“Classified”, and “Top secret” documents might sound like phrases out of a spy movie, but those who work with them regularly will know it’s rarely that exciting and often headache-inducing. There are various levels of classification, covering anything from general official documents to those that would seriously harm national security. Documents of a different classification level typically have different security and protocol requirements and must only be accessible to those with a matching clearance level.
To complicate things further, having a particular clearance level doesn’t automatically grant an individual access to all documents of that classification. They must also demonstrate a legitimate “need to know” the information contained in a specific document. Classifications aren’t always stationary, though – some documents are only classified for a certain period of time, or classifications may change with new information or developments.
All of this must not only be clearly communicated, but also be implemented in a way that doesn’t become a logistical, bureaucratic nightmare. After all, much of this information needs to be shared in a timely manner.
DRM grants flexibility
As a result of these factors, governments need a system that offers modularity as well as security. They need to be able to quickly adjust the restrictions of a document depending on its classification while dynamically changing who can access it and on what devices. At the same time, they must be able to clearly mark the classification level of documents with watermarks so that the reader never forgets the document’s sensitivity.
DRM solutions are uniquely positioned to meet this need. They can effectively stop unauthorized viewing, sharing, printing, and editing while allowing a high degree of modularity in security controls and access.
To achieve this, DRM solutions use a combination of strong encryption, transparent key management, a secure viewer application, and a licensing server. After a sensitive document is created, a user encrypts it with the DRM tool and chooses from a range of restrictions, including:
- Automatic anti-copying protection (including printing to a PDF, copy/paste, and editing)
- Screenshot protection
- Document expiry based on date, number of days since issue, number of opens, and number of prints
- Remote document revocation at any time
- Locking of document use to certain locations or devices
- Logging of document opens and prints for auditing and leak identification
- Dynamic watermarks that can include identifying information
Once encrypted, users can only open the document using the bespoke secure viewer application and a valid certificate with which to decrypt and open the document. Users’ licences are issued in advance, can only be installed on a single PC, and are unable to be extracted from that device. This ensures that only a person with access to said device will be able to access the document.
Importantly, an organization can determine who has access to a document on a per-user or group basis, yet retain the ability to unpublish, re-issue a document, or remove access from a specific user at any point. This means they retain flexibility and control throughout the document’s entire lifecycle.
Limitations
Like any solution, DRM is not without drawbacks. Firstly, it cannot protect against everything. While controls to stop screenshotting are good, the solutions can’t stop somebody from simply taking a picture of their screen with their phone or manually copying the information.
This is where a combination of deterrents and good security practices needs to come in. Dynamic watermarks help significantly with the former, but the latter is down to the organization. It’s still necessary to control phone use when working with highly classified material and ensure that employees or contractors aren’t exiting the building with information they shouldn’t have.
Depending on the DRM solution, functionality may also be limited when a connection is not available. While some DRMs only require a document to be checked against a self-hosted server once on activation or can be utilized fully offline via encrypted USB sticks, this makes some features impossible. The ability to remote revocation cannot happen if the document never checks its validity status with the server, for example.
Closing words
Ultimately, DRM solutions aren’t a golden bullet for the protection of classified information. They are, however, a very useful tool to have in the arsenal. Through the combination of DRM and other measures, government organizations can greatly reduce unauthorized sharing while benefitting from more visibility, flexibility, and control over their documents. The real selling point, though, is DRM’s ability to do all of this while making the work of document administrators far easier and less error-prone.
