At SPAB 2016, FileOpen CEO Sanford Bingham Asks Standards Publishers: "What Would a Standard for DRM Look Like?"

Posted by Sanford Bingham

Last week I had the honor of speaking to an international group of standards organizations at the Standards Publishing Advisory Board (SPAB) annual meeting, hosted by our partner IHS. Standards Developing Organizations, or “SDOs”, are responsible for disseminating the documents that describe their industry’s or their country’s standards for building, manufacturing, military equipment, and so on (in the U.S., you may have heard of ANSISAE, and ASME standards). Thanks to standards, we have consistency and interoperability in the products and systems we use every day. 

Because of the mission-critical nature of their content, standards publishers are among the most exacting customers a technology company can have, and the choices they make can influence which innovations are successful in the publishing industry at large. Our host, IHS, is one of the largest resellers of standards documents, aggregating the work of hundreds of SDOs and expanding their reach with ecommerce portals and other technical enhancements.SPABlogo.jpg

This may seem like a quiet, boring segment of the publishing industry, but it is anything but. At the heart of standards publishing is a conflict between making essential information widely available to the technicians whose jobs depend on it, and the necessity of earning and protecting revenues for the standards bodies and the publishing companies that serve them.

Opinions run strong among the different SDOs as to how to achieve these dual goals—use DRM technology to prevent unauthorized sharing and uploading to sites with pirated documents? Or pursue copyright enforcement through legal channels, after a breach has been discovered? These questions have led to heated debates among SDOs and standards publishers, but as a community they resemble the U.N., ultimately seeking consensus on important issues (which is, after all, what standards are about). 

From the Format Wars to the Race to Be Everywhere: 20 Years of DRM 

The SPAB audience included many long-time FileOpen customers, as well as DRM skeptics and smaller SDOs who are just beginning to explore technology to protect their intellectual property. Rather than get into a philosophical debate about DRM, I presented a history of digital publishing and the facts of where we are today:

SPAB20Years.001.png

 

The upshot of this 20 year history is that the publishing landscape has become so complex, it is impossible (or would be foolish) for a publisher to choose one distribution channel or file format to distribute their content. Worldwide, the market share of viewing devices and web browsers is fragmented and in flux, with no clear winner (for example, Windows still dominates the desktop OS market, Android vastly outpaces iOS in smartphone operating systems, and Chrome is inching out the competition among Web browsers).

Even Adobe Reader’s market share of the PDF viewer market is being challenged by a long list of 3rd party viewers, many of them implemented without full adherence to the published PDF specification, which can lead to unpredictable changes in document display and behavior. The fracturing of the PDF landscape is both forcing and enabling publishers to provide content in other formats. For example, the Chrome browser does not support complex or DRM’d PDF files, but does include the Flash runtime (even on Linux). Likewise, nearly all mobile devices now have an HTML5-capable browser, so the explosive growth of those devices also creates an enormous new delivery platform. But on non-mobile devices, the HTML5 environment is less secure than either Flash or PDF, so the new environment also imposes a requirement that delivery software positively identify mobile devices as such.

Playing Whack-a Mole with Copyright Infringers

Meanwhile, piracy of standards documents continues to run rampant. Several SDOs described efforts to scan the web for illegally uploaded copies of their content, then sending DMCA (Digital Millennium Copyright Act) takedown notices to the owners of the host websites. One SDO reported having sent more than 150,000 such requests with a compliance rate of less than 50% (most of the sites are outside of the US so not governed by the DMCA legislation). 

So what is a standards publisher to do, and what role can DRM possibly play? The complexity of the publishing landscape poses a big challenge, but also an opportunity to embrace that complexity and use technology to serve the widest possible viewing audience. We’ve been working with a select group of standards publishers to develop a protected publishing system that is invisibleflexible and future-proof. 

FileOpen DocServer (currently in beta) will enable publishers to deliver content seamlessly to the widest range of devices and viewers, with the degree of security they choose, for the best possible end-user experience. Instead of publishing documents based on predictions of users’ devices and platforms, DocServer is based on a “detect, encrypt, deliver” model that serves documents dynamically based on the end-user environment. 

Ultimately, our goals are aligned with those of the standards publishing industry—to enable a frictionless experience for the users consuming documents, while employing technology quietly in the background to preserve the intellectual property and revenues of SDOs and publishers. I closed my talk with a question for the audience: “What would a standard for DRM look like?” We are looking forward to working with our partners to solicit feedback and help define a standard for DRM—because often real progress is the product not just of competition, but of consensus. 

 

Contact Us for a sneak preview of "The New DRM"--FileOpen DocServer

Topics: FileOpen, drm, pdf, Rights Management, Standards Publishing, SDOs

Why do research publishers overwhelmingly choose FileOpen to protect their content?

Posted by Diana Holm

This month we’ve been talking to some of our most valued customers—publishers of financial research, market research, or any research that’s valuable enough that readers are willing to pay for it. We love our research customers because they tell us exactly what they need out of a document security system, and constantly push us toward making our products work more simply and interchangeably with the systems they’re already using to manage subscriptions and deliver documents.

But why do research publishers love FileOpen? Mark Roberts, CEO of the hedge fund report Off Wall Street, says,“We need to deliver our research securely without any hassle for our clients, and ensure that only our clients can access it. Using FileOpen DRM makes the process painless for us and our clients.”

FileOpen document protection

Mark makes a point that we have heard time and time again from research publishers—that any document security scheme has to be as easy as possible for their staff to implement (some research firms have no IT staff at all) and crucially, easy for their paying end-users to authenticate through. If the security makes it hard for subscribers to access content they’ve paid for, it’s not worth doing at all. Research publishers want to spend time producing quality research, not providing tech support to frustrated end-users. 

Fred Hickey, who publishes the popular investment newsletter The High-Tech Strategist, drives the point home: “We can send our research out confident that those who have paid for it can have quick and easy access, and those who haven’t paid for it get no access at all.

Ultimately, when research publishers choose a DRM system, they are buying the peace-of-mind that comes with knowing they are being paid fairly for their work, without alienating their loyal subscriber base with annoying security hurdles.

Our research customers help keep us focused on eliminating such hurdles, and are behind some of our most exciting new features:

  • zero-install (no plug-ins!) secure document display in any web browser running Flash
  • document usage tracking with universal access (anyone can view/share but publisher is notified of every open/print event)
  • portable access from multiple devices, including iPhone/iPad, with support for offline access
  • support for cloud-based document serving including Dropbox

To see these new features in action, join us for a live webcast on Tuesday, August 13th at 12 noon Pacific/3pm Eastern: “Protecting Research Revenue with FileOpen DRM.” 

Register Now!

Topics: FileOpen, protect research, secure research

FileOpen Systems 2012: The Year in Review and a Look into the Future

Posted by FileOpen DRM News

As we start the new year we’d like to extend our sincerest thanks to our licensees, partners and vendors. We truly value your business and look forward to many more years of working with you.  We would also like to take this opportunity to review a few of our accomplishments of the year and provide a glimpse of some of the new features we plan to release in the coming months.ny2013

2012:  Year in Review

2012 was a big year at FileOpen Systems.  We saw steady growth in our licensee base, the number of documents protected, and of platforms supported. This year we added client support for new platforms including Apple iOS, Adobe Acrobat/Reader XI and Windows 8, even as we broadened the reach of our “zero install” solutions. We also saw FileOpen technology integrated into a number of 3rd party products. A few of the highlights from the year include:

    • Early in 2012, we reported solid year-over-year growth and expansion of active licensees in the publishing, financial services, manufacturing, healthcare and government sectors. At the same time we also had a significant surge in licensing to Virtual Data Room (VDR) providers, reinforcing our position as the predominant enabling technology for VDRs.  To sustain this momentum, we expanded our engineering and marketing staff.
    • In February 2012, we exhibited at the RSA Conference in San Francisco, “where the world talks security.” At the show we unveiled the zero-install FileOpen viewer, the culmination of years of development to grant the wish of our licensees who need to distribute documents securely with absolutely no client software download.
    • During the summer we released the FileOpen Viewer for iPad and iPhone.  This new app enables the secure display of FileOpen-protected documents in Apple iOS. In the PDF world we also continued to expand the list of FileOpen-compatible applications to include the most popular PDF viewers.  These include Foxit Phantom/Reader, Nuance PDF Converter Pro, Bluebeam PDF Revu, Nitro Pro 8, and Tracker PDFXChange.
    • This fall we launched the new and improved fileopen.com, with additional content organized by business need, industry segment, and solution.  The site also provides new ways to test out clients with demonstration documents in addition to requesting a full evaluation version.

FileOpen Systems in 2013

We have been working on a number of projects that will be released in the new year. To avoid pre-announcing products or features, we’ll mention only a few general themes that we see as significant for the coming year and for which we hope to provide working solutions. These include:

    • Encryption and management of content will continue to shift from
    • being a centralized publishing function toward being a responsibility of individual document creators. FileOpen will be releasing new and improved tools for local document encryption at the point of creation and/or the point of exit from the local environment.
    • FileOpen will continue to support BYOD in the enterprise through the release of viewer components for new platforms — integrated into a coherent system for enterprise document control.
    • Storage and distribution of content will continue to flow toward cloud-based systems, and FileOpen will continue to expand the functionality to support these solutions.  More specifically, we will be releasing the technology to detect user environments and display content in the most appropriate format while maintaining the highest possible degree of security. 
    • A trend toward tracking of documents, rather than control of those documents, may be accelerated by new offerings from FileOpen that provide this functionality.
    • As the amount of data generated by document control and tracking systems continues to grow, new tools will be provided for the analysis and visualization of that data.

In closing, we would like to thank all of our community for being pioneers and visionaries.  We send you our warmest wishes for the Holidays and for a happy and prosperous New Year.

 

Topics: document control, FileOpen, BYOD, document security

FileOpen Viewer for iPad and iPhone version 1.5 now available

Posted by FileOpen DRM News

We have released an updated version of the FileOpen Viewer for iPad® & iPhone® on the App Store. This version 1.5 release comes with new features that enhance your ability to securely access FileOpen-protected documents.  
 

FileOpen Viewer for iOS

What's New in Version 1.5

  • Optimizations and bugfixes, including  improved display of pdf files containing nonstandard structural elements.
  • Support for a custom URL scheme that enables the automatic opening of pdf or opn files in the viewer, instead of requiring the user to select “Open with FileOpen” from a list of apps.
  • Ability for publishers to define the name of the “Back” button in order to have this redirect to their website. 
  • Support for additional watermarking options including control over font fill and stroke.
  • Support for additional protocol elements including DocuTimeOut and page view notification, and support for hashing of password values.

    To learn more, check out the FileOpen Viewer for iPad/iPhone product page, the FAQ for Publishers and FAQ for End-Users.

Topics: FileOpen, iPhone, iPad, Client Release, iOS 6, App Stor, Version Release

RIM's "PlayBook" Will Extend FileOpen's Reach on Handheld Devices

Posted by Sanford Bingham

playbookThis week Research in Motion announced a tablet device, named the “BlackBerry PlayBook”, that appears to exceed the specifications of the iPad in every respect other than screen-size. The device, which will debut in the second half of 2011, will have a dual-core processor and 1Gb of memory, a variety of input/output ports, and two cameras (i.e. the ability to videoconference).

Most important for our customers, the PlayBook will run Flash 10.1, and therefore should support both the FileOpen Viewer and our recently released BlackBerry client. This would enable distribution of the same FileOpen-encrypted document to the BlackBerry, PlayBook, and on standard Windows/Macintosh/Linux computers.

The PlayBook will work immediately with BlackBerry Enterprise servers. It runs a Unix-derived microkernel operating system (QNX) that RIM acquired along with the company of the same name earlier this year. Reports describe the OS as extremely secure and capable of true multitasking, something the iOS can’t currently provide. The seven inch screen is smaller than the iPad’s by two inches, but this may be intentional (there are rumors that the next version of the iPad will include a model with a seven-inch screen). 

Check out our press release announcing our support of the BlackBerry platform for document distribution, and stay tuned for more announcements as we extend secure document sharing to the world of smartphones and tablets.

Topics: document control, FileOpen, blackberry, pdf security, RIM, Research in Motion, PlayBook

FileOpen for Handhelds

Posted by Sanford Bingham

This week FileOpen Systems is releasing FileOpen Document Control fileopenbbfor Blackberry™, the first of several implementations of our software for handheld devices. This product release is the first example of general architecture that we expect will permit the expansion of the FileOpen footprint to include a variety of devices and systems. The key idea behind this design can be summed up as “Adapt to the incumbent viewer.”

This is not a new idea, of course: FileOpen has always adapted to the incumbent PDF viewer on the PC/Mac/Linux platform, which is Adobe Acrobat/Reader. However, there currently is no Adobe Reader for Blackberry™. Adobe has released a viewer for the Android OS, which also uses the Java language, so the possibility exists that we’ll see an Adobe Reader for Blackberry™ in the near future. At the moment there are two incumbent viewers on the BlackBerry™ platform:  BeamReader (www.slgmobile.com) and RepliGo (www.cerience.com). Neither product is free (both cost about $15 for a perpetual license), but both do a good job of rendering a PDF entirely on the local device.

Our initial intent had been to create a “FileOpen PDF Viewer” for the BlackBerry™, i.e. to display documents in our own application. However, as the development got underway we discovered that the BlackBerry OS doesn’t permit more than one application to be registered for a particular file type, so if we were to deliver a FileOpen PDF Viewer any user who installed that application would be forced to use it to display all PDFs (even those not encrypted by FileOpen). We could also have changed the file extension from PDF to something else, but doing that violates some of our core design principles (we work with native formats) and doing so for only one device would be a recipe for end-user confusion.

Even if we could, FileOpen Systems has no desire or incentive to displace the incumbent players in the BlackBerry™ PDF viewer market, or even to favor any single player over any other. So we decided on an approach that would allow our application to work with any and all viewers that support the required Java Mobile Edition (JME) functions for interapplication communication. On BlackBerry™ devices where a compliant PDF viewer is present, PDF files encrypted by FileOpen can now be authenticated and modified by our application, then opened and displayed in the incumbent viewer.

Going forward we think this approach will simplify the development of solutions for other handheld devices. Look for more announcements in this space in the coming weeks.

Find out more about FileOpen Document Control for Blackberry™

Request a 30-Day Free Trial of FileOpen Document Control for PDF and Blackberry™!

Topics: document control, FileOpen, blackberry, drm, pdf security, pdf encryption, pdf, RIM

Computerworld Interviews FileOpen Customer for ERM Article

Posted by Sanford Bingham

 

We'd like to thank Elisabeth Horwitt for her mention of FileOpen Systems in a recent Computerworld article, "Enterprise rights management and keeping data in-house," and also to thank Paul Chow of BCA Research for his comments about his company is using FileOpen software in the same piece. 
 
The article describes some of the challenges around Enterprise Rights Management from an IT perspective. It also illuminates one of the important trends now emerging, the interplay between Digital Loss Prevention (DLP) and ERM/DRM. FileOpen has just made available a whitepaper on that subject, "FileOpen and Data Loss Prevention," which explores how the two approaches can complement each other.

Computerworld approached FileOpen customer Paul Chow at BCA Research, who explained why they chose FileOpen's DRM over alternative solutions;

BCA, for example, stopped using LockLizard's IRM product because it required installing a proprietary PDF reader that was not Adobe's, Chow says. "For our client base, that just wouldn't work." In contrast, FileOpen supplies a plug-in to users' existing Adobe readers that can be installed in 30 seconds, he adds.

The article underscores the importance of choosing DRM software which provides tools for managing users and permissions policies, a feature FileOpen has long provided and is soon to release in a web-based interface.

Topics: FileOpen, DLP, digital loss prevention, Computerworld

The British Library Adopts FileOpen DRM as a User-friendly Solution

Posted by Diana Holm

We are not big on generating a lot of press releases here at FileOpen, preferring toBritish Library logo stick to our knitting so to speak, but every so often a customer will take it upon themselves to evangelize FileOpen software, and we'd be ungrateful not to share their enthusiasm (if a little belatedly).

The British Library, one of the world's largest document repositories, issued a press release in November 2009 entitled "The British Library Improves Electronic Access with New DRM Platform from leading provider, FileOpen Systems." Their announcement emphasized the greater flexibility FileOpen DRM would provide to end-users, with the library's head of sales and marketing quoted as saying, "The decision to add FileOpen to our Document Supply delivery options was driven by customer demand, they wanted a choice of electronic delivery options....Customer feedback from the testing phase was very positive, and we are pleased to announce that we are now recommending FileOpen as our preferred electronic delivery option to all customers."

We were also pleased to see the British Library's official response to "An open letter to the British Library" posted by Richard Mitchell of the University of York on the British Library's Facebook page. Mr. Mitchell had written to the library to express his "disappointment at the British Library's decision to use proprietary, DRM-encumbered software to distribute journal articles, whilst other institutions and publishers happily distribute their articles in the much more accessible PDF format." He also bemoans the lack of support for Linux.

It turns out, Mr. Mitchell was referring to the British Library's prior use of Adobe's Digital Editions DRM platform, which necessitates the download of a separate viewer and does not support the standard Adobe Reader. Nor does the Digital Editions viewer run on Linux. The British Library's Barry Smith thanks Mr. Mitchell for his comments and informs him the British Library will be launching "an additional DRM facility in early 2009 that will be compatible with Linux (and most other open source platforms) called FileOpen." Mr. Smith goes on to say that "From April, we will be encouraging our academic users to switch to FileOpen, as it will offer more flexibility for many of our customers."

FileOpen's relationship with The British Library goes back to 2000, and after many damp and chilly train trips from London to Boston Spa to meet with their information services management and understand their complex requirements, it is especially gratifying to have the support of both the Library and their end-users.

Topics: FileOpen, british library, drm, pdf security, pdf encryption, digital editions

Alternative PDF Viewers Lag Behind Adobe Reader in Security

Posted by Sanford Bingham

pdf viewersOur colleague Vivek Unune has pointed out yet another attack related to PDF files. 

This one is a bit unusual in that it exploits a PDF language feature (launch action for embedded files), rather than a specific vulnerability. This means that it impacts not only the Adobe Reader, but probably all full-featured PDF viewers (though not all PDF viewers are full featured, see below).

At least one PDF viewer, Foxit Reader, appears to be more vulnerable to this particular exploit than the Adobe Reader. This is not unusual:  most of the PDF exploits that have been uncovered so far, especially the ones related to JavaScript, affect most, if not all, other PDF viewers at least as much as they do the Adobe viewer (http://www.pcworld.com/businesscenter/article/160977/foxit_pdf_viewer_also_open_to_attack_say_researchers.html).

This particular attack requires that the user actively allow the exploit to run, though as the author points out it is quite possible to mask this in such a way as to make it likely that users will go along (and in Foxit the exploit just runs, with no user interaction required). Preventing the exploit in the Adobe viewer is relatively simple (uncheck the box at Edit>Preferences>Trust Manager: Allow opening of non-PDF file attachments with external applications).

The reason one hears so much less about other vulnerable PDF applications is presumably that they are much less widely used.  While there are a great many PDF viewers (see http://en.wikipedia.org/wiki/List_of_PDF_software), only one of them has any significant market share. I can't cite any real data for this claim (if anyone has statistics on penetration levels please send it), but my guess is that the distribution of PDF viewers is similar to that in the Office productivity market (MS Office vs. Corel and Open Office etc.), where the Microsoft share is about 80% overall (see http://www.webmasterpro.de/portal/news/2010/02/05/international-openoffice-market-shares.html). In the PDF world I'd bet that the combined share of all non-Adobe PDF viewers is less than 10% of the total, with the Adobe viewer having the other 90%.

With this in mind I was intrigued to read a review by Duff Johnson of Appligent, http://www.appligent.com/talkingpdf-pdfreaderreview, in which he analyzes a few alternative PDF viewers and finds each of them wanting in many important respects, relative to Adobe's viewer. This functionality-gap is the result of Adobe having invented PDF and working with it longer, with more resources, than anyone else.

Just as we have seen Microsoft over the past five years, perhaps longer, make security a primary objective so too do we now see Adobe prioritizing the effort to stop vulnerabilities. Today the case can reasonably be made that Windows is the most secure OS available (see http://blogs.zdnet.com/hardware/?p=4146, http://www.oreillynet.com/windows/blog/2007/05/is_vista_more_secure_than_mac_1.html, etc.), and the same can be said about the Adobe 9.x viewers relative to all other PDF viewers. Adobe's statements around the beta of the next Acrobat release suggest that security will be an even more important part of that product, along with a variety of other features and functionality that we will discuss as soon as we are permitted to do so.

I should point out that FileOpen's encryption tools work with PDFs generated from a wide range of third-party PDF creation tools, in addition to Adobe Acrobat, as long as the PDFs are compliant with the PDF Specification, now an ISO standard. On the client-side, however, we currently support the Adobe Viewer for secure PDF viewing (in part for the security reasons mentioned above). We have also developed the FileOpen document viewer which can convert PDF content and display it securely in any Flash-enabled web browser, without any need for a client plug-in.

Topics: document control, FileOpen, pdf security, pdf encryption

Tech Support Question of the Day: Why can't some authorized users open protected PDFs?

Posted by Sanford Bingham

We sometimes get inquiries from IT departments on behalf of users trying to open documents encrypted with the FileOpen software. Sometimes the question concerns the general design of the system, sometimes it is specific to a particular error condition. From time to time as these questions arrive we will post answers to this blog. Here's one such message.

"We have a few FileOpen plug-in users that are unable to open PDFs.  When attempting to do so, they get error "There was an error contacting the server or the server's response could not be decoded.  Please check your internet connection.  If the error persists please contact the publisher and present the text of this message".

I have downloaded the latest version of FileOpen from the website, and attempted to open a PDF from <publisher>, but I still get the same error.

>In order to help troubleshoot this, I am hoping that you can provide:

  • A generic test PDF from FileOpen that we can use to determine whether this is an issue with using FileOpen itself, or an issue with the publisher of the PDF.
  • A host that we can telnet to, and the necessary ports, to determine whether firewall rules are not set properly on our end.
  • Any other suggestions that you might have."

Somewhat parenthetically, I'd like to point out the extremely professional structure of this question: the exact text of the error is presented, the questioner seems to have already determined the cause of the problem (firewall blocking access) so asks for data to verify that assumption. For a tech-support person, interactions like this one are a real pleasure.

In response, we can say:

There is a FileOpen test-server at http://www.rightserver.com/fowp that can be used to validate the behavior of the FileOpen client. This server is part of our Toolkit evaluation package, and implements a very simple PermissionServer script, without SSL, and contains document examples that don't require any authentication. At the top of the page there's an anchor link for MachineID, and the four documents in that section will open for any user at any time provided the user has the FileOpen client and an active internet connection. The page also contains links to files that demonstrate some of the other authentication methods, so can be used to validate other behaviors as well.

However, the fact that a document opens from the above site does not necessarily mean that the same machine will be able to open documents from any given publisher using the FileOpen software. Because of the design of our system (publishers are not required to use our server software, and their own implementations can use any port), the specifics of the ports needed for any given document can't be known ahead of time. Nearly all PermisisonServers running the FileOpen software use either port 80 or 443, but this is not a requirement.

The important things to consider if a document doesn't open are:

  • Is the FileOpen client installed (check Help>About 3rd Party Plug-ins>FileOpen WebPublisher)?  If not, install from http://plugin.fileopen.com/ or http://plugin.fileopen.com/all.html
  • Does the error message contain text that suggests that the Publisher's server could not be reached (the one above, or a message with text like "Unable to get server data [FO error #2114, OS error #0].")  If so, attempt to open a file from the test site above. If that also fails, check that the machine is connected to the internet and that the local proxy or firewall permits Adobe Acrobat/Reader to communicate over port 80.
  • Does the error contain a message that is specific to this document or user, e.g. something like "Document Access Denied: This machine is not registered for access to this document."?   If so the technical underpinnings are working properly - the client was able to contact the server and got a response - but there is a business issue between the user and the publisher, i.e. that publisher does not recognize the user or user's machine as having access to the document.

For more on the inner workings of the FileOpen plug-in for PDF, please see the FAQ.

Topics: FileOpen, drm, plug-in, adobe, troubleshooting