Business Friendly Distribution – Next Generation Document Security

A search of the website for ASIS International’s 2006 52nd Annual Seminar and Exhibits in San Diego this past September revealed nine exhibitor matches for the term “document security”. Yet eight of the nine dealt with physical document destruction and protection of static data such as those residing on servers, laptops, in paper files and on various personal devices such as cell phones, without addressing the single-biggest document security threat companies now face: the unbounded e-distribution of documents and data in motion.

What is total document security?

At the core of this worldwide security gap is a consensus, or lack thereof, regarding what comprises document security.

Is it timely and thorough document shredding? Secure records storage? Removal of laptop hard drives? Server security? Appropriate e-scrapping? In other words, is it the protection of static data?

Or is document security all this and something more: Enabling security professionals to easily track and control access to all of their organization’s e-distributed documents everywhere in the cyber world, even beyond corporate firewalls? Does document security of necessity encompass the protection of mobile data?

We would argue that all static and mobile aspects of security are of paramount importance, yet only the static document security has been adequately addressed in the marketplace. The security industry has locked the doors regarding static data, as well it should. But the security industry as a whole is leaving its windows wide open to theft, alteration and unbounded distribution of the most sensitive data companies distribute—their mobile documents that are in transit on the Internet.

Why total document security?

Total document security implies the safekeeping, not only of your static data, but all your sensitive information. Increasingly, the pace of business requires companies to transmit intellectual property, personally identifiable information, and/or personal health information, and the costs of a runaway, breached, altered, or stolen piece of information are skyrocketing.

To wit, studies elucidate that fully 72% of mobile document breaches occur because of a lack of protection; 84% occur when insiders distribute confidential data outside the company; and 35% of companies report that they have experienced an insider attack within the past year (Gartner CERT® Insider Threat Report, 2005).

The fact is, estimates place up to 35% of lost corporate revenues arising from the illicit distribution of documents (KPMG, 2005). As the statistics above exemplify, corporate digital data are mostly pirated from within a company, and storing those data securely is only the leading edge of the problem.

The majority of companies' intellectual property and other sensitive information are not residing in a secure system. No, these data are--and must be, for business' sake--mobile--distributed in PDF's and other formats via the Internet. These data are exceptionally vulnerable during transit. Anyone in the company can elect to alter and/or forward such a document, with no thread tying them to the outcome.

Today, the mobile nature of your company’s data can render physical document destruction meaningless. If you have physically destroyed a document, yet copies are circulating that you cannot access, then your windows are open. Anyone can steal, alter, misuse, and redistribute your information—and you’ll never know whodunit.

Achieving total document security: Finding the document thread

A lack of document security distribution awareness creates a scenario in which any one end-user can produce a sea of unknown users, sending copies at will and without fear of detection.

But what if there were an easy, efficient way to close the windows and truly secure your mobile information?

Total document security is not only possible, but probable—if you use the right tool. And that tool is document thread via business friendly distribution.

What is document thread?

Document thread is best described in analogous terms with which we all readily identify—namely, an email thread.

As you know, an email thread is an audit trail of the distribution of a digital message. And an email thread can be tampered with or altered without the recipient’s awareness. For instance, an email thread can have prior recipients and their text removed, or added, then forwarded onwards as if original. Dates and times can be modified without detection. In short, an email thread seems to provide an audit trail of distribution, but it is an untrustworthy trail that cannot be validated.

Like an email thread, document thread has to do with following an e-distributed piece of information. However, this thread’s piece of information is in a document form such as a PDF. Like email thread, e-distributed documents can be tampered with and altered if appropriate protection is not applied to the document throughout the distributed document thread.

What document thread features will prove most helpful?

Your mobile data will be best protected by The Big Three features with software providing document thread: Deterrence, Detection, and Disablement. These key features, described below, enable you to protect, monitor, measure and manage access to all of your sensitive e-distributed data. They are of vital import as you seek a software solution for your mobile document security.

Deter: It’s often been said that the best defense is a good offense, and this is also true with the defense of your mobile data. With document threading capabilities as a part of your document distribution and destruction policy, you can deter document recipients from tampering or breaching e-distributed material. This is accomplished either by setting stringent security levels for sensitive documents, informing document recipients that their activities can be monitored, or both. When recipients know their activities can be traced directly to themselves, it can prove a powerful disincentive to inappropriate sharing and alteration of sensitive information.

For example: You can use encryption and login standards at the point of access to the document to deter recipients from being able to tamper with the document. Additionally, you can digitally watermark the document with a unique identifier of the original recipient and store that information securely as the record of the document thread source. Lastly, you can make a hashed fingerprint of the document to use for validation at any time in the future that the document has not been tampered.

Detect: Document threading capabilities signify an audit trail that enables detection of a potential point of breach. By setting business rules that enable thresholds based on distribution rules-- e.g., “This document cannot be shared outside our company’s firewall”-- you can then be notified if the document in question is shared beyond your self-defined limits. This level of monitoring at the document enables e-discovery and forensic detection detailing breach and/or altered information, so you can prevent serious threats to the integrity and secrecy of sensitive documents.

For example: You can associate a protected and secured policy file with the document thread that actually “travels” with the document throughout its distribution and is required to be present in order to view the document. This policy file will gather vital document thread information that is communicated back to the originators’ knowledge base, and will help to track and monitor the document thread. This monitor feature would include making hashed fingerprints of every desktop that the document thread includes, thereby creating a forensic audit trail of the document thread. This monitoring would be compared to the business threshold rules, then alerts and reports would be generated based on the behavior of the document thread.

Thus, forensics are enabled and supported by the document thread. With these techniques, you can discern that a thread has passed through a particular desktop, even if the distributor has tried to hide those tracks, as by deleting the evidence of the history on the document.

Disable: Because document threading capabilities today are so accurate, you can choose to disable breached documents. You can disable the document for a specific document thread, or you may elect to disable the document for everyone. Disabling the document means not only that the information cannot be forwarded, but that any sensitive information already distributed will be disabled as well. This also applies to the destruction of a document: You disable the document thread, thus ensuring all digital copies of the document are rendered inaccessible.

For example: With the click of a button, you can decide to merely track that documents are sent, by whom, and from which machines; completely enable or disable a document thread; set expiration rules; set the appropriate security level for a given document; or protect sensitive documents from all but an approved base of users and machines, at specific times, simultaneously preventing the further distribution of such files. Additionally, at the point in time that a document is to be destroyed or rendered non-accessible in the digital world, you can disable the entire document thread and ensure the complete destruction of the digital document.

What about DRM? Business Friendly Distribution as a superior document security and document thread process:

But isn’t Digital Rights Management (DRM) already addressing the document thread? The answer is a qualified yes and no. For small groups that can easily identify the recipients of the document and thereby manage that recipient list, DRM is theoretically a workable solution. However, in reality, very few businesses fit this profile. For most, the dynamic nature of business is unpredictable, the audience is large, and therefore the management of a business document thread outweighs the benefits within a DRM implementation.

DRM is a complex, management-intensive access control scheme that relies on a severely restrictive distribution model that hinders the necessary speed of business. DRM can take years to implement across enterprises, and tends to negatively impact the normal information distribution flow to authorized recipients within an organization or partner base.

Given the dynamic, rapid, and oft-unpredictable nature of business, the most critical features of a document thread include ease of application, combined with accurate forensic information and your consequent empowerment to make informed decisions regarding what to do about the document via Business Friendly Distribution processes.

BFD stands in stark contrast to traditional DRM solutions. With BFD, document threading proceeds in a facile, customizable fashion that maintains your business’ rapid pace and puts all the decision-making control in your hands. BFD’s focus is on the gathering of knowledge about use and distribution, a.k.a. document thread, whereas DRM focuses on the implementation of access restrictions to information for recipients.

In short, BFD provides the framework for a more elegant solution that is much less complex (and hence, much less costly) to implement and manage.

With BFD as a foundation you get the following benefits:

• Only BFD allows you to obtain document thread information so as to protect, monitor, measure and manage all access to your e-distributed documents.
• BFD is much easier and less costly to implement than DRM solutions,
• BFD significantly minimizes the amount of system administration required after implementation,
• BFD focuses on obtaining knowledge about document distribution in lieu of enforcing difficult to implement document access restrictions.
• BFD incurs no negative usability impacts for authorized document recipients.

Placing that information in your hands is the task of a great document thread; giving you the power to make decisions based on that information is known as Business Friendly Distribution (BFD). Should you turn off the document for all but the approved base of users? Set expiration rules? Simply watch and wait? With document thread via BFD, you make the decisions.

Conclusion

Total document security is achieved not only through the important guarding of physical and static data, but also must include protecting, monitoring, measuring and managing the e-distribution of your documents. Software that incorporates document threading capabilities that operate according to user-selected guidelines via business friendly distribution deters and detects document tampering and breach. Such software also disables access to the documents from the point of breach forward.

Mobile document security for e-distributed data, until recently not even optional, is now both easily accomplished and vital for your company’s security needs.