Practicing Safe Text - PDF Security Myths and Misdemeanors-PART II

In Part I of this posting, we discussed "out of the box" PDF security and issues to be aware of.  Part II summarizes measures you should consider when dealing with content worthy of security.

SAFE TEXT – What to do
In this blog post we discuss Digital Certificates which provide a significant level of protection for PDF content and also review these out-of-the-box measures:

  • become familiar with standard PDF security options which can significantly limit the ability of the typical user to modify your PDF document;
  • Add watermarks to discourage converting your PDF file to MS Word with an OCR solution.
  • Use an OPEN password since these tend to be very hard to crack, and help keep the document “hidden” (not viewed) until proper access is provided.  This is perhaps the best solution in the “standard” arsenal of tools provided in PDF content solutions like pdfDocs and Acrobat.

Even with these out of the box tools, there are third party tools which can circumvent PDF security.  So where does that leave you as a creator of PDF documents - why should you trust this document format?

A PDF document provides a way of indicating that a PDF document has either been modified or has been entirely recreated from scratch to look like your original document, by using Digital Certificates. 

A digital certificate can be applied to a PDF with the use of a Certificate that you either generate through your Windows server or buy from a “trusted third party” organization like Verisign (just one example of many companies providing this solution).  Digital certificates can show a 'physical' signature on a document but more importantly, will calculates a value using all the digital bits and bytes in your documents using a complex mathematical algorithm, and thus create a checksum number on the PDF document. 

When you and the recipient of the PDFlook at the PDF in Adobe Reader, it will display the digital signature and indicate who applied it and when, and will verify the check sum confirming that the document has not been modified since the digital certificate was applied.  

If someone has un-secured your PDF document, the digital certificate will show that the document has been tampered with since the checksum won't match the bits and bytes now in the document.  The digital certificate cannot tell you where it was tampered with, or by whom, but at least you will know it has been tampered with and is no longer reliable. 

pdfDocs provides for the ability to easily add digital certificates to a PDF,  both from within the pdfDocs Organizer application,  but also directly from within many popular document management products by simply right-clicking on the document and 'signing' it - so this should be easy for everyone to do. 

In summary, I still believe it is very worthwhile to use “out of the box” PDF security since it keeps 90% of people from editing your document – accidentally or otherwise. If you want to be sure that your documents are in their original format, apply a digital certificate to the PDF so you at least know the PDF you are reading has the information intended by the author.

Dean Sappey is President and co-founder of Docscorp.   Dean has a degree in computer science and has been developing technology used by law firms and accounting firms for the past 20 years.   He currently manages the growth of Docscorp internationally whilst continuing to be involved in concept and workflow designs for new Docscorp software products.  Docscorp has for the past 8 years developed and sold worldwide the pdfDocs Solutions suite,  to provide the creation,  editing,  manipulation of PDF documents integrated into workflows common to Document Management Professionals.