Right-click on a PDF file, then in Safeguard Secure PDF Writer choose the PDF protection options:
Many people think that encrypting a document stops it from being stolen. And they are right – only whilst it stays encrypted. That’s why hackers never attack SSL, and always attack the endpoint when the secrets have been revealed.
The point about DRM is that it controls what happens next – what the recipient is licensed (allowed) to do with the information after it arrives. And that is what makes DRM a much more powerful tool than encryption.
As everyone (especially the music and film businesses) knows, it is not easy to stop forwarding and stop sharing. Torrent sites for example appear to encourage forwarding and sharing as their only objective. But unless you do something, once a document has been opened by the recipient they can do just what they want and there’s nothing you can do about it.
Typical DRM controls stop forwarding by making sure that only encrypted files can be forwarded. So even if someone forwards a file, all the recipient gets is an encrypted file. Then file forwarding as a method of file sharing doesn’t work because unless the recipient has the key to open the file they cannot do anything with it. Locklizard protected files are always encrypted with secret keys (not disclosed to the user) to stop file forwarding from being successful.
To further stop sharing, a DRM system will prevent a recipient from being able to transfer their own license to use the file by locking it to an authorized device. If this is not done then the license can be passed from one user to another (rather like a password can be passed on). So to stop sharing you need this control as well as others.
You can use licensing controls to strengthen DRM even further and prevent PDF sharing by restricting use to specific locations. So, for example, if a user takes their device (a laptop, mobile phone, etc.) home with them they will not be able to view protected content from that location but are able to view it at the office.
Another key requirement of any DRM system is to stop sharing by preventing copy and paste. This may be by making content unselectable, disabling the use of any copy command, or by ensuring that any pasted content is overwritten in memory so it is not usable.
To prevent copy and paste also means you must prevent screen grabs, so users cannot take high quality screenshots with screen grabbing applications. And this includes preventing screen grabs from remote connections.
If you do not prevent copy and paste then anyone opening a document can transfer the contents out into another application (Word, a publishing package), either a screen at a time or many screens.
And this leads us to the need to stop printing or to create a print disabled PDF file. Some of the DRM controls, such as those to prevent copy and paste or stop screen grabbing are obviously to stop forwarding and stop sharing. But a major weakness that does not stop forwarding is printing since users can therefore print documents and send them to others.
Obviously one way to stop printing is to disable printing (prevent PDF from being printed). But to stop printing to make a real print out (and then having users scanning it back in to make a new document) may not be practical. You may have to allow printing. So it is also essential to control printing rather than to stop printing altogether.
If you allow printing then it is possible for the user to ‘print’ to a PDF driver, and create an unprotected PDF file which can then be distributed to others – so you did not stop forwarding or stop sharing. So if you cannot stop printing you must take other steps to prevent sharing and stop forwarding. Using DRM, rather than stop printing you can prevent use of file drivers, which is more elegant than acting to disable printing. A user has to go to the effort then of scanning the document back in and saving it to a file before they can distribute it to others (although it will be missing essential links and won’t be as high quality as the original).
The other obvious step is to add non-removable dynamic watermarks to the printout. This does not stop printing and scanning, but can link the identity of the user to the document. And despite what people say about copying, they don’t want their name to be on the copy especially if it is available for download from the Internet. The end result is you do not necessarily have to stop printing in order to stop forwarding or stop sharing (or at least discourage it).
If you want to allow prints but enforce secure document printing, then see print management security & printing documents securely on how to achieve this.