With cybercrime steadily on the rise it is becoming increasingly difficult for companies to guarantee the security and integrity of their documents.
Securing documents is now a real challenge for many firms due to the increasing mobility of staff, acceptance of the “Bring your own Device” trend and greater use of Cloud services to store and exchange data,
Further, data is now more mobile, distributed far quicker and created in larger volumes than ever before. This makes the task of protecting information against loss and unauthorised access increasingly challenging but very real.
Companies are well aware of the risk of data theft or loss.
A recent KPMG Financial Advisory Services study, White-collar Crime in Germany, revealed that 87 percent of German companies participating in the study consider the risk of data theft or breach to be “high” or “very high.”
Moreover, according to the Ponemon Institute, a US based research centre that is dedicated to privacy, data protection and information security policy, the loss of sensitive data for companies can be costly. In its 2016 Cost of Data Breach Study: Global Analysis, the Institute found that lost data costs are on the rise.
High probability of data breaches
A total of 383 companies located in 12 countries, including Australia, participated in the study. It found that the average total cost of the loss of sensitive data for the 383 participating companies was US$4 million. Since 2013, there has been a 29 percent increase in the total cost of data breached.
The study also looked at the likelihood of a company having data breaches over the next two years, and estimates a 26 percent probability that it will occur and involve 10,000 lost or stolen records.
Apart from a financial cost, lost or stolen data can also lead to the loss of a competitive edge, customer loyalty and a denting of the company’s reputation.
According to Ponemon, in Germany, around three percent of customers turn their backs on companies that endure a security incident involving data loss.
The loss of customer loyalty is particularly high in industries such as pharmaceuticals, financial services and healthcare, following a data breach. If legal requirements are violated, the consequences for the company can be far more serious.
Of course, safeguarding and tracking the many documents a company creates, distributes, edits and stores is extremely difficult. Once in circulation,
keeping tabs on paper documents is virtually impossible.
Digital documents also present a potential security risk for companies. Just like their paper counterpart, digital formats can be lost or stolen as well as corrupted. Therefore, companies should consider making document security a central component of company security.
How to secure documents
According to IT experts, document security can contribute to maintaining data confidentiality, integrity, authenticity, accessibility, availability and usability.
One effective method of strengthening document security is by having staff assign security settings to the digital documents they produce. PDFs are the most popular format for exchanging and archiving documents. They also provide a secure framework for the reliable management of document workflows, from creation and editing through to archiving or deletion.
By using technical protection options found within the software, staff can protect their PDF documents at creation and throughout their lifecycle.
Moreover, this can be done quickly, inexpensively and efficiently with professional PDF software.
According to Nuance’s Sales Director, Craig Jennings, the PDF solution used by companies should offer flexibility so that PDF documents can be protected at different levels during their lifecycle.
Different security settings
For instance, at the point of creation of a document, editing input from stakeholders may be required. However, once finalised, the author may only need a signature from a third party. By having the ability to apply different security settings to the document, the author can control who edits, signs, prints or simply
reads the document through the course of its life.
“An effective PDF solution should also allow the author to set security functions at both an individual level and for each separate document,” explains Craig. “This can be achieved by entering passwords via standard security profiles, or by assigning roles in global settings via systems such as Microsoft Active Directory Rights Management.”
To protect against a PDF document being opened and read by unauthorised persons, staff can use a password which is combined with encryption. An encrypted password will help to ensure that a confidential PDF document remains accessible only by the intended recipient/s.
Removing personal information
A PDF solution should also be capable of removing personal information – social security numbers, credit card details and so forth – in a traceable way. This is a particularly valuable for companies and authorities that are required by law not to pass on private information to third parties. Such details can be obliterated or redacted before a PDF file can be circulated.
Professional PDF solutions such as Nuance Power PDF2 also allow companies to protect against the unauthorised editing of a document. Through the use of a separate permission password the author can determine:
- Whether or not their document may be printed, and which print resolution to use
- Whether or not pages may be removed, rotated, created or added
- Whether or not the recipient can sign signature fields, and
- Whether or not the recipient can add comments to the document
This level of document security is particularly useful when collaboration with internal or external co-workers is required, and also when communicating with customers.
A sales leader may want team members to read, print and add comments to a sales plan but not remove or add any pages to it; while an export clerk may require an overseas customer’s signature to process an order but needs to ensure that no text is altered on the form.
Permission passwords that control the editing of PDF documents help prevent the likelihood of a breach occurring.
Therefore, while the amount of data produced by business is growing and data breach is on the rise, making document security a central component of company security need not be time consuming nor expensive.
“It can be done quickly and cost-effectively by implementing a professional PDF solution that delivers the flexibility and security options you need for your document and workflow security,” said Craig