Here at Wibu-Systems, we spend much of our time speaking with customers and evangelizing at industry meetings and conferences regarding the importance of protecting software and intellectual property against illegal copying, reverse engineering and tampering. We also espouse the virtues of entitlement management through secure and flexible licensing mechanisms. And now we have our hands full with integrating technology for developers to protect the intelligent devices, systems and factories that comprise the IoT and Industrial IoT.
It is also important, however, that we keep in mind the significance of protecting digital documents as well. Today, most content is created, stored, and transmitted digitally. Left unprotected, the digital content can be easily copied and distributed electronically to millions of people in just seconds. This can result in a catastrophic loss of intellectual property, in the case of sensitive business merger and acquisition documents, patents, engineering blueprints, training materials and the like. It can also cause great financial loss in the case of stolen documents, such as comprehensive market research studies, technical e-learning programs, etc., that are created for sale.
Surprisingly, document protection can be far more complex than protecting software applications due to the fact that, unlike software applications, a file that needs a separate executable to be opened cannot include encryption and decryption methods.
For example, let’s look at standard .PDF files. Adobe already offers a password-based solution for encrypting .PDF files to prevent actions like printing, copying, or editing. This standard solution, however, has drawbacks.
Passwords are often too short and weak, allowing a straightforward dictionary attack
The user of the file needs to know the password and might disclose it to others
Nothing stops screen capture applications
The story is the same for file formats that require proprietary software to create and access the files. Consider these common use cases:
The software may require custom settings that are adjusted for each user. Different users should not be able to share these settings.
Documents are sold as an additional revenue source. These documents should only be available to the people who actually bought them.
The software produces data that can be opened only with an appropriate license. e.g. a live recorded concert should only be readable and editable back in the studio by someone with an appropriate license.
Software processes data that should only be coming from someone with the right entitlements, hence a license is needed to save the document. e.g. data that enables sheet metal fabrication based on a specific design pattern.
It is prudent to consider and implement document protection that goes well beyond what may or may not be included in the specific document creation application. I invite you to read about our SmartShelter protection mechanisms in our most recent bi-annual magazine, KEYnote 33.
For a more detailed description and demonstration, you can join us for our Webinar, A Shelter to Protect Your Documents, on April 5, at 10 a.m. CET/9 a.m. PST, or register for an on-demand replay.