Diana Holm

Recent Posts

FileOpen Client 0971 Released (Win Plug-in to Adobe Reader)

Posted by Diana Holm

We have released an updated FileOpen Plug-in for Adobe Acrobat and Reader for Windows, Build 0971.   This new client implements support for the latest Adobe Acrobat/Reader. Specific improvements include:

  • Modifications to behavior of messageboxes and dialogs.
  • Modifications to print dialog and controlled-print functionality.
  • Modification to behavior of watermark imposition on editable documents. 
  • Additional bug fixes and enhancements.

This update replaces the Windows 0969 release from November 2015.

FileOpen Client 0962 is backward-compatible to Adobe Reader/Acrobat 9.  We recommend that you encourage users to upgrade to the 0971 client.


 

 

How to Track Printed Documents Using FileOpen Dynamic Watermarks

Posted by Diana Holm

When Adobe announced the PDF file format as an open document standard in 1993, it was meant finally to usher in the era of the “paperless office.” Despite the success of PDF as a platform-independent document format, we are still printing to paper—a lot. According to The Paperless Project, paper usage is increasing in American businesses at a rate of 22% a year, and the average office worker uses a “staggering” 10,000 sheets of copy paper annually.watermark200.png

This poses a unique challenge to publishers, who increasingly depend on the usage data and analytics which digital documents can provide, but not printed documents. For example, if a publisher sells a subscription of valuable research reports to one employee at a company, how do they know that employee isn’t printing out hundreds more copies, depriving the publisher of that additional subscription revenue?

Encrypting those research reports so that only the original subscriber can access them makes it harder for a user to share access to the digital version. FileOpen makes it possible to disable printing entirely, but if you allow the document to be printed and want to solve the rogue printing problem, you’ll need to take advantage of FileOpen’s advanced printing restrictions and watermarking features.

In this post we’ll walk you through how to limit printing of FileOpen-protected documents, and how to impose unique watermarks on each printout with user-identifying data. Using “dynamic” watermarks, you can auto-generate watermarks at the time of encryption and delivery, to include rich data which could be used to track a printout back to the user, time and device on which a document was printed.

How to Control Printing 

In FileOpen RightsManager and RightsServer, you set printing permissions according to the access control policies you define for your different groups, or recipients. So rather than assigning printing restrictions to the actual documents, you can give different recipients different levels of printing privileges to the same document.

Your options for restricting printing are:

  • Enable/disallow any printing
  • Set a notification when a document has been printed
  • Set the maximum # of print copies allowed
  • Specify which pages or page-ranges can be printed
  • Restrict printing to only physical devices (no print-to-file), or only to specific “whitelisted” printers
  • Set a percentage of the document you will allow to be printed
  • Print documents as lower resolution images so they are a degraded version of the original
  • Simply monitor printing activity, without limiting # of prints or prohibiting any print drivers

All of the above printing permissions require that the end-user be online. RightsManager and RightsServer also have offline permission settings, which can be used to allow or disallow offline printing, and to cap the number of prints allowed while the user is offline.

Add-Permission-Policy-Crop.png

FileOpen RightsManager offers a great deal of flexibility over printing, including the ability to render printouts in a lower resolution. 

You don’t have to set printing restrictions in order to use watermarks, but they add an additional layer of control to your valuable documents. Now, let’s move on to adding watermarks.

How to Add Watermarks

Prior to the development of the current FileOpen watermarking mechanism, some implementations of the system added watermark text to a PDF prior to encryption, then encrypted that PDF uniquely for a specific user. We refer to this as Static Watermarking and Dynamic Encryption. That is, the watermark text is static (always remains the same as what was imposed originally), and the encryption is done in real-time, or dynamically.

The current system implements Dynamic watermarks, and can be used either with Dynamic or with Static Encryption. That is, the text of the watermark can change each time the document is opened, and this can be the case whether the same encrypted PDF is opened by multiple users, or a unique encrypted PDF is created for each user.

Within any particular watermark policy, there is a similar distinction between static and dynamic text, both of which can be used simultaneously on the same document:

Static Watermark Text: These contain information you define in advance when you are setting up permissions policies for your recipients. They can contain a copyright message or any text you please. This text is literal, i.e what is specified in the policy is imposed into the watermark.

Dynamic Watermark Text: Dynamic watermark text is generated “on-the-fly” when a user opens or prints a document. This text typically contains information specific to the user, e.g. name or email address. This information is retrieved from the PermissionServer database and sent to the Client as part of the document open or print control event, so can be changed even after document delivery, e.g. for example to notify an end-user that a newer version of the document is available. FileOpen SDK licensees can take advantage of a rich syntax to dynamically place watermarks using data such as the machine ID of the user, IP address, and printer name/port that they used.

For the purposes of this post, we’ll walk through the process of generating watermarks using the WebUI of FileOpen RightsManager and RightsServer.

1. Create a Watermark Layout Template

The first step is to configure a Layout Template for your watermark (Watermarks > Layout Templates > Add Layout Template). Here you can choose whether to make your watermark a “Stamp”, in which case it will be superimposed on top of the document contents, or a watermark that is imposed beneath the text of the document. You can also define the watermark’s type (header, footer, diagonal up, diagonal down, vertical left up or vertical right down), the font (also the size/fill-color RGB, stroke width, stroke color RGB) and the aligment (left/right/center).

2. Create a Text Template

Next, create a Text Template to define the content of your watermark (Watermarks > Text Template Sets > Add Text Template Set). Here you can choose whether to date and time stamp each printout, include user-identifying information, etc. User-identifying information can include their email address, username, full name, company, IP address, printer ID, and many more data points.

Together, your Watermark Layout Template and your Text Template make up a Watermark Set.

3. Apply a Watermark Set to a Policy

Navigate to Policies > Watermarks. Click on the Policy Set you want to apply your Watermark to. For example, you might have a Policy Set for a site-license subscription, and want to add the watermark to all documents associated with that policy.

Applying watermarks at the Policy level frees you from having to create multiple different versions of the same document, because the watermark floats above the document as a separate object, and can be changed or removed even after delivery. When you assign your watermark to a Policy, you can define a different watermark for digital viewing and print, or only include the watermark on the printed version.

Here is an example of what your watermarks will look like on the resulting document:

 dynamicwatermarks.png

This example shows a printed PDF with both static and dynamic user-generated watermarks, visible in the header and footer of the page.

You can make your watermarks as noticeable or unobtrusive as you like using the design controls in Watermark Layout Template dialog.

The Result: Smart Printed Documents

By leveraging FileOpen’s print controls and watermarking features, you can close the loop on unwanted printing and reproduction of your documents. Including unique user-identifying data in your watermarks will render every printed copy of your document traceable back to the original user—even copies made with a photocopier. Because the watermarks appear below the text, they cannot be “whited out” without visible degredation of the document content. Watermarks not only reinforce your permission policies on the printed page, they provide you with actionable data on how your valuable and confidential documents are being used.

FileOpen’s print control and watermarking features are bundled with our RightsManager, RightsServer and SDK products for encrypting and controlling access to documents. FileOpen watermarks can be used on native PDF files for viewing/printing in Adobe Acrobat and Adobe Reader(end-user plug-in required), and on OPN files for viewing/printing in any web browser with no plug-in required.

Contact Us for a demonstration and consultation of FileOpen's watermarking and security features. 

 

Topics: document control, watermarks, watermarking, printing control

FileOpen Plug-in Update Available for MAC OS X

Posted by Diana Holm

We have released an updated FileOpen Plug-in for Adobe Acrobat and Reader for MAC OS X, Build 0967.   This new client implements support for the latest Adobe Acrobat/Reader. Specific improvements include:

  • Support for Adobe Acrobat Reader DC (64-bit architecture, with Broker process).
  • Modified and improved installation program.
  • Improved multi-language support.
  • Various bug fixes and other enhancements.

Note: This version supports Adobe Acrobat/Reader versions 8 through DC and 2015, and OS X versions from 10.6 through 10.11 (El Capitan), however B967 is installed only for Adobe 10 and up on OS X 10.9 and up. The installer delivers B958 for the remaining Adobe and OS X versions where B967 cannot be used.

This update replaces the MAC 0958 release from April 2015.

As Adobe LiveCycle Rights Management Nears End-of-Life, FileOpen Offers a Safe Harbor

Posted by Diana Holm

 

Back in 2011, we posted “Should you migrate from Adobe LiveCycle ES to FileOpen DRM?” in response to Adobe’s announcement that it would be discontinuing the sale and eventually support of its LiveCycle suite, which offered DRM functionality. We noticed that post has gained in popularity recently, so thought it was a good time for an update. Adobe LiveCycle EOL 

According to Adobe’s enterprise support “LifeCycle Policy” for LiveCycle ES Rights Management, “End of core support” for the most recent version will end on 03/31/2018, with support for older versions ending sooner or already expired. Soon after we published our post in 2011, an Adobe product manager contacted us to clarify that all LiveCycle capabilities were now incorporated within the Adobe Digital Enterprise Platform (ADEP). At last check, ADEP has been rolled into Adobe CQ (now part of Adobe Digital Marketing Suite) or Adobe LiveCycle ES3 (which we thought had been discontinued?)

It’s no wonder that we are hearing from many of Adobe’s enterprise customers, who are looking for a safe harbor for their ongoing document security and rights management needs. As a licensed Adobe Security Partner since 1998, we at FileOpen are deeply familiar with all the capabilities and issues surrounding encrypting PDF for seamless display in Adobe Reader and Acrobat Pro. We have also helped many publishers and businesses recover quickly from costly disruptions to their workflows due to their previous DRM vendors' sweeping corporate reorganizations, acquisitions and shut-downs.

Top concerns of Adobe LiveCycle ES customers looking to migrate

Adobe LiveCycle customers are often surprised to learn that an independent software developer can provide them with the same robust DRM functionality in a more modular and flexible package. As enterprise users, they also ask the tough questions. Here’s how we respond.

 

Can we still support users directly in Adobe Acrobat and Adobe Reader?

Adobe only licenses a handful of security vendors to operate within Adobe Acrobat and Reader. FileOpen was the first such licensee, and continues to support and innovate our native PDF offering. For customers who want to expand the reach of their content beyond Adobe Reader, FileOpen enables you to support end-users in 3rd party PDF viewers such as Bluebeam, Foxit, Nitro and Nuance. Really want to cut the cord from plug-ins and viewing apps? The latest FileOpen tools let you publish securely directly to the browser using HTML5, with no download or plug-in required.

Do you enable enterprise-level security and access controls?

FileOpen offers the same encryption levels as Adobe LiveCycle ES did—from 128-bit RC4 for older versions of Reader, up to 128/256-bit AES, the maximum exportable outside the U.S. We also provide open interfaces for integrating directly with your existing database and authentication schemes, so your documents maintain the same security level and authorized access both inside and outside the firewall. Our rich set of permissions also stand up to (and possibly surpass) the feature set of Adobe LiveCycle and any other enterprise document security solution. Whether you need to add or revoke device access with one click, expire document access to the second, or watermark and limit printing, FileOpen gives you the controls.

What assurances can you provide that we won’t have to change DRM vendors again in a few years?

FileOpen Systems is an independent software developer that does one thing very well: document rights management. Our founding philosophy is that the challenge of document security should not be answered by companies who seek to control the entire document production and delivery workflow, because that will limit publishers’ options as platforms and devices inevitably evolve. Publishers should be able to follow their end-users’ technological preferences, and not be locked into bulky all-in-one systems that limit the reach of their content.

FileOpen’s solutions are designed with this principle in mind, to give you the most options when deciding where and how to share your most valuable data and content. Whether it’s supporting BYOD on iPhones and Android devices, or delivering your documents via Box or Dropbox, you can be sure we’ll keep up with the most popular platforms and technologies. Our focus on providing the most flexible, stand-alone document security tools means our customers can rest assured that there is no “end of life” on the horizon, for them or for us! For the most mission-critical deployments, FileOpen offers 100% on-premise installations.

Should you migrate from Adobe LiveCycle ES to FileOpen DRM?

See how the two solutions stack up, feature-by-feature:

 

 
FileOpen DRM Solutions
Adobe LiveCycle Rights Management ES
Licensing Methods
Client/Server Based Licensing
Yes
 Yes
Software as a Service (SaaS)-Based Licensing
 Yes  Yes
Authentication
User-Based Identification
 Yes  Yes
Computer-Based Identification
 Yes  Yes
Domain Authorization
 Yes  Yes
Smart Card Authentication
 No  Yes
Cookie-Based Authentication
 Yes  Yes
Policy Management
User/Role/Group-Based Access
 Yes  Yes
Create New Policies
 Yes  Yes
Change/Revoke Access
 Yes  Yes
Usage Logging & Metering
 Yes  Yes
Copy/Delete Policies
 Yes  Yes
Add/Remove Policy Administrators
 No  Yes
Rights
Offline Viewing
 Yes  Yes
Open/View Rights
 Yes  Yes
Print Count
 Yes  Yes
Copy/Paste Rights
 Yes  Yes
Embargo/Expiration Rights
 Yes  Yes
View/Print with Watermark
 Yes  Yes
Screen Grab Protection
 Yes  No
Protected Changes
 Yes  Yes
Version Control
 Yes  Yes
Security
Encryption Levels
128-bit RC4, (128/256-bit AES Q1 2015)
128-bit RC4, 128/256-bit AES
Key Management
Pseudo Random Number Generator
Pseudo Random Number Generator
Integration
Enterprise Directory/LDAP Integration
 Yes  Yes
Client side integration (components, plug-ins, etc.)
Solutions available with and without client integration.
Website’s certificate must be installed to access Rights Management ES through the client applications.
Operating System (Encryption)
Microsoft® Windows Server®, Sun™ Solaris™, Linux ®, freeBSD®, HP_UX®, .NET, JAVA
Microsoft Windows Server, Sun Solaris SPARC®, IBM® AIX®,Red Hat®,SUSE®
Application Server
Any Application Server
IBM WebSphere®, Oracle® WebLogic, JBoss®
Operating System (Client)
Windows, Mac OS , Linux
Windows, Mac OS , Linux
Supported File Types
PDF, Excel, Word (Powerpoint Q1 2015)
PDF, Excel, Word, Powerpoint and CAD files
Supported Devices
Desktop and Mobile OS (iOS, Android)
Desktop and Mobile OS (iOS, Android, Blackberry and Windows Mobile)
Pricing
Direct Licensing
FileOpen DRM Solutions are available as a hosted solution,  a licensed server, or through individually licensed modules.  View all>>
Available as core functionality within the Adobe Digital Enterprise Platform Standard Edition or as individual components to Government or Financial markets.
Indirect/Partner Licensing
FileOpen DRM is available on a limited basis through these partners.
Available indirectly, as core functionality within the Adobe Digital Enterprise Platform Standard Edition, or as individual components to Government or Financial markets only.
*With respect to Non-FileOpen Products, the information presented is based on publicly available information. We accordingly make no representations with respect to the accuracy or validity of the information, but merely provide it for comparison purposes.
**Beta
Get a Live Demo

Why do research publishers overwhelmingly choose FileOpen to protect their content?

Posted by Diana Holm

This month we’ve been talking to some of our most valued customers—publishers of financial research, market research, or any research that’s valuable enough that readers are willing to pay for it. We love our research customers because they tell us exactly what they need out of a document security system, and constantly push us toward making our products work more simply and interchangeably with the systems they’re already using to manage subscriptions and deliver documents.

But why do research publishers love FileOpen? Mark Roberts, CEO of the hedge fund report Off Wall Street, says,“We need to deliver our research securely without any hassle for our clients, and ensure that only our clients can access it. Using FileOpen DRM makes the process painless for us and our clients.”

FileOpen document protection

Mark makes a point that we have heard time and time again from research publishers—that any document security scheme has to be as easy as possible for their staff to implement (some research firms have no IT staff at all) and crucially, easy for their paying end-users to authenticate through. If the security makes it hard for subscribers to access content they’ve paid for, it’s not worth doing at all. Research publishers want to spend time producing quality research, not providing tech support to frustrated end-users. 

Fred Hickey, who publishes the popular investment newsletter The High-Tech Strategist, drives the point home: “We can send our research out confident that those who have paid for it can have quick and easy access, and those who haven’t paid for it get no access at all.

Ultimately, when research publishers choose a DRM system, they are buying the peace-of-mind that comes with knowing they are being paid fairly for their work, without alienating their loyal subscriber base with annoying security hurdles.

Our research customers help keep us focused on eliminating such hurdles, and are behind some of our most exciting new features:

  • zero-install (no plug-ins!) secure document display in any web browser running Flash
  • document usage tracking with universal access (anyone can view/share but publisher is notified of every open/print event)
  • portable access from multiple devices, including iPhone/iPad, with support for offline access
  • support for cloud-based document serving including Dropbox

To see these new features in action, join us for a live webcast on Tuesday, August 13th at 12 noon Pacific/3pm Eastern: “Protecting Research Revenue with FileOpen DRM.” 

Register Now!

Topics: FileOpen, protect research, secure research

FileOpen invites you to a live webcast: "How to Protect Research Revenue with FileOpen DRM"

Posted by Diana Holm

We are pleased to announce our first webcast in a monthly series which will show how"We need to deliver our research securely without any hassle for our clients, and ensure that only our clients can access it. Using FileOpen DRM makes the process painless for us and our clients.” -- Mark Roberts, CEO, Off Wall Street FileOpen's solutions are used to solve real problems in specific markets. To kick off the series, we're going to showcase our research publishing customers, show how they are using FileOpen DRM, and reveal the latest developments that make FileOpen a "killer app" for high-value research publishing. 

 
If you publish proprietary research and want to learn how to protect it without turning off your subscribers, you won't want to miss this webcast. Join us on Tuesday, August 13 at 12 noon Pacific (3pm Eastern).

We'll be showing attendees how to: 

  • Share documents securely on PCs, iPad, iPhone, and Android, BYOD...anywhere

  • Provide seamless user access without client plug-ins or installations

  • Send documents by email or host in the cloud (e.g. Dropbox)

  • Track when and where your documents are being viewed, and for how long

  • Control printing, apply watermarks and un-share your documents at any time

Our senior product managers and engineers will be on hand to answer all your questions.

 

Register Now!

 

Question: which market segment would you like us to focus on in our next webcast? 

Topics: protect research, secure research documents

Digital Rights Management Do's and Don'ts

Posted by Diana Holm

Having developed DRM software for the last fourteen years, we have seen our share of customer implementations. Although we provide just one piece of the puzzle, we have seen how our customers build end-to-end secure document delivery systems, with varying degrees of success. The success of a project most often can be tracked to the early planning stages, and is often more about preparation and attitude than about specific technology. We thought we'd synthesize what we've observed over the years into a handy list of ten do's and don'ts.

 

1. DO: Put some mechanism in place to protect your information if you expect others to value it, or if sharing that information would violate your corporation’s or an individual’s privacy.


This may seem obvious coming from us, but in almost every discussion on the topic I’ve seen, a DRM cynic will chime in informing everyone that any encryption can be broken and so there no point in implementing DRM. It’s certainly the safe and easy argument to make, since securing digital information is indeed a hard problem; however the same logic could lead someone to leave their house unlocked, since all locks can eventually be broken. Most reasonable people recognize the advantage of making it harder to break into your house, and of making it clear that unauthorized entry is prohibited. Without going into too much detail here, DRM can and does work by:

    • Thwarting the most obvious (and some more sophisticated) attempts to access and share restricted documents Duct tape bike lock www.pbkblog.com resized 600
    • Logging and alerting you about attempts to access your secure documents
    • Watermarking end-user data onto views and prints of secure documents
    • Declaring your version of a document to be the “official” version
    • Establishing a “circle of trust” between you and your users, who may share your concerns about piracy or privacy.

2. DO: Consider if your content is a good fit for DRM.


DRM works best with content that is valuable to a professional niche, or timely, or both (e.g,. distribution of financial research.) In such markets, the high cost of the content makes the paying customer a willing participant in the control process ("I paid for this information so that I would have a trading advantage; I don't want some other guy getting it for free!"). As a general rule, mass-market products at low price points aren't a good a fit for DRM, such as commercial MP3 distribution. The reason for the failure is a mix of consumer expectations, the perception of "lock-in" to one of many devices available for playing the content, the cost of the content itself, and other factors.

 

college student computer bfloparks.blogspot.com3. DO: Research your user base before settling on a DRM scheme.


Which platforms and devices are they on? How are they using your content—for up-to-the-minute information on their phone or tablet, or printing it out to read at leisure? Will they have access to the internet at all times?  Are they in a corporate environment where installing any sort of client software requires administrative intervention? Or on a college campus where the risk of redistribution is high? Answering these questions before you deploy DRM will dictate which technology you choose and the degree of security you place on your files, and save you a great deal of customer angst later on. Some DRM solutions allow a range of security from CIA-level to simply monitoring usage.

 

4. DO: Look for ways to scale the protection to the environment


As new platforms emerge for the consumption of content – tablets, phones, etc. – they enable the development of new methods (for authentication, for instance), data formats, and user experiences. Where possible it is worth considering how a given piece of content can be displayed in different ways on different devices, with the amount of control modulated by the capabilities of the device: the less functional the display environment, the less DRM is required to control that environment.

 

5. DO: Design your DRM implementation to be as flexible as possible.


Complexity is a good thing when it comes to information security. Having a single point of access, such as a password to open a document, is the easiest security method to break. That’s not only because it depends on one thing, the password (which is the same for everyone and can be shared), but because in most cases it is permanent. Look for a DRM solution that lets you define permissions policies for both users and documents, and which lets you revoke access after you have distributed the document. The best way to do this is to link your DRM system with your customer database, so that changes in customer status can translate instantly to their permissions.

 

6. DON'T:  Make it harder than necessary to view the protected content.


There is an inevitable tradeoff between ease-of-use and protection: the more protected the content, the more complex the protection system will be to install and use. As above, the "right" amount of protection depends on the content being protected, but the right protection mechanism is usually the one that imposes the fewest new behaviors on the user. A DRM system that works within the same applications used to view unprotected content will normally be better received than one that requires the downloading, installation and training on new applications. The best DRM is invisible to the legitimate user.

 

7.  DON'T:  Assume the most expensive solution is necessarily the best (or the cheapest, for that matter).


There’s no denying that most DRM software carries a hefty price tag with it. The reasons for this include the intensive engineering resources required to develop and maintain a credible DRM product; licensing and royalty costs associated with supporting the more popular formats and devices, and the coalescing of the market around corporate and financial users (since the technology has had less success in mass-market applications.) The top “enterprise rights management” solutions have a starting price in the six figures and include a buy-in to specific server and document management products. However there are some smaller developers (my company included) who offer DRM functionality in a hosted environment by annual subscription, as well as in standalone server modules for companies who need only a few key pieces of the secure information sharing puzzle. Don’t be seduced by companies offering very inexpensive DRM however—in most cases you will find the inflexibility of those systems or the inexperience of the company will end up costing you more later on.

 

8.  DON'T:  Attempt to go it alone with a custom, in-house solution.


Distributing files to hundreds or maybe thousands of end-users on diverse platforms and devices is a complicated business, and a big reason DRM software companies are able to demand high prices for their technology. DRM companies, for the most part, have also been at it for a long time and seen hundreds of customer implementations, both successes and trainwrecks. Many of them also have special licensing relationships with document viewers which aren’t available to companies not directly in the DRM software producing business. Also consider that the more customized your DRM implementation, the more difficult it will be to maintain going forward, as newer versions of viewers, formats and devices continue to proliferate. If your core business is anything other than DRM software development, stick to your knitting and leave that to the experts.

 

9. DON’T: Try to protect static content


In the days before copyright laws were introduced and/or enforced, publishers had little incentive to bring out complete works, as these would immediately be re-issued by other publishers. So publishers developed ways to serialize content, to minimize their risk and increase the workload of the copiers. It may be that the current market for high-quality complete works (e.g. books, recorded songs, films, etc.) is devolving into a commercial environment similar to that of post-revolutionary France (or pre-revolutionary America, see Mark Stefik’s work for details) and if so the best approach is probably to keep producing new content. This also makes the DRM process easier, as a focus on new content permits the DRM to evolve as needed. The key is to produce content that is perceived as more valuable than a blog post, usually because it is timely, attractively displayed, and focused like a laser on your target market.

 

10. DON’T make your implementation more complex than it needs to be.


There are many variables involved in creating a system to deliver encrypted content: users and documents must be identified, rules and policies must be established, integration with others systems (e.g. eCommerce) may be required, etc. Sometimes the design process results in a specification that while technically possible is too complex to be implemented in the timeframe available. Or the requirement might include desired features, e.g. real-time creation or customization of documents, that imposes excessive demand on the server process and can limit scalability or customer responsiveness. DRM is inherently complex, so the simplest possible implementation is frequently the most successful.

We'd love to hear your suggestions to add to this list. Have you been involved in a DRM implementation before? What did you learn? If you haven't been using any DRM, what have been the consequences?

Topics: DRM advice, how to implement DRM, DRM mistakes, DRM tips, DRM dos and donts, why DRM works

How to send PDFs securely by email (a step-by-step guide)

Posted by Diana Holm

We are frequently asked by prospective customers how to prevent “forwarding” or “saving” a PDF file attachment. Our view is that attempting to actually block a PDF file from moving around is doomed to fail, given that the format’s first name is “Portable.” Furthermore, there are times when forcing users to enter a document-specific password, or to remember a login to a secure website, is impractical and not terribly secure either.

So we invite these prospective customers to try out our FileOpen RightsManager system and tell them to follow these steps to send emails securely:

    1. Select a PDF or group of PDF files and encrypt them from the File>Encrypt New File menu.
    2. Import your list of email recipients (Users) using Outlook or a spreadsheet.
    3. Organize your Users into Groups if not all users should have the same permissions
    4. Organize your Documents into Groups if not all Documents should have the same permissions (remember that Users and Documents may be in more than one Group)
    5. Apply permissions policies to your Groups (expiration, printing restrictions, etc.)
    6. Send your users a one-time registration PDF, which will register the User on the device where they open it. If those users have not already installed the free FileOpen plug-in they will be prompted to do so by Adobe Acrobat/Reader.
    7. You are now free to send your secure PDFs to your users, which they will be able to open seamlessly with no additional passwords on the registered machines.
    8. The nefarious user who tries to save an unencrypted copy or forward the file to a friend will be foiled, as the recipient’s machine is not registered. 

Here's a screenshot that shows the policy management interface in FileOpen RightsManager:

FileOpen Hosted Screenshot resized 600For more details on how FileOpen enables secure PDF email attachments, check out our new whitepaper, “Using FileOpen to Prevent Pass-Along of Emailed Documents.” 

Topics: pdf, email, security

The British Library Adopts FileOpen DRM as a User-friendly Solution

Posted by Diana Holm

We are not big on generating a lot of press releases here at FileOpen, preferring toBritish Library logo stick to our knitting so to speak, but every so often a customer will take it upon themselves to evangelize FileOpen software, and we'd be ungrateful not to share their enthusiasm (if a little belatedly).

The British Library, one of the world's largest document repositories, issued a press release in November 2009 entitled "The British Library Improves Electronic Access with New DRM Platform from leading provider, FileOpen Systems." Their announcement emphasized the greater flexibility FileOpen DRM would provide to end-users, with the library's head of sales and marketing quoted as saying, "The decision to add FileOpen to our Document Supply delivery options was driven by customer demand, they wanted a choice of electronic delivery options....Customer feedback from the testing phase was very positive, and we are pleased to announce that we are now recommending FileOpen as our preferred electronic delivery option to all customers."

We were also pleased to see the British Library's official response to "An open letter to the British Library" posted by Richard Mitchell of the University of York on the British Library's Facebook page. Mr. Mitchell had written to the library to express his "disappointment at the British Library's decision to use proprietary, DRM-encumbered software to distribute journal articles, whilst other institutions and publishers happily distribute their articles in the much more accessible PDF format." He also bemoans the lack of support for Linux.

It turns out, Mr. Mitchell was referring to the British Library's prior use of Adobe's Digital Editions DRM platform, which necessitates the download of a separate viewer and does not support the standard Adobe Reader. Nor does the Digital Editions viewer run on Linux. The British Library's Barry Smith thanks Mr. Mitchell for his comments and informs him the British Library will be launching "an additional DRM facility in early 2009 that will be compatible with Linux (and most other open source platforms) called FileOpen." Mr. Smith goes on to say that "From April, we will be encouraging our academic users to switch to FileOpen, as it will offer more flexibility for many of our customers."

FileOpen's relationship with The British Library goes back to 2000, and after many damp and chilly train trips from London to Boston Spa to meet with their information services management and understand their complex requirements, it is especially gratifying to have the support of both the Library and their end-users.

Topics: FileOpen, british library, drm, pdf security, pdf encryption, digital editions