Securing PDF files: Viewing on just one PC possible?

xxx-420blazeit-mlg-snipez-xxx · 2023-08-02T06:25:28.000Z

Hey people!

We’re distributing manuscripts for webinars to our customers and many only want them digitally (PDFs) nowadays.

I’ve been tasked to check possibilities of securing those PDF files. I know about user and owner passwords with their various checkboxes. That’s all neat and fine, but won’t stop anyone who got the file and user password from spreading both together.

I also know that nothing is completely safe and with enough evil intent, anything is possible. Also, using Snipping Tool or even OBS to capture the screen is also possible, or even using your smartphone’s camera, yadda yadda.

Now I thought that maybe there’s a way to only allow users to open the files on their own PC. Something like a software dongle or so? This might overshoot the goal by a long shot and of course, we want to keep a nice balance between usability and security, but we feel like adding a watermark onto the pages and securing it with a password might not be enough. Maybe there’s even an online solution to which we can upload the files and control someone’s access?

Any thoughts?

foo · 2023-08-02T10:46:50.000Z

Certificate based encryption implies only the one with the certificate can open, so that satisfies the request.

Others can use the pubkey to encrypt, but only the person with the private key can decrypt, this is more complex than a password and not so easily shared

However, it is not just a screen picture/snip/etc, if you are afraid the one with the password may share, then the one with the document cannot be trusted, and no matter how you encrypt it, the user can save an unencrypted copy and share the actual document.

Encryption is for protecting against unauthorized access, anyone WITH authorized access defeats it every single time regardless of tech used. Just ask the CIA, FBI, Pentagon, where stuff like this is becoming the norm.

The issue is trust in the employee, not encryption tech used.

xxx-420blazeit-mlg-snipez-xxx · 2023-08-02T10:57:39.000Z

Saving an unencrypted copy would only be possible with the owner password, but I absolutely get your point.

I was trying to see what PDF-XChange Editor is capable of and, sure enough, it’s able to work with certificate encryption, but somehow it won’t let me use that “as a new security method for documents.” without stating any reason.

“Encryption is for protecting against unauthorized access, anyone WITH authorized access defeats it every single time regardless of tech used.”

This is a very important note, I think. So, by sending the manuscripts to the customers we’re already basically giving up any kind of safety measure. So, what would you suggest? Password plus watermark and everything else lies in the customer’s hands?

foo · 2023-08-02T12:34:34.000Z

What is the intent, traceability, confidentiality, proprietary data protection?

And and " Saving an unencrypted copy would only be possible with the owner password" not entirely true, that is an application restriction only.

If I am reading that correctly, you wish to take a document you have and pass it to another party outside your organization with the intent that a single recipient could only work with THAT document on that system, not make and disseminate copies of the document data in either encrypted stat another can open or unencrypted state in general?

hkdudues · 2023-08-02T12:46:45.000Z

foo:

What is the intent, traceability, confidentiality, proprietary data protection?

And and " Saving an unencrypted copy would only be possible with the owner password" not entirely true, that is an application restriction only.

If I am reading that correctly, you wish to take a document you have and pass it to another party outside your organization with the intent that a single recipient could only work with THAT document on that system, not make and disseminate copies of the document data in either encrypted stat another can open or unencrypted state in general?

If that’s the case the only viable option would be a self destruct PDF (document) like they use for libraries and text-books. You get this file for x-Number of days then poof.

This is from googling it (only an example; I cannot verify how good this company is): PDF & document expiry and self-destruct: Setting one-time links - Digify

phildrew · 2023-08-02T12:53:23.000Z

So, the people attending your webinars want to have the information in an easy to read and portable format, and you’re trying to put roadblocks for them to access and consume that information? I think you’ve missed the mark. I understand that there is a desire to protect the info from your webinar, but you need to accept that once you distribute it, that it’s largely out of your control.

You could watermark each copy you distribute with a QRcode or some other unique identifier. Then you’d know the source of the leak should your manuscripts show up online - use the identifier to tell you which person leaked their copy and pursue legal action against them - much like how movie studios embed identifiers on screeners they send out before opening night.

Microsoft is offering watermarking with their Virtual Desktop service when it needs to be highly secure. Maybe this is worth investigating?

phildrew · 2023-08-02T13:01:46.000Z

Better question: What are you doing to secure the non-digital manuscripts you currently distribute?

tim-smith · 2023-08-02T17:00:20.000Z

phildrew:

Better question: What are you doing to secure the non-digital manuscripts you currently distribute?

This^^^

If you collect the printed manuscripts afterwards, but someone wants a digital copy, provide them one. On an iPad that you collect after the webinar. If you let the physical manuscript walk out the door, the person can scan it in and have their own completely unprotected PDF that they can share with anyone. You can never completely secure anything so your best bet is to encode the attendee’s name or ID number into the text of each page so if one ever turns up on the internet, you know who shared it. Look at “text based stenography”: How to stash secret messages in tweets using point-and-click steganography | Ars Technica

foo · 2023-08-02T18:05:31.000Z

Agree to all. The only data security is policy, there is NO tech that prevents a legitimate data consumer from duplicating data. I would challenge someone to give me a PDF in any form that I could not remove an protection from. Aside from an isolated terminal, I could not interact with, and metal detector/search on the way in. If its in my possession, I will wager on it.

First would be start throwing alternative PDF readers at it and see if I could get any to print/save.
Then likely ghostscript if those did not work…

PSR, put it in reading mode and next next, then just put the pages back in order from the screen grabs on each click.

Second Record the screen, ffmpeg trim it down to pages HxW, and export frames, put it back together.

As you can see there are far more effective ways than the crud snap a picture.

You said it yourself in the original post " Also, using Snipping Tool or even OBS to capture the screen is also possible, or even using your smartphone’s camera, yadda yadda." so you acknowledge there are ways, why over complicate those ways to the same end?

I still say the best you can do is secure it in transport to make sure ONLY the intended viewer views it initially, past that you have zero control over what happens.

ecs3912 · 2023-08-02T21:38:01.000Z

Does your organization use Microsoft 365? There are a number of ways to distribute documents to users outside of a primary org, in a time bombed and secure fashion using M365 services. Of course you can’t stop someone from snipping or taking a photo of the document while its open and on screen, but you can certainly control who has access and for how long. We have distributed sensitive documents via OneDrive share links with tremendous success. Only the intended recipient can open the document, they are required to authenticate via 2fa using the email address associated with the share link. Once authenticated, the recipient can open the document (pdf, excel, image, word, etc.), but cannot print, download, screenshot or re-share to anyone. Also, there is an awesome audit trail which tells the tale of who, when, and in some cases even where the document was opened. All depends on your config.

There are several DRM software products on the market that can achieve your goal as well. We have used Locklizard to distribute technical publications to clients, completely locking down ability to do anything but view in a proprietary locally installed desktop client.

Any solution is going to require an investment, it all comes down to how much retaining control over your manuscript is worth, but what you are looking for entirely exists.

xxx-420blazeit-mlg-snipez-xxx · 2023-08-03T03:12:42.000Z

Lots of good input here, gotta give you people all the spice you deserve!

All your points are basically reinforcing my opinion on the topic and only make it easier for me to explain to my user.

We’ll continue using watermarks and a user password then. Using customer specific watermarks to identify who leaked the information is another good point here. Thank you guys!

ECS:

Does your organization use Microsoft 365? There are a number of ways to distribute documents to users outside of a primary org, in a time bombed and secure fashion using M365 services. Of course you can’t stop someone from snipping or taking a photo of the document while its open and on screen, but you can certainly control who has access and for how long. We have distributed sensitive documents via OneDrive share links with tremendous success. Only the intended recipient can open the document, they are required to authenticate via 2fa using the email address associated with the share link. Once authenticated, the recipient can open the document (pdf, excel, image, word, etc.), but cannot print, download, screenshot or re-share to anyone. Also, there is an awesome audit trail which tells the tale of who, when, and in some cases even where the document was opened. All depends on your config.

There are several DRM software products on the market that can achieve your goal as well. We have used Locklizard to distribute technical publications to clients, completely locking down ability to do anything but view in a proprietary locally installed desktop client.

Any solution is going to require an investment, it all comes down to how much retaining control over your manuscript is worth, but what you are looking for entirely exists.

We’re using MS365 yes! Currently, the only use case for OneDrive/SharePoint is Teams, but I thought of that as well! The only “problem” is that many people see 2FA requirements and just stop going forward as installing an authenticator app just for this one use and setting it up might be annoying to them. BUT it’s a very good point as well!

ecs3912 · 2023-08-03T20:16:31.000Z

M365 allows authentication methods for OneDrive links that do not require installation of an Authentication app. Just an FYI. The solution is worth looking into, considering that you are already paying for the required license.

spiceuser-gav · 2024-09-26T06:17:56.307Z

Peace-D:

Now I thought that maybe there’s a way to only allow users to open the files on their own PC. Something like a software dongle or so? This might overshoot the goal by a long shot and of course, we want to keep a nice balance between usability and security, but we feel like adding a watermark onto the pages and securing it with a password might not be enough. Maybe there’s even an online solution to which we can upload the files and control someone’s access?

Any thoughts?

Actually it is the area of DLP solution (data loss prevention). You can search a product called Curtain e-locker. It is doing exactly what you look for. I allow users to use controlled files in specific folders. They could not take it out if not allowed.