Keeping your PDF documents secure is a vital step in keeping data secure. Consider how much data is widely shared between companies and government entities in the modern world; for example, your personal information such as Name, Date of Birth, Personal Identification Numbers are stored in digital boarding passes, receipts, and archives. These can be saved by companies, healthcare entities, banks and more. This information can be vulnerable to being exposed online, either unintentionally due to a misconfigured database, or maliciously due to hacking.
Much of this classified information is shared in PDF format, such as legal documents, medical history, customer information, intellectual property, NDAs etc. Keeping that data secure is not only a best practice, in fact it is actually required in many places by data privacy laws. So, what should you do to make sure you are keeping your information secure?
The top three ways to improve your PDF document security are: Encryption, Redaction and Digital Signatures. All three offer different solutions for securing your data; and can be used alone or in combination to meet your security needs. Let’s take a look at these three options and when they are best used.
Encryption is a simple way to restrict access to unauthorized users by making the document inaccessible (encrypted) unless the intended recipients have the key/password to unlock the data. You can do this a number of ways using a password or a certificate. Encryption can easily be added to any PDF and is most useful when you are sharing with a small group of people, and you want to allow different levels of access to the PDF. The downsides are that you need to give the password, and you cannot control who the password is shared with outside your desired circle. Let’s take a look at both password and certificate encryption options:
Password encryption is a simple way to protect information from those without the password. The latest ISO 32000 default for this is 256-bit AES encryption. With password protection, you can easily create an owner password, and set controls on what information others can alter (or not alter) in the document and then create user passwords that will allow anyone with those passwords to open the document and any other controls that you have allowed.
- Here is an example of using permissions to allow printing, modifying contents, copying and modifying annotations.
- Instead of using a password, you can also use a public-private key pair to encrypt your documents. This is a pair of keys where the keys are linked together by mathemagical algorithms. The public key is, as it says on the tin, public and the other is private. You can use somebody’s public key to encrypt a message (or document) that only the corresponding private key can decrypt. Meaning that the holder of the private key can open the document and nobody else, since the private key is meant to be kept—well—private. This is illustrated in the following image.
Encryption is well suited for documents that will be emailed or shared with a manageable number of people that you communicate with, and trust not to share the password further. However, when you want to distribute a document widely or archive it, you may want to consider redaction instead. Read on for how redaction works.
Redaction is also helpful when you want to share the majority of a document’s content but keep personal or classified information from being published publicly. When you are archiving information, you want to ensure that users in the future will be able to access the necessary data. This security feature removes information from a document entirely, similar to the analog “black bar” method that was used in the days of the photocopy machine. With PDF, simply adding a black bar over the text works for the image of the document, but leaves the metadata intact, making it easy for someone to access your sensitive data. There have been a number of embarrassing redaction failures, you can read about some of them in this American Bar Association article. To prevent issues like this iText came up with pdfSweep, an iText 7 add-on that securely removes content you define as sensitive from the document, including the metadata – making the redaction process similar (but better!) to the analog version.
How does pdfSweep work?
- It intervenes as you edit a PDF document with iText 7's document stamping and watermarking tools. After adding a digital "blackout bar" over the sensitive text, image or part of an image, pdfSweep changes the document's rendering instructions causing the hidden content of your digital document to become impossible to extract. This works for both text and images, affording you full information security.
- Here is an example showing how pdfSweep can be used.
Redaction is helpful to protect confidential information in broadly-disseminated documents. If you are looking for something that keeps all information in the document, you can use encryption as we talked about before, or digital signatures, which also allow you to confirm if a document has been tampered with or changed.
Digital signatures are the solution to replace wet ink signatures when using digital documents. This concept has been widely adopted and is well integrated into the PDF specification. It is similar to having a public notary stamp in a document that ensures the signatures are legitimate, and the document has not been modified. The digital signature essentially captures the intention of the individual to enter into the contract, and the digital signature is used to encrypt the information and confirm the validity of the signed document. The main benefits of using digital signatures include automating and securing your digital document workflow, saving you time, money, and headaches. Usually, digital signatures are used by individuals and organizations in PDF documents to show who checked the document on a specific date/time and that the document has not been updated since it was signed.
There may be one or more signatures in a single PDF document. Digital signatures are actually unseen, hashed & encrypted metadata embedded with a certificate in the file. You can also include an optional visible representation of the signature. A signature photo and/or a signing certificate summary to allow all readers to clearly see the document has been signed.
- The three main goals of digital signatures are:
- Assurance that the document hasn’t been changed somewhere in the workflow.
- Assurance that the signer of the document is who we think it is (and not somebody else).
- Assurance that the signer can’t deny his signature
Digital Signatures can be used to identify the latest version of a document to protect against tampering and can act as a digital signature for a document, just like wet ink. They are ideal for proving the validity of a document and ensuring that content is unaltered. These are often used for transactions and are widely accepted as secure.
- For a deeper dive into the subject of Digital Signatures in PDF, watch our recent Digital Signatures webinar.
In conclusion, you have a number of security options based on your needs. You can set a password, or set a key/certificate to encrypt a document. You can remove the sensitive data, and then save or share broadly with redaction, or you can confirm that a document has not been tampered with using digital signatures while proving the signer is who we think they are. If you want to learn more about these options, watch our recorded webinar with the PDF Association “PDF Security: Encryption and Digital Signatures” for a deeper dive into these options.
Happy data securing!