Sharing important documents is an act of trust that can have catastrophic consequences for you and your business if it’s not done properly. An unsecured document, or a document shared with the wrong person, can expose you to risks that may not become evident for years after the original transaction has been completed.
But there are several safeguards you can take to protect yourself and your most confidential information to track when your shared files have been opened, downloaded or even shared with others down the line.
Using File Sharing Services Like Dropbox
Dropbox, Google Drive, Microsoft OneDrive and all the other file-sharing services have enormous benefits compared to sharing files on an FTP server or through email attachments. They’re fast, easy to use and secure for most documents.
You can upload your files to a folder, share them with the people who need them and then delete the folder when you no longer want the documents to be shared. If you want to share the files with another group of people, you can put copies in a new folder, which will have a different link.
These are great for sharing files that need a modest degree of security, provided you don’t have to manage numerous folders that need to be shared and deleted at different times.
However, for highly sensitive documents, file-sharing services simply aren’t appropriate. They don’t allow you to control what people do with the documents while they have access. Once they download those files, they’re free to print them, copy them or share them with whomever they wish – and you’ll never know about it. (You can learn more about the pitfalls of Dropbox’s security here.)
Using PDF Security Workarounds
There are many ways to encrypt and add a password to a PDF. You can use Adobe Acrobat or Microsoft Word, or any of the numerous websites offering such services. However, as easy as it is to password-protect a PDF using these tools, it’s often just as easy to unlock them.
Decrypting a PDF and removing its password is something anyone can do. It doesn’t take any technical expertise. All it requires is a quick Google search for “remove pdf password.” Depending on the encryption you used and the password you chose, this could take seconds, or it could take several hours of work. It can be done using a free website, a free browser extension, or by downloading a free trial of a drag-and-drop app on a smartphone.
Unlocking the password from a PDF is often just a three-step process. Open a website like SodaPDF or SmallPDF, drag your file into the web browser window and then download the unlocked version of the file. The website will usually prompt you to declare that you have the right to strip the password from a document – and will assume you have no reason to lie about that.
Other Ways to Hack PDF Passwords
There are numerous other ways to bypass the document-level security you might put on a PDF. Over at PassCope.com, for example, they say you can put a password-protected PDF into an email attachment, send it to yourself and then use the “View as HTML” option to open the file, copy it, save it, or print it out. Even if you’ve heard of this hack before, you have to admit it’s pretty clever.
Whether or not this trick works with your PDF passwords isn’t even important. If it doesn’t work, they have dozens of other suggestions, while other websites have dozens more. There are professional hackers and bored teenagers all over the world who invest a large part of their time in figuring out new ways to hack document-level security.
This raises two important questions for you and your business:
- Do you have the time or inclination to keep up with their latest hacks?
- Do you have the required level of expertise to trust your company’s security to a free password tool?
Using Caplinked’s DRM Solution
Using a state-of-the-art virtual data room gives you the tools and processes you need to take the guesswork out of document security. With Caplinked’s VDR, you have access to digital rights management (DRM) tools right from your web browser. You select who should have access to specific files and when they should have access.
Caplinked uses military-grade 256-bit SSL encryption. This means there are two to the 256th power of different combinations a hacker would need to try if they wanted to crack your file’s encryption – this is essentially impossible for even the fastest computers running the best hacking software.
Digital Document Shredding
If you set an expiration date for downloading documents, anyone who has downloaded those documents will automatically lose access on the date you specify. You can also revoke access manually at any time, as well as extend access, or renew access that has been terminated. Once access has been terminated, not only is the file unavailable to download, any downloaded copies are essentially shredded and deleted from others’ devices.
Preventing Data Leaks
Users get hacked all the time. So being able to track document access is another important security feature provided by Caplinked’s VDR. If you notice suspicious activity, like someone suddenly using a different IP address to access a file, you can terminate or suspend access immediately. In fact, you can even lock access to specific locations, so if all of your users are located in the United States, you can lock the files from being accessed from other countries.
Caplinks’ FileProtect software keeps track of every file you upload, including when it was downloaded and when it was opened. This provides you with valuable analytics so you can determine who is interested in what you have shared and who is not. If you share a file with a prospective client, for example, you’ll know exactly when they have read your proposal so you can time your follow-up call at the optimum time.
Managing Multiple Documents for Multiple Groups
Managing multiple documents in a VDR is easy. There’s no need to create multiple copies of the same files for different groups of people. You simply create as many new groups as you need, set the time period for their access to your documents and then send them invitations to view those documents.
Suppose, for example, your startup is looking for investors. You place a PDF of your business plan in one folder in your VDR. In another folder you place your financials, your product schematics, detailed market research and other relevant documents. When a group of investors expresses interest, you give them access to your business plan folder for two weeks. If they ask to see more detailed information, you can then give them access to the second folder. If they turn you down, you can terminate access immediately.
At any time, you can extend or terminate access to specific folders, or leave the window open for the period of time you have set, assured that when the date arrives, their access will terminate automatically.
Try out Caplinked’s DRM options for yourself with a free trial account.