Two Lesser-known FileOpen Features: Screen Capture Prevention & Watermarking

Posted by FileOpen DRM News

Document security is one of the most important challenges faced by businesses today.  Your documents contain your company’s proprietary, confidential or regulated data and are likely the most valuable things on your computer or network. FileOpen document security and rights management software not only allows businesses to set up strict access and usage controls to documents, it also provides additional layers of security to prevent or deter the unauthorized redistribution of the data in your documents.

Today we will take a look at two lesser-known features available in FileOpen software that protect your all-important data; screen-capture prevention and user identifying watermarking.

Screen capture prevention

For our most security conscious customers FileOpen offers screen-capture prevention in environments where possible; more specifically Windows operating systems.  FileOpen has obtained a  Code Signing (Class 3) Digital ID giving permission to run services at the kernel level, including monitoring for a screen capture event.  Once an event has been identified, our app hides the content of the protected document.  The screen shots below illustrate a FileOpen-protected document with and without screen capture prevention enabled. 

FileOpen-protected-documentFileOpen-protected PDF, viewed in Adobe Acrobat/Reader DC with the FileOpen Plugin, without screen capture prevention enabled.  Image captured with the Windows Snipping tool.

FileOpen-screen-capture-preventionFileOpen-protected PDF, viewed in Adobe Acrobat/Reader DC with the FileOpen Plugin, with screen capture prevention enabled.  Image captured with the Windows Snipping tool.

To be clear, we do not claim that FileOpen guards against all methods of screen capture; it is always possible for a determined adversary to use a camera or to transcribe content manually. Nothing is 100% secure unless it is 100% unusable.  That said, FileOpen screen-capture protection adds real value by preventing screenshots in environments where it can do so without impacting the recipient’s ability to use the document as intended. 

User identifying watermarks

In addition screen capture prevention FileOpen offers user identifying watermarks. Watermarks can be applied on-screen and to printed copies of protected documents and can be different watermarks in the two cases.  These watermarks are a defensive mechanism addressing the human element; a recipient is far less likely to disseminate content where they are identified as the source.

Watermarks can be configured as needed and can be edited with immediate effect. They can contain static and variable information (for example, the recipient email address, IP address, user host name, print driver and the date and time of view/print). For this reason, different users will see the same document with different watermarks.  FileOpen watermarks are supported  in PDF on Windows and Macintosh, in OPN on all supported devices, and in the FileOpen HTML5 rendition.

The screen shots below illustrate a FileOpen-protected document with user identifying watermarks.

FileOpen-user-identifying-watermarks-in-PDFFileOpen-protected PDF, viewed in Adobe Acrobat/Reader DC with the FileOpen Plugin. Both variable and static watermarks are present.

FileOpen-user-identifying-watermarks-Web-viewerFileOpen-protected PDF delivered in OPN format, viewed in Chrome without any clients or plugins.  Both variable and static watermarks are present.

Contact us today to learn more about the FileOpen document security or request a free 14-day trial.



Topics: document control, data protection, stop document piracy

What makes FileOpen document security & control different?

Posted by FileOpen DRM News

At FileOpen we understand that building out your security infrastructure can be a daunting task.  Every document security and DRM vendor claims their solution is bigger, better and faster than the others.  It is vital to evaluate these claims and potential issues before a solution is purchased.  We advise our potential customers to create a checklist encompassing their core requirements and desired results.   A checklist may start small and grow as you assess each solution.  To assist in this process we have put together a few questions based on what our customers have consistently identified as important differentiators, such as:

  • Security and encryption
  • Recipient ease-of-use
  • Day-to-day administration and permissioning
  • Flexibility and extensibility (integrations)

Security and encryption

This section covers issues pertaining to file-level security and encryption.  This encryption makes the contents of your files indecipherable to unauthorized individuals. Document encryption uses complex mathematical algorithms to convert documents into an information package that cannot be read until there is a positive client server interaction verifying user identity and permissions. So, if an unauthorized individual intercepts an encrypted document they will not be able to access and read it.

FileOpen gives you a choice of encrypting on-premise or in the cloud, so you never have to upload an unprotected file. Once the document is protected, it can be distributed safely through whatever mechanism or protocol is most appropriate.  Documents are secured at all times and can only be accessed after a positive client server interaction verifying user identity and permissions.

Other Vendor
  1. Does the solution offer local encryption so source files are never transmitted over the internet?


  1. Are decryption keys stored within the document?


  1. Can the permission data be stored separately from the document?


  1. Can permission requests and data be encrypted as well as the document?


  1. Can document controls be enforced even after being downloaded to the recipient’s device? Offline?



Recipient ease-of-use

One of the biggest challenges of document DRM is making it easy for your users to share, access and work with protected files.  No organization wants to lose control of protected documents, or to place unnecessary barriers between authorized users and the information they need to do their jobs.  With FileOpen’s versatile client set you can define when, where and how users can interact with documents while still allowing users to use the productivity tools of their choice.


Other Vendor
  1. Does the solution provide protected files in standard file formats like Adobe® PDF, Microsoft® Word®, Excel® or PowerPoint®?


  1. Does the solution provide a preview of protected document to authorized users without any software installation (plugins/clients)?


  1. Can protected files be accessed from mobile devices? 


  1.  Are native applications required for mobile viewing?



Day-to-day administration and permissioning

This section covers issues pertaining to administering document access and usage controls.  These features allow you to securely share your files with others, while maintaining full control over who accesses them and how they can work with them. With FileOpen software, you control who can access your files by defining groups and including the users in these groups. For each group, you set specific usage policies, such as print restrictions, watermarks and offline capabilities. You then protect documents by assigning them to their respective groups, according to the permissions you want to grant. You can change a user’s or documents group membership at any time, with immediate effect.


Other Vendor
  1. Can the solution control printing, copying and saving of the file?


  1. Does the solution provide user-identifying watermarks on document view and print?


  1. Does the solution provide the ability to grant offline access? Configure how long offline access is permitted?


  1. Does the solution provide an out of the box, easy-to-use authentication scheme?


  1. Can the administrator of the solution remove access to specific documents, users or user’s device?


  1.  Does the solution provide access to activity reports by user, document and failed access attempts?


  1. Can the solution be configured to automatically apply permissions to documents? Provision users?



Extensibility & flexibility

This section is designed to help you find an integration-friendly solution; one that enhances and extends current investments.  At FileOpen, we work with customers evolving standalone solutions into infrastructure that protects and controls documents as they are created or on-demand. Our extensive list of services and APIs allow any person or system within an organization to protect documents and permission authorized users.

Other Vendor
  1. Can the solution be implemented on-premise? Or as a Software-as-a-service (SaaS) solution?


  1. Can the solution be configured to protect files as they are created?  In batches?  On-demand?


  1. Are there specialized services for eCommerce?


  1. Does the solution integrate into cloud-based sync-and-share systems like Dropbox?


  1. Does the solution extend current directory services? Does it support mixed-mode authentication?


  1.  Can the solution connect to existing NAS?


Creating a vendor checklist can be a difficult task but after reviewing your company’s polices you should be able to create a list that will help you decide which solution will conform to your company’s security requirements.  Contact us today for more information on how FileOpen solutions stack up or sign up for a free 14-day trial and see for yourself.

[1] The FileOpen Plugin/Client is required to securely collaborate within native publishing tools like Adobe® Acrobat®, Microsoft® Word® and Excel®
[2] While not required to preview a FileOpen-protected document in a browser, native iOS and Android Apps are freely available and provide a larger feature set.
[3] FileOpen offers extensive APIs to connect document and user permissioning to almost any third party system.  


Topics: document control

Simplifying File Sync and Share Security

Posted by FileOpen DRM News

File sync and share is an essential part of doing business today.  It’s likely your employees use multiple tools to sync files across personal and corporate devices, including phones, tablets and laptops; sharing files and folders with friends, family, colleagues, prospects and customers.  Employees have embraced the cloud, but likely without considering the necessary security precautions.  We know we should be wary of moving our high-value or confidential documents to an external server; however it is often the easiest way to get the job done  file-sharing-internet-traffic

Put simply, most file sharing services lack the tools IT needs for administration, control and visibility. At present, most cloud vendors don't even offer document-level security or DRM.  Eventually this may change, but when it does it is almost certain that each vendor will implement DRM differently.  Files uploaded to different sync and share systems will be encrypted differently by each vendor and therefore not portable in encrypted form between systems.  This will lead to yet another burden on IT teams as they will have to interact with each vendor’s administrative tools to manage or audit protected file usage.  In contrast, files encrypted using a DRM implementation like FileOpen will be encrypted in the same way regardless of which cloud system they are stored on, will remain encrypted at all times regardless of how they are delivered to the intended recipient, will not be readable by employees of any cloud service, and will provide a single interface to control usage across all such distribution channels.

With this in mind, here are four reasons to add a layer of FileOpen security to your current file sharing services.

  1. Minimal change to process:  Once FileOpen software is installed on your machine there are only two changes to your process.  Instead of uploading or syncing source documents to your file sharing service, you upload the FileOpen-protected version.  You then only need to add the intended recipients to and authorized group within a Web-based PermissionServer.  If one of those users accidentally forwards the document to the wrong person, it can’t be opened or viewed. Moreover, DRM enables you to instantly revoke access to a previously authorized recipient, if necessary, or even to one of their devices if misplaced or stolen.
  2. Enforce acceptable use policies:  Advanced DRM solutions allow you to control exactly how a recipient uses your document, adding layers of security to the most sensitive documents. Restrict or expire privileges on a need-to-know basis. Different organizations, and levels within them, can be granted unique sets of permissions on the same document.
  3. Apply detailed watermarks: As a final measure of security, watermarks can ensure the traceability of sensitive documents by overlaying key information about the user, such as their name, date, time, printer and location. Watermarks can provide the “smoking gun” in determining where and when a document was leaked, and aid authorities in enforcing compliance with privacy regulations.
  4. Enable secure, but uncomplicated access: At the core of any failed security initiative is an overly complex, hard-to-use solution. FileOpen eliminates such hurdles with the FileOpen Viewer, which provides access to protected documents through Web browser with no plugins or desktop software required.  It also provides Android or iOS user’s access on their smartphones and tablet through native applications. 

To learn more about FileOpen software and how we can add a layer of security to any file sharing service visit our document security solutions page or request a free 14-day trial.

Topics: document security

FileOpen Client 0958 for Adobe Acrobat/Reader (WIN)

Posted by FileOpen DRM News

We have released an updated FileOpen Plug-in for Adobe Acrobat and Reader for Windows, Build 0958.   This new client implements support for the latest Adobe Acrobat/Reader. Specific improvements include:

  • Support for Adobe Acrobat Reader DC on Windows.
  • Updates to the screenshot prevention mechanism.
  • Modifications to disable "Save As" functionality in Reader X; related to Adobe PSIRT Incident 3124.
  • Improved support of French error messaging.
  • Additions to application whitelist affected by screenshot prevention measures.
  • Correction to dialog displayed when a printer is rejected. 
  • Various bug fixes and enhancements.

This update replaces the Windows 0954 release from February 2015.

FileOpen Client 0958 is backward-compatible to Adobe Reader/Acrobat 7.  We recommend that you encourage users to upgrade to the 0958 client.

Topics: FileOpen plug-in, Client Release, Adobe Reader 11

FileOpen Client 0952 for Adobe Acrobat/Reader (WIN / MAC)

Posted by FileOpen DRM News

We have released an updated FileOpen Plug-in for Adobe Acrobat and Reader for Windows and Macintosh, Build 0952.   This new client implements support for the latest Adobe Acrobat/Reader. Specific improvements include:

  • Modifications to support customization and localization of dialog messages.
  • Support for Username-only authentication, i.e. without password.
  • Modifications to address of issues related to Adobe PSIRT Incident 3124.
  • Modifications to core libraries in support of MSOffice functionality.
  • Modifications to enhance reliability of low-level screen capture mechanism.

This update replaces the Windows 0945 release from November 2014 and the Mac OSx 0926 release from March 2013.

FileOpen Client 0952 is backward-compatible to Adobe Reader/Acrobat 9.  We recommend that you encourage users to upgrade to the 0952.

Topics: FileOpen plug-in, Client Release, Adobe Reader 11

FileOpen Viewer for iOS (v2.3.4)

Posted by FileOpen DRM News

We are pleased to release the latest version of the FileOpen Viewer for iPad®/iPhone®.  The app updates like any other app you are accustomed to.  If you don’t have automatic updates enabled you will need to manually press "update" from the AppStore.  


What's New in Version 2.3.4

  • Fixed document syncing between devices using iTunes.
  • Improvements to the user interface when viewing the document list.
  • Enhanced login handling returns Users with failed login attempts to return to the home screen.


This update replaces version 2.3.2 posted to iTunes on 9/13/2014.

As Adobe LiveCycle Rights Management Nears End-of-Life, FileOpen Offers a Safe Harbor

Posted by Diana Holm


Back in 2011, we posted “Should you migrate from Adobe LiveCycle ES to FileOpen DRM?” in response to Adobe’s announcement that it would be discontinuing the sale and eventually support of its LiveCycle suite, which offered DRM functionality. We noticed that post has gained in popularity recently, so thought it was a good time for an update. Adobe LiveCycle EOL 

According to Adobe’s enterprise support “LifeCycle Policy” for LiveCycle ES Rights Management, “End of core support” for the most recent version will end on 03/31/2018, with support for older versions ending sooner or already expired. Soon after we published our post in 2011, an Adobe product manager contacted us to clarify that all LiveCycle capabilities were now incorporated within the Adobe Digital Enterprise Platform (ADEP). At last check, ADEP has been rolled into Adobe CQ (now part of Adobe Digital Marketing Suite) or Adobe LiveCycle ES3 (which we thought had been discontinued?)

It’s no wonder that we are hearing from many of Adobe’s enterprise customers, who are looking for a safe harbor for their ongoing document security and rights management needs. As a licensed Adobe Security Partner since 1998, we at FileOpen are deeply familiar with all the capabilities and issues surrounding encrypting PDF for seamless display in Adobe Reader and Acrobat Pro. We have also helped many publishers and businesses recover quickly from costly disruptions to their workflows due to their previous DRM vendors' sweeping corporate reorganizations, acquisitions and shut-downs.

Top concerns of Adobe LiveCycle ES customers looking to migrate

Adobe LiveCycle customers are often surprised to learn that an independent software developer can provide them with the same robust DRM functionality in a more modular and flexible package. As enterprise users, they also ask the tough questions. Here’s how we respond.


Can we still support users directly in Adobe Acrobat and Adobe Reader?

Adobe only licenses a handful of security vendors to operate within Adobe Acrobat and Reader. FileOpen was the first such licensee, and continues to support and innovate our native PDF offering. For customers who want to expand the reach of their content beyond Adobe Reader, FileOpen enables you to support end-users in 3rd party PDF viewers such as Bluebeam, Foxit, Nitro and Nuance. Really want to cut the cord from plug-ins and viewing apps? The latest FileOpen tools let you publish securely directly to the browser using HTML5, with no download or plug-in required.

Do you enable enterprise-level security and access controls?

FileOpen offers the same encryption levels as Adobe LiveCycle ES did—from 128-bit RC4 for older versions of Reader, up to 128/256-bit AES, the maximum exportable outside the U.S. We also provide open interfaces for integrating directly with your existing database and authentication schemes, so your documents maintain the same security level and authorized access both inside and outside the firewall. Our rich set of permissions also stand up to (and possibly surpass) the feature set of Adobe LiveCycle and any other enterprise document security solution. Whether you need to add or revoke device access with one click, expire document access to the second, or watermark and limit printing, FileOpen gives you the controls.

What assurances can you provide that we won’t have to change DRM vendors again in a few years?

FileOpen Systems is an independent software developer that does one thing very well: document rights management. Our founding philosophy is that the challenge of document security should not be answered by companies who seek to control the entire document production and delivery workflow, because that will limit publishers’ options as platforms and devices inevitably evolve. Publishers should be able to follow their end-users’ technological preferences, and not be locked into bulky all-in-one systems that limit the reach of their content.

FileOpen’s solutions are designed with this principle in mind, to give you the most options when deciding where and how to share your most valuable data and content. Whether it’s supporting BYOD on iPhones and Android devices, or delivering your documents via Box or Dropbox, you can be sure we’ll keep up with the most popular platforms and technologies. Our focus on providing the most flexible, stand-alone document security tools means our customers can rest assured that there is no “end of life” on the horizon, for them or for us! For the most mission-critical deployments, FileOpen offers 100% on-premise installations.

Should you migrate from Adobe LiveCycle ES to FileOpen DRM?

See how the two solutions stack up, feature-by-feature:


FileOpen DRM Solutions
Adobe LiveCycle Rights Management ES
Licensing Methods
Client/Server Based Licensing
Software as a Service (SaaS)-Based Licensing
 Yes  Yes
User-Based Identification
 Yes  Yes
Computer-Based Identification
 Yes  Yes
Domain Authorization
 Yes  Yes
Smart Card Authentication
 No  Yes
Cookie-Based Authentication
 Yes  Yes
Policy Management
User/Role/Group-Based Access
 Yes  Yes
Create New Policies
 Yes  Yes
Change/Revoke Access
 Yes  Yes
Usage Logging & Metering
 Yes  Yes
Copy/Delete Policies
 Yes  Yes
Add/Remove Policy Administrators
 No  Yes
Offline Viewing
 Yes  Yes
Open/View Rights
 Yes  Yes
Print Count
 Yes  Yes
Copy/Paste Rights
 Yes  Yes
Embargo/Expiration Rights
 Yes  Yes
View/Print with Watermark
 Yes  Yes
Screen Grab Protection
 Yes  No
Protected Changes
 Yes  Yes
Version Control
 Yes  Yes
Encryption Levels
128-bit RC4, (128/256-bit AES Q1 2015)
128-bit RC4, 128/256-bit AES
Key Management
Pseudo Random Number Generator
Pseudo Random Number Generator
Enterprise Directory/LDAP Integration
 Yes  Yes
Client side integration (components, plug-ins, etc.)
Solutions available with and without client integration.
Website’s certificate must be installed to access Rights Management ES through the client applications.
Operating System (Encryption)
Microsoft® Windows Server®, Sun™ Solaris™, Linux ®, freeBSD®, HP_UX®, .NET, JAVA
Microsoft Windows Server, Sun Solaris SPARC®, IBM® AIX®,Red Hat®,SUSE®
Application Server
Any Application Server
IBM WebSphere®, Oracle® WebLogic, JBoss®
Operating System (Client)
Windows, Mac OS , Linux
Windows, Mac OS , Linux
Supported File Types
PDF, Excel, Word (Powerpoint Q1 2015)
PDF, Excel, Word, Powerpoint and CAD files
Supported Devices
Desktop and Mobile OS (iOS, Android)
Desktop and Mobile OS (iOS, Android, Blackberry and Windows Mobile)
Direct Licensing
FileOpen DRM Solutions are available as a hosted solution,  a licensed server, or through individually licensed modules.  View all>>
Available as core functionality within the Adobe Digital Enterprise Platform Standard Edition or as individual components to Government or Financial markets.
Indirect/Partner Licensing
FileOpen DRM is available on a limited basis through these partners.
Available indirectly, as core functionality within the Adobe Digital Enterprise Platform Standard Edition, or as individual components to Government or Financial markets only.
*With respect to Non-FileOpen Products, the information presented is based on publicly available information. We accordingly make no representations with respect to the accuracy or validity of the information, but merely provide it for comparison purposes.
Get a Live Demo

Bob Koche Joins FileOpen as VP of Business Development

Posted by FileOpen DRM News

We are very pleased to announce that Silicon Valley veteran Bob Koche has joined our team as Vice President of Business Development. Bob has built sales organizations for Apple, Intel, Motorola and IBM over the recent decades. 


“FileOpen DRM has reached a tipping point of adoption in our target markets, so the time is right to bring in a seasoned enterprise software professional like Bob to build on that momentum and grow our sales team,” said Sanford Bingham, founder and president. 

Bob will also be reaching out to our technology and channel partners to create an ecosystem around the FileOpen security layer, ensuring the success of our mutual customers in the coming years.

A programmer himself in a past life, Bob has a deep understanding of the underlying technology of the FileOpen security platform, as well the specific requirements and challenges facing companies looking to adopt DRM.

Bob’s enthusiasm for FileOpen’s unique market opportunity and collaborative approach to solving problems have already impressed FileOpen’s longstanding customers. We invite you to welcome Bob by leaving a comment below. 

FileOpen Viewer for iOS (v2.3.2)

Posted by FileOpen DRM News

We are pleased to release the latest version of the FileOpen Viewer for iPad®/iPhone®.  The app updates like any other app you are accustomed to.  If you don’t have automatic updates enabled you will need to manually press "update" from the AppStore.  


What's New in Version 2.3.2

    • Fixed local document storage to enable offline permissions for both PDF and OPN.


This update replaces version 2.3.1 posted to iTunes on 4/7/2014.

Topics: Secure Document Viewer, App Stor, Mobile

FileOpen OEM partners Intralinks and HighQ mentioned in Gartner’s Magic Quadrant for EFSS services

Posted by FileOpen DRM News

This month Gartner released the first-ever “Magic Quadrant for Enterprise File Synchronization and Sharing (EFSS)”, picking key players among over 100 vendors in the rapidly growing market for online file sharing services.  The report evaluates 19 EFSS vendors based on 15 criteria, measuring completeness of vision and ability to execute on that vision.  Among mandatory features and capabilities, Gartner required a base level of security to include user password authentication, lockout after a given period of inactivity, selective remote wipe of the EFSS mobile app and related files on the device and data encryption on transfer.   

While FileOpen does not provide an EFSS solution to compete with these vendors, we were pleased to see that our OEM licensees Intralinks and HighQ appeared in the quadrant. Since 2002, FileOpen encryption has powered the PDF security and direct Adobe Reader support in Intralinks’ virtual data room (VDR) offerings. HighQ, another VDR platform, integrated FileOpen DRM in 2007, enabling their customers to apply granular access controls to their shared documents.


FileOpen offers the same DRM tools to enterprises directly as a stand-alone solution with a flexible cloud connector.  Currently this cloud connector supports Dropbox, Box, Egnyte, ShareFile, Google Drive, OneDrive, and SharePoint while others are being added all the time.  Each connector is unique in its configuration and code making them extremely flexible.  Deployment can be tailored to meet specifics of the desired integration.

Gartner’s EFSS report goes on to say that mature products within this market have features to ensure files leaving the sharing location are encrypted and only readable by those authorized to access the data. That said, many vendors in this study do not offer these features, as demonstrated in a few vendor cautions published in this report:

    • Acronis: No DRM capability is supported yet to protect shared documents once downloaded on an unmanaged device (e.g., to revoke permissions to open, view and edit a document).
    • Sharefile: Despite the rich set of policy management and security features, DRM capability is not yet supported to protect shared documents once downloaded on an unmanaged device — for example, to revoke permissions to open, view and edit a document.
    • Dropbox: Enhanced security features, such as content-aware data loss prevention, built-in DRM encryption, HIPAA and FISMA certifications are missing. However, levels of security for cloud-based data and service protection are available.
    • Hightail™: DRM encryption for shared files and content editing are not supported.


Discover what you can do when powered by FileOpen or learn more about adding a layer of FileOpen security to file sync and share tools.

Topics: secure file sharing, document security, enterprise file sync and share