Document Retention

Document DRM: Enforcing Electronic Document Retention Policies

Using Document DRM to enforce electronic document retention

Document DRM can enforce document retention policies by making documents automatically expire so they are no longer accessible.

Locklizard enforces electronic document retention and destruction policies inside and outside the enterprise. Automatically expire documents on a fixed date, after a number of days, views or prints. Change expiry after distribution on a document and user basis and instantly revoke access.

Free 15 Day Trial

Protect documents from misuse

Stop unauthorized access and sharing
Control use – stop printing, copying, editing, etc.
Lock use to devices, countries, locations
Expire and revoke files & users at any time

Electronic document retention and document destruction

Electronic document retention

In the digitized age document management becomes an increasingly complex issue to grapple with. As the ability to create documents faster and with more automation has increased, so the technical amount of information that is processed and can be stored, maintained and administered increases. And although much information is created internally (database transaction records, emails and so on) a large amount of information is created and used externally (product specifications, test results, policy and procedure manuals and so on).

The two big problems with document retention are setting a retention period and ensuring effective deletion.

Document retention periods can vary from country to country, and by subject matter. So, for instance, income tax and corporation tax records are commonly held for 6 years, insurance (particularly life assurance) may have to be kept for 40 years, and some personnel records up to the age of 75 for the person referenced. This article is not intended to be advice or recommendations on specific periods, and you should seek guidance from national advisers.

And scattered across every corporate network are copies of documents that have been completely forgotten because there is no completely foolproof auditing mechanism. A quick check on three of our admin machines revealed files dating back to 2002 which perhaps should not really have been there. It turned out they were copies of some old ISO standards so no harm done – but it could have been different.

And that is the problem. When you have so many machines around, some, like the Bring Your Own Devices (BYOD) which are completely outside of corporate control anyway.

Electronic document retention and document DRM systems

It is a little known fact that Digital Rights Management (DRM) systems have a really valuable role to play in electronic document lifecycle management because they can enforce document retention periods and document destruction.

Electronic document lifecycle is all about ensuring that enterprise documents are created correctly, only issued when approved, are retained and are available only for the time period required by regulation. After that point documents must cease to be available. This also has to apply to documents that did not originate from inside the enterprise, but came from outside sources (typical examples of documents from outside include purchase orders consultant’s reports business correspondence reports on product tests).

The really difficult problem for the Information Manager (and their DMS) is to solve how to control the life of electronic documents that go outside of the enterprise, and therefore outside the control of a Document Management System (DMS). DMS systems only ever control documents inside their own databases – they don’t control documents as part of email, or in long term storage and backup. But, most importantly, they don’ t ensure that all instances of the document are removed from wherever they have gone to.

Why should this matter?

Well, in most industries there are two critical things – to be absolutely certain that you have all the information that regulators require, and that you have no information whatsoever that is not required.

This is not to suggest that enterprises are doing anything wrong in only keeping information as long as is necessary. Far from it. Corporate bodies (and governments) are obliged to take all reasonable steps to protect the interests of their shareholders, and that means removing theoretical liability by never having any documentation that is not actually necessary.

The major problem is that if information is also in the hands of people outside the direct control of the enterprise, then the enterprise cannot guarantee that the information will not be revealed. But help is at hand!

Document DRM – enforcing document control outside the enterprise

Document DRM systems are the only ones capable of providing the extended use controls over electronic documents that have gone outside of a DMS. But even then, not all Document DRM systems are equal.

At one level, a Document DRM system must be able to enforce that an electronic document cannot be used once its time is up.

At another level, a Document DRM enforcement system must be proactive in ensuring that access is prevented, by deleting it from the computer system on which it is held. Of course, with modern backup systems, you can likely always recover the original protected file, but the important point is that if the Document DRM enforcement system is actively preventing any access to the information, then it can be argued that it is not, and never can be accessible, and therefore does not exist.

At the same time, if, as a result of litigation, the process of discovery is taking place, then as soon as information is found under discovery then it must continue to be available regardless of any enterprise policies that may be relevant.

So this means that any Document DRM system must be capable of supporting several administrative functions. It must be possible to extend access to electronic documents beyond the date at which they should have been deleted. It must also be possible to delete all permissions for controlled documents so that they can never be recovered and accessed even if the controlled versions can be found.

And, the Document DRM system must actively prevent continued attempts to access documents once they have passed their ‘use by’ date.

Ordinary encryption systems simply do not ‘cut the mustard’ in this environment, because once the recipient has decrypted the information there are no abiding controls being applied to the documents. That is the power of DRM – to continue to apply the controls that the original information owner required, regardless of the desires of the recipient of the information.

Ensuring document retention & destruction requirements are met

When looking at a Document DRM system to achieve these results, make sure that it will impose an end date of use, so that you can be sure it will not be available past that date. But also make sure that you can change the end date! This is important because if the information has to be disclosed during litigation or the inquiries of a regulator, then you need the ability to make sure the information stays available until that process has ended, and once it has that access is ceased.

Make sure that you can remove the rights to use from recipients once their need to use the information has ended, and that you can delete any references to the protected documents so that once electronic document destruction has taken place the document contents cannot be recovered even if the protected document is available.

DRM controls provide you with a very effective means of enforcing electronic document retention and destruction without the need to reprocess backup tapes or try to recover information from email systems or other organizations.

Enforcing document retention policies with Document DRM

Locklizard Document DRM products enable you to enforce electronic document retention and destruction policies for your PDF documents. Information can be set to expire on a given date and once that date is reached, content is no longer viewable.

Locklizard has two different solutions available depending on which is more operationally convenient to you. Both of them allow you to distribute controlled documents which have fixed end of use dates (equivalent to date for deletion).

The first uses the installed Viewers approach. When an installed viewer is loaded to open a secure document it checks the date which is the end of life of the document with the current date. If the date is exceeded it will not open the document, so effectively it has been destroyed. This happens even where there is no check with the server (authorised offline documents). Where there is a server check, checks are also made to see that the document record has not been deleted from the Server, the document has not been revoked, and also that the user is still authorized. If any of these is true access to the document ceases at that time.

The second uses the browser based Web Viewer system. This works slightly differently because controlled documents are always downloaded new from the server each time they are used. So the end by date in the document is checked with server time and if it is exceeded the document will not open. Obviously, if the document has already been deleted or revoked for that user then the document will not be served.

Locklizard Document DRM enforces electronic document retention and destruction policies inside and OUTSIDE the enterprise ensuring document retention periods are kept, and your digital document retention and destruction requirements are met.

Why Locklizard for Electronic Document Retention & Security?

Enforcing digital document retention with DRM Security

Locklizard provide total document protection with US Gov strength AES encryption, public key technology, DRM and licensing controls, to ensure your PDF files remain protected no matter where they reside.

Our document DRM products enable you to protect documents without using insecure passwords or plug-ins, and enforce access, location, expiry, and usage controls.
Automatically expire documents on a fixed date, after a number of days, views or prints. Change expiry even after distribution on a document and user basis.
Unlike Adobe Permissions which can be easily removed, our DRM controls persistently protect your PDF files and enable you to revoke PDFs at any time regardless of where they are.
Our easy to use adminsitration system provides simple user and document management and unlike passwords, keys are transparently and securely managed for you.

See our customer testimonials or read our case studies to see why thousands of organizations use Locklizard PDF security to protect their documents and automatically enforce document retention.

DOCUMENT SECURITY

	Regulatory Compliance
	Compliance Requirements
	Secure Document Sharing
	Document Leakage
	Internal Document Control
	Our DRM Technology
	DRM Business Benefits

Customer Testimonials

We needed to deliver e-book versions of our handbooks while not compromising on security and digital rights. Safeguard PDF security is easy to use and intuitive.

The implementation was painless and we now have a greener, more secure way of distributing training manuals.
Locklizard’s PDF protection is exactly as described – the features are highly effective and I would give it 5 stars.

I would recommend Locklizard to others - their security is simple to use and fit for purpose. It meets common needs of businesses who have information they want to protect.
We would be happy to recommend Locklizard to any company needing a flexible way to secure PDF files.

Safeguard PDF Security has provided us with a very workable solution for sharing of information in a secure fashion. The support has been excellent and very accommodating.
We can cut accounts for a user five minutes before his class starts and he is ready to go. Happy smiling customer, while we still have security and personalized watermarking.

I have immense respect for the product and Locklizard provide great customer satisfaction and service.
We would recommend Safeguard to other companies for its security, cost and ease of use. It does what we expected it to do and more.

Ease of use is a bonus and the implementation was very easy. The product manual is excellent and Locklizard staff are very accommodating.
We sell a highly valued educational product in an open and competitive market so it was important to ensure we had effective security to protect our digital rights.

We highly recommend Locklizard - a professional company with a competitive and professional PDF Security product.
We would absolutely recommend both Locklizard as a company, and Safeguard PDF Security. It has transformed our study materials to the next level.

Not only did this increase sales, but we also believe that it has increased our customers’ ability to learn, which is even more important!
We would recommend Locklizard Safeguard to other companies that need to protect PDF reports. Customers have found the process of accessing the protected documents to be seamless.

Implementation was easy and technical support has been very responsive to requests for help.
Our company would without reservation recommend Locklizard. Their document DRM software opens up delivery of our new products in a timely fashion while knowing that the content will remain secure.

The return on investment to our company has been immediately evident.
We use Safeguard to make sure that documents cannot be opened outside our local network or from a unauthorized computer in order to copy or print the documents.

It is the most feature rich, affordable, & simple to use PDF security product on the market.
Safeguard PDF Security is simple to administer and meets our needs, consistently delivering secured manuals to our customers with ease.

Return on investment has been elimination of many man hours, printing resources and postage – it is estimated that costs decreased by 50% or more.
We would really recommend Safeguard PDF Security to every publishing company for managing ePubs or e-books securely. It is easy to secure PDF files and simple to distribute them to our authorized customers only.

Locklizard also provides a good customer support experience.
The ROI for us is incalculable. We have the security of knowing that our proprietary documents are secure. This is the entire value of our company.

I would most certainly recommend your PDF security product and already have. The ease of implementation was surprising.
We can now sell our manuals without the need to print them first, saving time, money and helping safeguard the environment.

We would recommend Safeguard PDF DRM – it is the perfect solution to sell and send e-documents securely whilst making sure someone cannot copy them.
We would recommend Locklizard to other companies without hesitation.

Their PDF DRM products provide a manageable, cost effective way to protect intellectual investment and they are always looking for ways to improve them. Moreover, their staff provide an excellent level of support.