Evaluation of Document Rights Management - DRM Systems - CubeIQ Blog - CubeIQ Limited

Go to content

Main menu:

Evaluation of Document Rights Management - DRM Systems

Published by in Data Security, DRM ·
Tags: DRMSecurityEncryptionRightsManagement


Every document security and DRM vendor claims their solution is bigger, better and faster than the others.  It is vital to evaluate these claims and potential issues before a solution is purchased. A method of evaluating is to create a checklist encompassing their core requirements and desired results.   


A checklist may start small and grow as you assess each solution. To assist in this process we have put together a number of questions based on what our customers have consistently identified as important differentiators, such as:


  • Security and encryption

  • Recipient ease-of-use

  • Day-to-day administration and permissioning

  • Flexibility and extensibility (integrations)


Security and encryption
This section covers issues pertaining to file-level security and encryption. This encryption makes the contents of your files indecipherable to unauthorized individuals. Document encryption uses complex mathematical algorithms to convert documents into an information package that cannot be read until there is a positive client server interaction verifying user identity and permissions. So, if an unauthorized individual intercepts an encrypted document they will not be able to access and read it.
FileOpen DRM gives you a choice of encrypting on premise or in the cloud, so you never have to upload an unprotected file. Once the document is protected, it can be distributed safely through whatever mechanism or protocol is most appropriate. Documents are secured at all times and can only be accessed after a positive client server interaction verifying user identity and permissions.

  • Does the solution offer local encryption so source files are never transmitted over the internet? FileOpen: Yes

  • Are decryption keys stored within the document? FileOpen: Yes

  • Can the permission data be stored separately from the document? FileOpen: Yes

  • Can permission requests and data be encrypted as well as the document? FileOpen: Yes

  • Can document controls be enforced even after being downloaded to the recipient’s device? Offline? FileOpen: Yes


Recipient ease-of-use
One of the biggest challenges of document DRM is making it easy for your users to share, access and work with protected files.  No organization wants to lose control of protected documents, or to place unnecessary barriers between authorized users and the information they need to do their jobs.  With FileOpen’s versatile client set you can define when, where and how users can interact with documents while still allowing users to use the productivity tools of their choice.

  • Does the solution provide protected files in standard file formats like Adobe® PDF, Microsoft® Word®, Excel® or PowerPoint®? FileOpen: Yes

  • Does the solution provide a preview of protected document to authorized users without any software installation (plugins/clients)? FileOpen: Yes*

  • Can protected files be accessed from mobile devices? FileOpen: Yes

  • Are native applications required for mobile viewing? FileOpen: No**

* The FileOpen Plugin/Client is required to securely collaborate within native publishing tools like Adobe® Acrobat®, Microsoft® Word® and Excel®
** While not required to preview a FileOpen-protected document in a browser, native iOS and Android Apps are freely available and provide a larger feature set.


Day-to-day administration and permissioning
This section covers issues pertaining to administering document access and usage controls.  These features allow you to securely share your files with others, while maintaining full control over who accesses them and how they can work with them. With FileOpen software, you control who can access your files by defining groups and including the users in these groups. For each group, you set specific usage policies, such as print restrictions, watermarks and offline capabilities. You then protect documents by assigning them to their respective groups, according to the permissions you want to grant. You can change a user’s or documents group membership at any time, with immediate effect.

  • Can the solution control printing, copying and saving of the file? FileOpen: Yes

  • Does the solution provide user-identifying watermarks on document view and print? FileOpen: Yes

  • Does the solution provide the ability to grant offline access? Configure how long offline access is permitted? FileOpen: Yes

  • Does the solution provide an out of the box, easy-to-use authentication scheme? FileOpen: Yes

  • Can the administrator of the solution remove access to specific documents, users or user’s device? FileOpen: Yes

  • Does the solution provide access to activity reports by user, document and failed access attempts? FileOpen: Yes

  • Can the solution be configured to automatically apply permissions to documents?  Provision users? FileOpen: Yes*

* FileOpen offers extensive APIs to connect document and user permissioning to almost any third party system.


Extensibility & flexibility
This section is designed to help you find an integration-friendly solution; one that enhances and extends current investments.  At FileOpen, we work with customers evolving standalone solutions into infrastructure that protects and controls documents as they are created or on-demand. Our extensive list of services and APIs allow any person or system within an organization to protect documents and permission authorized users.

  • Can the solution be implemented on-premise? Or as a Software-as-a-service (SaaS) solution? FileOpen: Yes

  • Can the solution be configured to protect files as they are created? In batches? On-demand?FileOpen: Yes

  • Are there specialized services for eCommerce? FileOpen: Yes

  • Does the solution integrate into cloud-based sync-and-share systems like Dropbox? FileOpen: Yes

  • Does the solution extend current directory services?  Does it support mixed-mode authentication? FileOpen: Yes

  • Can the solution connect to existing NAS? FileOpen: Yes


Creating a vendor checklist can be a difficult task but after reviewing your company’s polices you should be able to extend the above proposition and create a list that will help you decide which solution will conform to your company’s DRM and security requirements.  



Contact us at info[at]cubeiq[dot]gr for more information on how FileOpen solutions can enrypt, secure and manage the rights on your documents.



####






Copyright 2017. All rights reserved.
Back to content | Back to main menu