If you’re a serious PDF user, then it’s almost a given that you’re familiar with Nitro PDF Software. Nitro PDF Software is a leading PDF software vendor, and the company behind Nitro PDF Professional. And, for those of us who love free software, Nitro PDF offers the award-winning free Nitro PDF Reader – you can read my take on Nitro PDF Reader here.
If you’re looking for a free PDF creator, Nitro PDF Software has you covered here as well, with its free application - PrimoPDF – which many consider (including me), to be the best free PDF creator available.
This past week, Nitro PDF Software published a list covering three major PDF security blunders, a recent public example of each, and additionally – the best practices computer users can take to ensure their own digital document security.
Security conscious users will find the following information especially useful.
From Nitro PDF Software (with permission):
Protection, Passwords, and Permissions to Safeguard Confidential Information
Problem & Example: In what might be the only example of a lax approach to document security resulting in the #1 spot on Amazon.com’s best seller list and a subsequent film deal, first-time author Adam Mansbach’s self-proclaimed “children’s book for adults”, Go the #### to Sleep, enjoyed unexpectedly positive consequences when a bootlegged PDF became a viral success story, according to Fast Company.
It’s fair to assume Adam is less than upset right now, but – unfortunately for the rest of us – more common outcomes for similar incidents tend to involve phrases like “identity theft” and “job dismissal.”
Solution: There are a number of ways to mitigate against the risks inherent with electronic distribution, the most simple being password protection – an effective way to reduce the chances of someone other than the intended recipient being able to view the document. Always provide the password separately to the document itself – ideally over the phone or in person – and try to think of something more challenging to guess than “password.”
Did you know you can also set permissions with PDF files? This enables you to specify what a user can actually do with your document. File permissions are an effective way to prevent manipulation or unauthorized sharing – allow or deny big-ticket items like printing or editing, and even block individual actions like copying text or images.
Flatten Documents to Maintain Authenticity and Prevent Manipulation
Problem & Example: The decision to release US President Barack Obama’s birth certificate only fanned the flames of debate when the PDF version made public contained a number of so-called “inconsistencies” – most visibly the presence of layered content, giving the impression the document had been digitally altered. A more realistic conclusion would be the use of optical character recognition (if the certificate had indeed been manipulated, it’s difficult to imagine such a rookie mistake would have been committed.) Read a full story at the National Review.
Solution: The majority of us will never be subject to this kind of public scrutiny, but there are best practices to follow when publishing final form documents that are relevant to almost anyone –layered content in PDF files often holds information relating to the text and images it displays, which often remains after the visual component has been deleted. “Live” text (such as form field data or annotations) is also more easily manipulated.
Certain industry bodies standardize and regulate document practices to safeguard against similar incidents – an example being the legal sector and its usage of the TIFF format, to preserve the integrity and authenticity of legally binding documents after publishing. Most desktop PDF solutions enable you to create image-based PDFs, ensuring that vector objects, text, annotations, and everything else that exists as an independent element is baked into the page as an image.
(Not) Deleting Confidential Information
Problem & Example: Whilst an effective way to redact (or permanently delete) information from physical paper, the “black marker” method happens to be rather ineffective with digital documents, as the British Navy discovered recently when they accidentally revealed information about the security of their nuclear submarines. IT security blog NakedSecurity explains it well, but the highly confidential document was “redacted” by applying a black background to the (black) text intended for removal, allowing anyone to simply copy and paste the text obscured by the black background.
Solution: As we mentioned before, PDF files have multiple layers – what looks like flat paper onscreen is three dimensional underneath. Redaction is a complex and powerful tool that (used properly) enables the complete removal of all content, and not just what you see rendered in front of you. You should never assume that simply deleting text or images guarantees complete removal, and anyone working with confidential documents should possess an understanding of their file structure and processes like redaction.
About Nitro PDF Software
Headquartered in San Francisco, Nitro PDF Software has operations spanning North America, Europe, Asia and Australia. Competitively priced, Nitro PDF Professional provides users full control over PDF documents, including commenting, form-filling and authoring, digital signatures, text editing, one-click creation from Microsoft Office and more. Nitro PDF Software products have won multiple “Editors’ Choice” and “Product of the Year” awards and are used by millions of people worldwide, including a significant number of Fortune 500 organizations.
If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.