FileOpen Viewer for Android (v2.4)
We are pleased to release the latest version of the FileOpen Viewer for Android. The app updates like any other app you are accustomed to. If you don’t have automatic updates enabled you will need to manually press "update" from the Google Play.
What's New in Version 2.4.
- Enhanced visuals and user interface.
- Support for most recent server protocol.
- Document re-sizing and other various bug fixes.
This update replaces version 2.2 posted to GooglePlay in October 2013.
Today a report published by U.K.’s Information Commissioner’s Office (ICO) highlighted the data protection challenges and privacy risks agencies face when dealing with sensitive personal information. While the ICO’s study was limited to the foster care system, their findings highlight the importance of protecting sensitive personal information across all social services.
Risks and Penalties
- Highly sensitive personal information concerning foster carers and looked after children is routinely emailed between agencies and local authorities for the purpose of arranging foster care placements without encryption. The lack of such safeguards increases the risk that the information could be inappropriately accessed.
- The majority of agencies visited did not encrypt mobile devices used to process, store or transport personal data. This included items such as laptops and USB sticks. If lost or stolen, any such devices containing sensitive personal data could be easily accessed.
- Fostering agencies often require carers to provide them with updates about looked after children but they do not provide secure methods such as VPNs by which to do this. Sensitive personal information is therefore processed on home computers and stored in the ‘cloud’ in ISP or webmail accounts (Hotmail, Gmail etc.).
- Some agencies allow their staff to carry out work involving sensitive personal data on their home computers instead of providing appropriate remote access to their network, an encrypted memory stick or a work issued encrypted laptop on which to save their work.
- Adequate data protection/information security training is not provided by agencies to their staff.
John-Pierre Lamb, ICO Group Manager in the Good Practice team, said, "The worst breaches of the Data Protection Act can lead to a monetary penalty of up to £500,000, but when you consider the sensitivity of the information this sector is responsible for, the human cost could be far more significant.”
How to Get Compliant
Nowhere is the need for privacy more important than in protecting personal information about children in need and the foster families who help them. Minimizing this threat doesn’t necessarily mean rigid, cumbersome security measures of the past. A few best practices that could prevent a breach of this nature:
- Secure sensitive documents: Using a DRM solution like FileOpen RightsManager allows you to grant permission to only certain users. If one of those users accidentally forwards the document to the wrong person, it can’t be opened or viewed. Moreover, DRM enables you to instantly revoke access to a previously authorized recipient, if necessary, or even to one of their devices if misplaced or stolen.
- Enforce usage and retention policies: Advanced DRM solutions allow you to control exactly how a recipient uses your document, adding layers of security to the most sensitive documents. Restrict or expire privileges on a need-to-know basis. Different organizations, and levels within them, can be granted unique sets of permissions on the same document.
- Apply detailed watermarks: As a final measure of security, watermarks can ensure the traceability of sensitive documents by overlaying key information about the user, such as their name, date, time, printer and location. Watermarks can provide the “smoking gun” in determining where and when a document was leaked, and aid authorities in enforcing compliance with privacy regulations.
- Enable secure, but uncomplicated access: At the core of any failed security initiative is an overly complex, hard-to-use solution. FileOpen eliminates such hurdles with the FileOpen Viewer, which provides access to protected documents through Web browser with no plugins or desktop software required. It also provides Android or iOS user’s access on their smartphones and tablet through native applications.
Contact us for more information or to get a personalized demonstration.
In the latest of a series of damaging leaks in Hollywood, the LA Times has reported that Quentin Tarantino has decided to shelve plans to film The Hateful Eight after the confidential script was circulated far beyond the small circle of actors to which Tarantino initially sent it. Tarantino is quoted by Deadline as saying “I finished a script, a first draft, and I didn’t mean to shoot it until next winter, a year from now. I gave it to six people, and apparently it’s gotten out today.” Evidently one of the actors under consideration for a role shared the document with his agent, who then passed it along to “everyone in Hollywood.”
Other prematurely leaked scripts in recent years include the script of Breaking Bad, Entourage, The Fifth Estate, The Avengers, among others. Many of these leaks happened without malicious intent by the responsible party, but they can be extremely damaging to creative projects that rely on an air of secrecy to attract a top-notch cast and ensure marketability as it enters production. In the days of printed copies, controlling copies of a script were somewhat easier, but increasingly scripts are being shared in digital form, most often without any encryption or with easily shared document passwords.
A Hollywood Primer on DRM in Three Steps
- Secure your scripts using a real DRM solution, not passwords: Document passwords can easily be passed along with confidential documents. Using a DRM solution like FileOpen RightsManager allows you to grant permission only to certain contacts. If one of those contacts forwards the document, it can’t be opened or viewed. Moreover, DRM enables you to instantly revoke access to a previously authorized recipient, if necessary, or even to one of their devices if misplaced.
- Place usage restrictions on your scripts: Advanced DRM solutions allow you to control exactly how a recipient uses your document, adding layers of security to the most confidential documents. Restrict or expire printing privileges, log the time and location of each print attempt, embargo or expire access to an absolute date or after a certain number of days (or even minutes!), and specify how many devices on which a user can view a document.
- Apply detailed watermarks: As a final measure of security, watermarks can ensure the traceability of high-value documents by overlaying key information about the user, such as their name, date, time, printer and location. Those in possession of a physical copy of the document are far less likely to share or sell a document with their identity displayed on each page. FileOpen RightsManager allows admins to set unique watermarks that appear on both the digital and printed document, or only on the printed version.
Contact us if you would like to learn more about how the film industry uses FileOpen DRM.
The FileOpen team is excited to announce our third webinar in a monthly series: "Is BYOD the weak link in your document security strategy?". Join us on Tuesday, November 19 at 10:00 am Pacific/1:00 pm Eastern to see why leading corporations choose FileOpen to secure their documents in the era of BYOD.
Managing the BYOD (Bring Your Own Device) phenomenon can be challenging, but with the right security policies and technology, you can strike the right balance between enabling mobility and security.
Discover how organizations in your industry use FileOpen DRM to:
- Support corporate “bring your own device” (BYOD) initiatives
- Authenticate users and protect documents on PCs, Mac OSx, iPad, iPhone, and Android
- Securely share documents by email or via the cloud (e.g. Dropbox)
- Expire or revoke document access at any time — even after delivery
- Keep users happy with a hassle free user experience
- Track when and where your documents are being viewed, and for how long
Have a question you would like us to answer during the presentation? Ask below!
We are pleased to announce that the FileOpen Viewer for Android is now freely available in Google Play. The new FileOpen Viewer app will enable licensees of FileOpen’s suite of DRM solutions to share documents securely with end-users on Android devices such as the Google Nexus, Motorola Droid X, and Samsung Galaxy; in addition to Apple iOS devices such as the iPad and iPhone. We will continue to support users on Windows 7, 8, Vista, XP; and Mac OSX, 10.5 or later.
Leveraging FileOpen’s core document security technology, the new FileOpen Viewer for Android not only protects files from unauthorized sharing, but also enforces granular access controls such as document expiration, saving of local copies, and the imposition of user-specific watermarks. The app operates in essentially the same way as the FileOpen plug-in for Acrobat/Reader, authenticating each open and print command with the publisher’s server. When permission is granted, the FileOpen Viewer for Android displays the document, which can then be used according to the permissions set by the publisher.
Documents accessed by the FileOpen Viewer for Android are encrypted with industry-standard 256-bit AES encryption, and cannot be opened by users without explicit permission from the publisher’s server. Authentication may be linked to a session login to the publisher’s server or device registration, which can be emailed to the user.
This expansion of FileOpen's product line advances our mission of enabling secure document distribution to the broadest possible range of devices and platforms, maximizing security for our customers while reducing end-user hassles and tech support issues. For more information please read the full press release or check out the FileOpen Viewer for Android Web page.
BYOD (“Bring Your Own Device”) has invaded the workplace, whether sanctioned or supported by your IT department, and is clearly here to stay. According to a study by iPass and MobileIron, 81 percent of companies now allow employees to bring and use their own devices. What company wouldn’t want reduced hardware and subscription costs, with the promise of increased employee efficiency and productivity? Studies show mobile-equipped employees tend to work more hours each week than non-mobile-equipped employees. Employees also prefer to use their personal device over a corporate-issued device. The challenge is to accommodate the reality of BYOD without foregoing data security or introducing chaos to your IT systems.
Here at FileOpen, we work with thousands of customers delivering documents securely to millions of users worldwide. We have found the most successful implementations of a BYOD strategy are accomplished by businesses that are as progressive as their users and agile in their efforts to provide a flexible yet secure work environment. In this post we’ve pulled together a summary of the key components of their successful implementations.
Build a comprehensive BYOD policy
BYOD or mobile device security policies vary by industry as well as within specific verticals. Common goals are to make sure BYOD is aligned with the company’s current strategy, retaining employees by supporting flexibility, and offsetting equipment costs. While keeping these goals in mind, define the types of data that should be accessible and the risks that accessibility may pose. A few considerations:
Allowable devices: Minimum requirements and level of support by device
Allowable activities: Access to the corporate network, corporate data and Web applications
Legal & HR considerations: Clear lines of demarcation between corporate and employee data and liability
Employer controls: Agreements giving the company authority to implement controls, such as encryption, access controls, monitoring and the “right to wipe”
Educate employees about the risks of BYOD
The most important next step is education; which includes explaining to each employee how BYOD would work for them and what potential risks could be to the organization as a result of their behavior. If employees understand that the policy is not only designed to protect corporate data but their personal information as well, they are more likely to adhere to corporate controls.
Get the right file protection technology
It goes without saying that a company that engages in the BYOD approach without ramping up its protective measures is putting its security in jeopardy. The devices are easily replaceable, but what they contain is not. That’s why successful businesses implement technology that focuses on securing the data at the source rather than the endpoint, ensuring the safety of data regardless of its location. For document specific protection, our customers appreciate that our FileOpen solutions directly embed access rules into documents, which are enforced by whichever device and viewer the user happens to be on. Using the FileOpen RightsManager dashboard, they can quickly and easily make changes to access policies, even after the user has downloaded the files.
Monitor and track usage
Essential to any BYOD security framework is the ability to monitor and track usage across all devices. Most organizations do not track data effectively and hope their employees strictly follow policy. Companies should consider the use of a content security tool that comes equipped with monitoring features to detect abnormal usage and provide a level of accountability. For instance, if an employee loses a device with sensitive information and doesn’t report it to IT for a week, the IT team can analyze if any documents had been viewed in the interim, and immediately revoke access.
BYOD is here to stay…
At the end of the day, BYOD is a net positive for organizations as it promotes more responsiveness, more accessibility for workers, and higher worker satisfaction. Whichever strategy you adopt for dealing with BYOD, the key is to secure your sensitive data while still providing the end user the freedom and flexibility to use devices to enhance their productivity.
For more from FileOpen see our whitepapers and register for our upcoming webinar, covering document security for BYOD strategies on November 19, 2013.
In our last post, Minimizing Insider Threats: The Rogue Employee, we looked at how organizations can implement effective security measures to thwart a determined effort to leak private information. But insider threats are not limited to employee sabotage. With the accidental click of a button, a well-intentioned employee can cause a disaster of rogue-employee proportions. One may argue that there’s a fine line between deliberate data loss and unintentional data loss. Even if we’re all prone to making mistakes, isn’t it the responsibility of IT administrators to prevent an accidental leak of data that easily could have been prevented with the proper safeguards?
Accidental data loss has the potential to divulge trade secrets and intellectual property, strain client relationships, and ultimately compromise your revenue. So what’s a CIO to do? To minimize the risk of an unwitting disclosure, let’s identify and remedy four common threats:
1. Outgoing Email With Wrong Recipient – Encrypt, encrypt, encrypt. Last September we witnessed the calamity an accidental data loss can bring when the Georgia Department of Labor accidentally emailed the Social Security numbers of more than 4,000 individuals. Labor officials later requested the 1,000 email recipients “please delete the email and attachment immediately.” It can happen to the best of us. Implementing a DRM solution, like FileOpen RightsManager, assures that only authorized users can view a document. FileOpen's RightsManager is closely integrated with Microsoft Outlook so you can email documents securely and know they can't be forwarded or shared. Store your sensitive information in secure documents in lieu of email bodies and spare yourself the “please delete” email.
2. BYOC (Bring your own cloud) – Share files securely. According to a new survey from Usamp, 41% of employees admit to using unsanctioned services like Dropbox, Box and Google Docs on mobile devices to share files. The estimated annual cost to remedy the data loss is about $1.8 billion. Once documents are encrypted, prevent or circumscribe document sharing with permission policies that preclude forwarding, expire access, and monitor document access. Need to remotely access documents outside of the LAN? With a secure file hosting service like FileOpen Viewer, you can still use Dropbox and Box to host your documents, but be certain that only users you specify can view them.
3. Unfettered document access – Control printing and enforce a machine limit. As discussed in our first installment of Minimizing Insider Threats, enforcing a “need to know” policy is imperative in preventing an internal data breach. Once employees are limited to the least number of documents required to do their job, enforce a “need to print” policy. Printing sensitive documents opens a world of vulnerabilities, since unauthorized copies can’t be tracked. Minimize these threats by controlling who can print which documents, and how many times - if any at all. Applying watermarks can ensure the traceability of sensitive documents by overlaying key metadata, such as the username, date, time, and location of printing, to any printed copies. Also, on how many machines does employee X need to access document Y? Her office workstation only? Multiple machines around the office? To prevent an employee from accessing sensitive information on unsecure networks, enforce a machine limit and ensure that she may only access the document from a specified number of machines.
4. BYOD – Instantly Revoke Access. BYOD is here to stay. According to a recent Gartner study, by 2017 half of employers will require employees to use their own devices for work. The convenience of BYOD also brings the concomitant risk of physical data loss. So how can we assure data security on a device that we’ve lost? Simply applying passwords to documents is not a scalable solution for BYOD. Using a comprehensive DRM solution that supports iOS and Android, you can link all of a user’s devices to their company login. If one of their devices is lost or stolen, the IT admin can instantly revoke all document access specifically for that device.
Encrypt, share files securely, control access, and revoke access. Share these tips and let’s help our IT admins get a better night’s sleep. Also, check out our whitepapers and demonstration documents to discover how FileOpen DRM can help you realize your security objectives.
The FileOpen team is excited to announce our second webinar in a monthly series: "Share files
securely – anytime, anywhere". Join us on Tuesday, October 15 at 9:00 am Pacific/12 Noon Eastern to see why leading corporations choose FileOpen to secure their documents.
We’ve all heard it — another day, another data breach. The need to share information securely across boundaries has never been greater, and a robust security program has proved to be a distinguishing factor among market leaders.
Discover how organizations in your industry use FileOpen DRM to:
- Control printing, apply watermarks and edit/revoke access at any time
- View protected documents without client plug-ins
- Support document delivery to PCs, iPad, iPhone, and Android, BYOD...instantly
- Send documents by email or host in the cloud (e.g. Dropbox)
- Track when and where documents are being viewed, and for how long
Have a question you would like us to answer during the presentation? Ask below!
No company wants to believe they may have a rogue employee on their payroll. However, Eric Snowden's leaking of top-secret NSA documents has raised awareness of internal threats in organizations worldwide. It’s not easy to detect an insider threat, and it’s nearly impossible to stop a determined rogue employee. Companies can however enforce effective security controls to minimize such threats.
The more recent in-house breaches at Vodafone and Holy Cross Hospital are a testament to the flaws of many internal security systems. Merely passing compliance requirements isn’t helping IT professionals sleep any better at night, and even the strongest firewall won’t prevent a legitimate employee from sharing documents outside of the organization.
So what are the common security mistakes that could enable a rogue employee in your organization?
- Overly-generous document access policies. Too often we see companies offer their employees unnecessarily privileged access to sensitive documents and data. And with greater access comes greater risk, of course. Enforcing a “need to know” policy, in which employees are limited to the least number of documents required to do their job, can great reduce the threat of an insider breach. Pinpoint which documents are in most need of protection, then limit access.
- Decentralized storage of sensitive documents. Organizations may minimize the amount of access an employee has to sensitive information by following the vault paradigm of document security. Offer employees the option to request document access and require a reason for access.
- Allowing legacy access to documents. In the wake of the NSA scandal, we are seeing organizations adopt DRM solutions that enable administrators to revoke user access to a document anytime, anywhere. Using FileOpen’s RightsManager solution, for example, if an employee no longer needs access to a particular document to effectively do her job, system administrators may simply revoke her access to said document. If she later requests access to the document, but her task only requires limited access, system administrators can enforce a policy that limits her access to select portions of the document.
- Allowing unfettered access on take-home devices (BYOD). With the profusion of tablets and smartphones comes the heightened risk of employees using company documents on their personal devices. To manage such activities, administrators should enforce a machine limit on more sensitive documents. For example, FileOpen RightsManager enables setting a machine limit of “1” to ensure that an employee may only access the document from her office workstation.
- Trusting high-level employees with too much. Limiting document access to lower-level employees is important, but what about executives? Granting exceptions for higher-level employees can put companies at risk. According to a 2013 Data Protection Trends Research study, among companies with secure programs in place, 24% allow exceptions for executive-level employees. This poses an especially dangerous threat as executive-level employees are often granted access to the most sensitive information at a firm. Realizing impregnable document security requires you enforce a “need to know” policy across the board. Limit the number of documents to which your “superusers” have access, and consistently monitor their access. Snowden, of course, was a system admin who was permitted access to an NSA file sharing location on the NSA intranet to transfer sensitive information. Enacting a “two-person” rule to accessing highly sensitive documents can further thwart lone-wolves. Additionally, before a system administrator is handed the keys to the kingdom, be sure to conduct a thorough background check.
- Failing to monitor document usage. No security program is bulletproof without a system of quickly identifying and containing a data breach. Applying a document monitoring solution (track number of times opened, location of access, etc) can help your IT department quickly identify and stop any unusual activities. Document tracking is highly effective in identifying both rogue employees and former employees. For instance, after an employee leaves your company, your legal department will be empowered to request a list of documents the employee accessed to more effectively monitor any leaked trade secrets to a competitor. Stay tuned for the official release announcement of FileOpen’s document tracking solution.
Encrypt, limit access, monitor access, educate, and iterate. Reaching the promised land of security doesn’t need to be elusive. Stay tuned for our second installment: “Minimize Insider Threats: The Unwitting Disclosure.” Also, check out our whitepapers and register for our live demo on October 15th, 2013 to discover how FileOpen DRM can help you realize your security objectives.
This month we’ve been talking to some of our most valued customers—publishers of financial research, market research, or any research that’s valuable enough that readers are willing to pay for it. We love our research customers because they tell us exactly what they need out of a document security system, and constantly push us toward making our products work more simply and interchangeably with the systems they’re already using to manage subscriptions and deliver documents.
But why do research publishers love FileOpen? Mark Roberts, CEO of the hedge fund report Off Wall Street, says,“We need to deliver our research securely without any hassle for our clients, and ensure that only our clients can access it. Using FileOpen DRM makes the process painless for us and our clients.”
Mark makes a point that we have heard time and time again from research publishers—that any document security scheme has to be as easy as possible for their staff to implement (some research firms have no IT staff at all) and crucially, easy for their paying end-users to authenticate through. If the security makes it hard for subscribers to access content they’ve paid for, it’s not worth doing at all. Research publishers want to spend time producing quality research, not providing tech support to frustrated end-users.
Fred Hickey, who publishes the popular investment newsletter The High-Tech Strategist, drives the point home: “We can send our research out confident that those who have paid for it can have quick and easy access, and those who haven’t paid for it get no access at all.”
Ultimately, when research publishers choose a DRM system, they are buying the peace-of-mind that comes with knowing they are being paid fairly for their work, without alienating their loyal subscriber base with annoying security hurdles.
Our research customers help keep us focused on eliminating such hurdles, and are behind some of our most exciting new features:
- zero-install (no plug-ins!) secure document display in any web browser running Flash
- document usage tracking with universal access (anyone can view/share but publisher is notified of every open/print event)
- portable access from multiple devices, including iPhone/iPad, with support for offline access
- support for cloud-based document serving including Dropbox
To see these new features in action, join us for a live webcast on Tuesday, August 13th at 12 noon Pacific/3pm Eastern: “Protecting Research Revenue with FileOpen DRM.”