.”

“We would recommend Locklizard to others”

“The clear leader for PDF DRM protection”

“Our ebook sales have gone through the roof”

“Simple & secure – protects IPR from theft”

Trusted by:

Using Locklizard to Protect & Distribute PDF files securely without passwords

How to distribute a PDF securely

Protecting and distributing a PDF or multiple PDF files is simple and secure with Safeguard PDF Security.

To protect PDF files, right-click on them in Windows File Explorer and select the menu option ‘Make Secure PDF’.

Strong PDF Encryption with DRM controls

Safeguard PDF security protects PDFs with US Gov strength AES encryption to prevent unauthorized access, and uses licensing and DRM to control what authorized users can do with your documents:

Safeguard provides secure document distrubtion:
  • protect PDF files on your computer – no uploading of unprotected documents to a cloud server
  • distribute your protected PDFs just like any other file
  • PDFs are locked to individual devices so they cannot be shared
  • there are no passwords to enter, manage, share, remove or forget

protect pdf file

   SECURE DOCUMENT DISTRIBUTION

Why encryption and passwords is not enough to securely distribute documents and PDF files

  1. Encryption protects against unauthorized access, not document use
  2. Users can share passwords, and therefore ‘protected’ documents
  3. Once a document is decrypted, users can do what they like with it
  4. You need licensing controls to lock documents to authorized devices
  5. Only DRM can control document use (copy, print, screengrab, etc.)

“We purchased Safeguard PDF Security to securely distribute PDF files, control document access and un-authorised use.

We now have greater control on who/how our material is accessed when distributed around the world, including limiting the number of prints and using expiry controls to manage subscriptions.

We would recommend Locklizard to other companies for secure PDF distribution.

Safeguard PDF Security does what it says – it provides a manageable, cost effective uncomplicated way to protect PDF documents, your investment.”

Why Locklizard for Secure Document Distribution?

Securely distribute PDF files and documents with persistent control over their use regardless of location

  • Document Protection

    Multiple data security technologies ensure your documents can be securely distributed without fear that they will be shared or pirated.

    Encryption

    Used to protect documents from unauthorized access and lock keys to authorized devices.

    Licensing controls

    Used to identify users and their devices and to control user access to documents.

    DRM

    Used to control document use:

  • Lock documents to devices

    To prevent users from sharing protected documents with others, Locklizard locks document use to authorized desktop or mobile devices.

    If an authorized user forwards a protected document to another user, they will not be able to open it unless you have authorized that device.

  • Lock documents to locations

    There may be occasions when you do not want confidential documents to leave your office premises – internal document distribution means just that.  But with BYOD (bring your own device), this has become a difficult problem to solve.

    Locklizard document security lets you lock PDFs to specific locations (say an office) so that your confidential documents will only be viewable from that location and no other.

    Location locking can be enabled on a global or user basis and at both country and IP levels.

  • Expire Documents

    Locklizard enables you to enforce document expiry either on a given date or following document usage rules.

    There are many reasons you may want to expire PDF documents when securely distributing documents:

    • to comply with document retention policies
    • to enforce version control
    • free trial usage (e.g. 1 or 2 views before purchase)
    • enforcing complying with disclosure requirements
    • enforcing subscription periods to a service or series of documents

    Expire PDF files:

    • After a number of views
    • After a number of days
    • On a fixed date
    • After a number of prints
    • When a subscription period has ended
    • At any time you decide
    • Set documents to automatically expire on a document and/or user basis (so the same document will expire at different times for different users).
  • Revoke document access

    Being able to revoke document access can be vital when confidential documents have been distributed or where chargebacks have been applied against a purchase of a document (e.g. a book, a report or a training course).

    Locklizard enables you to revoke PDF files at any time regardless of where they are located, ensuring your documents are always under your control.

  • Track document use

    Tracking if or when a protected document has been opened or printed can be essential for accountability or audit purposes.  You may need to prove that the recipient has not only received the document but has also read and/or printed it.

    LockLizard enables you to track and monitor PDF use by recording all document opens and prints.  See the number of times each document has been opened and printed, when and where this occurred and by whom.

  • Permanent & Dynamic watermarks

    Quickly add custom “not for distribution” watermarks to all copies of your PDF.  Use dynamic variables that are replaced with user information on print or open to dissuade unauthorized sharing.

Locklizard takes your document protection seriously.  Distribute documents securely without insecure passwords or plug-ins, and enforce access, location, expiry, and usage controls.  Whether you need to accomplish secure internal document distributionsecure external document distribution, or secure distribution of revenue generating documents, Locklizard ensures your PDF documents remain safe no matter where they reside.

Managing secure distribution of confidential documents & PDF files: DRM in content life cycle

  Defining content lifecycle

Content lifecycle is defined by some as the series of changes in the life of any piece of content, including reproduction, from creation onward.  This definition is somewhat inadequate in regards to confidentiality, as a document’s classification may vary regardless of changes to the document itself.  The apparent importance of content may change due to additions in a  wider collection of content or changes to the perception of the value/importance/secrecy of certain content.

For instance, a person’s name without any other data is not confidential, but if it is connected to their medical records it certainly is and should be protected in line with HIPAA requirements.  Or, customer political information may not have been considered sensitive personal data until GDPR came into effect.

  Who is responsible for defining what content is confidential & secure document distribution?

Managing secure document distribution for confidential or sensitive documents (use of Digital Rights Management) is a dynamic activity.  There have been many attempts to automatically determine when documents are confidential (some by text examination and others by analyzing metadata), but these have all had their problems because even experts can find classification difficult.  The word ‘acquisition’ for example, may be confidential in the context of buying a corporation but uninteresting when buying a software package.  Linguistic context may not help – “This will be an important acquisition,” does not tell us much unless a monetary sum is conveniently nearby.

Generally, when sensitive information or confidential documents are to be distributed, it is known at a management level if the content should be controlled or not.  Responsibility for managing the situation is typically down to either IT systems managers, where the distribution is from computer application to computer application, or departmental management, where the document distribution happens.

Is the content confidential?


Though some organizations may develop a set of guidelines, there is no binary definition of confidentiality.  It’s useful to think not of the content itself, but of the impact that content would have should it become public knowledge.

Let’s take the disclosures of Edward Snowden in 2013 as a high-profile example.  One of the leaked documents, a PowerPoint updating parties on the companies who have data sharing agreements, probably wasn’t that interesting to anybody at the NSA.  However, this document, and documents like it, ultimately led to the invalidation of the EU-US Safe Harbor Agreement and caused overwhelmingly negative press for both the NSA and the tech companies involved.

The same can be applied on a far less drastic scale.  The leak of a common customer name, say, “John Smith”, probably won’t be damaging.  But if that customer’s name is something uncommon, say “Elon Musk”, or is accompanied by a date of birth, suddenly that information is identifiable.

So, the answer to whether or not content is confidential will depend on whether somebody has deemed the damage its leak would cause significant enough for it to be classified as such.  Either way, had DRM-enforcing technologies been in use by the NSA, the press would have received nothing from Snowden other than a near-useless, encrypted jumble.  Protect the file’s content, and the only information that can be shared is its file name and other metadata.

  Distributing documents securely and the role of encryption

Exchanges between computer-based applications generally use encryption in order to protect the transfer from being intercepted or misused.  But managing the document content itself has proven rather more difficult.  Trying to use encryption on its own is technically difficult because although it perfectly preserves the original content, it has no continuing control over how a file is used once it is decrypted and returned to its original form.

A simpler approach to exerting continuing content control has emerged with the increasing availability of Digital Rights Management technologies that can be applied to important documents in order to protect confidential content.  This works because using DRM it is possible to control subsequent use of the document instead of relying upon ‘conventions’ or ‘understandings’ as to how the content is to be controlled once it has been disclosed.

  Confidentiality through redaction

A commonly used alternative, although rather less successful in the world of digital documents, is the use of data redaction to control access to sensitive information.

Data redaction is used to render only specific data items inaccessible, and it does not seek to control the subsequent use of the sensitive documents’ content.  It does so by blanking over the part of the document that is confidential, but leaving the surrounding information untouched.  In many systems, this is achieved by putting a mask over the visible content without removing the underlying content.  This is problematic because the underlying data remains accessible to anyone able to edit the file or view its code.  Thus, an unauthorized user can read and process the unredacted text.

A redacted document in Safeguard PDF viewer

  Adding confidential watermarks

While many applications (Adobe, MS Office, Google Docs, etc.) can be used to easily add a confidential watermark to a PDF, they all suffer from the same problem – namely it is trivial to remove them.  Users can instantly remove restrictions and then edit the document to remove all watermarks in a single action.

DRM is used to prevent users editing PDF content and stop screenshots being readily taken, so that watermarks cannot be easily removed.

  Content available for a limited time

According to James Bond, “Diamonds are forever,” but the same certainly isn’t true for document content.  Frequently, controlled content has limited accessibility.  This may be due to information being superseded and so is no longer valid, or that it is only given a certain lifetime to begin with.  Controls are needed to prevent this content from being available before it is officially released or after it has reached the end of its lifecycle.

Overall, document distribution software needs to take into account a number of dates:

  1. the date before which the content may not be used
  2. the length of time the content can be used for (some legislatures mandate 6 years maximum from collection to use personal information); the date on which the content ceases to be available, or on which it becomes publicly available
  3. the length of time content can be used after first being used
  4. the number of times that the content may be used by a specific user.

Document expiry should happen automatically whether the user is online or offline, with the ability to also revoke access manually when the need occurs.

  Content kept confidential by location

Further content controls may be applied at the IP address level.  At one level, this kind of content control is used to prevent data leakage outside of specific networks or groups of networks.  Either all documents are restricted to one or more individual or groups of network addresses, or specific users are restricted to the range of acceptable addresses they can use content that is protected.

Using IP level controls may also be extended to determining the geographic locations that are permitted.  This may prove to be an essential technique when some documents may be embargoed in some countries, or where content is country specific.  For instance French content may be restricted to France and Canada and not available in Belgium, where English content may be provided.  Also, some countries may forbid or censor content and prosecute publishers who fail to prevent content use when it is not approved.

  Auditing use of confidential content

Underpinning content control is providing audit information about the use of content.  It is all well and good having applied content controls, but how do you know they are working?  Where content is being used, logs need to be maintained that list which users have opened the documents, at what time, and from what IP.  This may also enable content controllers to identify if sensitive data is being accessed in locations that are inconsistent (appearing in a country they are not expected to be in, for instance, or being in several places at the same time) and might require investigation.

  Summary: Secure document distribution and content management

In summary, secure document distribution and content management for confidential documents may be achieved by using DRM security features.  These enable you to bind controls to the content that are abiding.  Confidential content in a lifecycle management sense has many dimensions beyond file access controls:  Controls are needed by dates, numbers of accesses, numbers of printed copies made, and location in order to allow the content owner to be effective in managing confidentiality.  Further, there must be provisions for the content owner to change their minds about controls such as start and expiry dates and prints.

   FAQs

Is secure document distribution with Google Drive feasible?

Secure document distribution with Google Drive is possible, but it requires the document to be protected with a DRM tool before it is uploaded to the cloud storage service.  Google Drive’s in-built restrictions are easy to bypass by disabling JavaScript in the browser.

Additionally, it’s just not a good idea to upload unencrypted sensitive documents to the internet.  If Google’s server gets hacked due to a security breach or a rogue employee decides to steal some data, it’s your business on the line.

Is it possible to distribute documents securely via email?

Yes, absolutely.  The documents just need to be protected with a DRM solution before you attach them.  The problem with email services is that they only offer end-to-end encryption of device attachments at best.  This does nothing to stop the receiver from sharing it with anyone they wish once they have decrypted it.

Are secure file sharing services or a secure portal a replacement for DRM?

Secure file sharing services are generally just regular cloud file storage services with end-to-end encryption and two-factor authentication tacked on.  Occasionally they do include expiry controls, but these are ineffective as browser-based solutions can’t stop someone from copying the content to another document and keeping it past the expiry date.

If you want to control what happens to the document after it has been opened, then DRM is usually the best choice.

Is a secure link effective for distributing files securely?

No, once a user has downloaded the file they can share it with others without any restrictions, (expiry controls only apply to the link).  Dropbox for example lets you password protect files or a folder and then share a link to them, but once someone downloads them they can be easily shared without any protections.

Is password protection enough to protect business documents during distribution?

PDF password protection only protects documents at transit and at rest, and even then its encryption can be bypassed – see how secure is Adobe PDF encryption.  Adobe PDF editing restrictions, meanwhile, can be removed in seconds with free tools, making them next to useless.

Ultimately, password-based encryption isn’t enough to protect the document when it is in use.  For that, you’ll need a DRM solution.

Is Microsoft Word password protection useful for secure document distribution?

No, it is no better than any other form of password protection – authorized users can remove the password or just share it with others.  Also, Word watermarks and document restrictions can be easily removed, so there is no additional benefit in using Word to password-protect docs.

Does Locklizard document DRM integrate with our existing workflow?

Yes, you protect PDFs on your PC and distribute a Locklizard protected document just like any other file.  Document protection and Admin System functionality (like assigning document access) can be automated for hassle free integration.

Does Locklizard help my business comply with HIPAA, GDPR, FINRA, and other regulations?

Yes, Locklizard ensures your documents can be securely distributed and used in a controlled manner.  You can automatically cease access after a certain time period, manually revoke access and track use.  Locklizard uses cryptography and licensing controls to ensure your documents can only be accessed and used by authorized users.  Take a free trial to see how your business can benefit.

Customer Testimonials