Some Quick Thoughts on PDF Security

You’ve been hit over the head with it: one of the key features of the PDF is that it comes with securing features. You can add passwords to PDF,  restrict utilization, and even certify an encrypted PDF.

Yet, as great as those features may sound, security options can only do so much outside of the digital state.

We were recently asked a question by a prospective customer:

“How do you prevent a user from distributing a created PDF? I only want the downloader to view this [confidential] document. I do not want him to be able to send a “Copy” to the entire staff.”

One of our staff members, George, had this to say in response which brings to light an important point:

“The problem is the fundamental one – the PDF document is just an ordinary file, just like any other on computer…it can be copied, sent via FTP or email, deleted etc. – just as any other file. Therefore, there is no way to limit distribution of the FILE that is the document itself…It really isn’t possible to prevent a person who reads the content of a PDF file from copying it by hand, or taking screenshots of it, talking about it etc…”

Of course, this makes you wonder about your own files–have they been compromised?  The problem is that PDF security places a little too much emphasis on the document falling into the wrong hands, not the hands of the intended recipient. Is there a possibility that they could be both one and the same?

Sad to say, PDF capabilities just  don’t eliminate the human factor on the other end once the file is accessed.  The only thing you can do to prevent this is to make sure that the file has the highest security settings in place. And–  of course, ensure you’re sending the file to a trusted recipient (no sarcasm intended).

One tip: When deciding on the security for your PDF document, think of the characteristics of certain security measures. For instance, passwords can be compromised,  printed PDF documents can be photocopied, etc. Think outside the security box.

This is not to say that the PDF isn’t good enough at securing documents. It is. Only, it just stops short of ensuring honesty in the work environment. There are good security measures available, just don’t take them for granted.