Solved

Protect Email Attachments

Posted on 2015-01-08
5
44 Views
Last Modified: 2015-08-11
I'm looking to distribute via exchange email a file companywide, but want to protect that attached file from being downloaded, renamed, printed, etc.

Anyone have any thoughts on this?
0
Comment
Question by:supportservices
5 Comments
 
LVL 90

Accepted Solution

by:
John Hurst earned 500 total points
ID: 40538307
If you look at Word, there is no foolproof way to prevent a document from being printed once it is distributed and out of your hands.

http://word.tips.net/T001583_Preventing_Printing.html

What you might be able to do is implement Document Rights Management (which is an undertaking)

https://support.office.com/en-us/article/Information-Rights-Management-in-Office-2010-c7a70797-6b1e-493f-acf7-92a39b85e30c?ui=en-US&rs=en-US&ad=US

This might assist you. The results should cover Excel as well.

For Adobe, you can protect a file against being changed or even combined with another file. But preventing from printing is also difficult.
0
 

Author Comment

by:supportservices
ID: 40538493
We are trying to protect a scanned image in pdf format. Although we can protect the document, we haven't figured out a way to prevent anyone from downloading, renaming and forwarding the document.
0
 
LVL 90

Expert Comment

by:John Hurst
ID: 40538749
Go into Adobe, open the file, Edit Preferences, Security, Adobe Live Cycle Rights Management Servers.

I think you can do what you want there.
0
 
LVL 8

Expert Comment

by:Jessie Gill, CISSP
ID: 40538996
What are you trying to achieve?  It looks like to me, that you want users to see the file but have no rights to do anything else.  There are 2 issues, one is first with delivery and the second is once the user has the file.  The delivery can be handled by certificates and encryption.   The second problem is once a user can see the file/information they can use other tools to capture the information like screen shots etc.  

For delivery
If you want confidentiality, so only intended recipients can open the file – then encrypt the file.  You will need to have user certificates enabled, PGP or s/mime.  You would encrypt the file using the recipient’s public key.  The recipient would then use their private key to un-encrypt it.
If you want to ensure the file is not tampered when its gets to the recipient then HASH the file also.
If you want non-repudiation then encrypt the file with the sender’s private key.

Once on the machine
Now that the user has the file what can you do to protect it.  Like John said there are some settings you can use within Adobe.  If you want to stop the file from leaving the organization you could setup an exchange transport rule, but that is not fool proof.  But once the file is on the user’s machine they usually have some way of getting the information like a screen shot or something.  
There is no 100 percent way to stop the information that you will be sending out not to be resent again in one form or another.  The only real protection is End user security awareness, users understanding your security policies, and only sending information to people that need to know.  But ultimately it will be the end user responsibility, to not do inappropriate actions with the file once they have it.
0
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 40540432
Computers are copying machines, if you give me an image, I  can print it, if I can view it I've already copied it, technically. They can take a screen-shot, then can use save-as etc... If you want to distribute something that you need physical control over, then make it physical, print it out yourself, keep a count of the copies, expect them all to be returned.
PrintScreen is the easiest bypass, and most of my user's are aware of it. I've used FileOpen, Microsofts DRM, IronPort and tried everything you can think of. You can make it hard, but it's not impossible. FileOpen has the best DRM I've used, and makes it the most difficult to bypass, but it's no 100%. It can't prevent the ability to display on other machines, but if they read their email from more than one machine, you cannot stop that from being viewed. They might not be able to fwd it where it's readable, but they can view it elsewhere. It's an impossible problem to solve, but it can be made more difficult.
-rich
0

Featured Post

Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

Join & Write a Comment

As a financial services provider, your business is impacted by two of the strictest federal regulations on record: the Sarbanes-Oxley Act and the Gramm-Leach-Bliley Act. Correctly implementing faxing into your organization to provide secure, real-ti…
Envision that you are chipping away at another e-business site with a team of pundit developers and designers. Everything seems, by all accounts, to be going easily.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now