Why Offline DRM Protection is Very Important
Everything with document DRM protection becomes easier once an online connection is available to you. All of a sudden, you don’t have to rely solely on the user’s PC, which can be modified in ways you don’t expect.
You have the freedom instead to push updates to the document from a server to revoke access, log every time the document is printed or opened, or phone home regularly to make sure there’s been no tampering. All of this makes enforcing DRM that has an online requirement seem much easier.
However, in reality, there’s a trade-off — it’s easier for the DRM protection provider and publisher, but much harder on the end-consumer. From the consumer’s perspective, buying a digital product (such as an ebook) should allow them access to it whenever they feel like it — regardless of whether they’re online or not.
Roadblocks they run into during that usage will inevitably be blamed on the publisher or DRM protection provider, with a knock-on effect on how they view your organization.
And can you really blame them?
When you think about it, always-online DRM punishes a whole lot of people to prevent the few that misuse their documents. In addition, being able to access a document offline can be essential when travelling or during network downtime.
Offline DRM methods
- So, what’s the alternative?
- Is secure offline DRM protection even possible?
The answer is yes, but depending on the implementation, your controls may be limited. Generally, there are three ways to implement offline DRM protection: fully offline, one-time activation, and hybrid offline. A fully offline document DRM solution will typically use something like a USB stick.
Documents are encrypted and DRM protection controls are applied, then they’re securely locked to a USB stick, alongside a secure viewer application. Once a USB stick is distributed to customers, they open the file on the drive using the secure viewer.
The USB stick can be password protected to avoid theft during transit, yet the customer never needs to provide personally identifying information or connect to the internet. Optionally, they can download more documents to their USB stick in the future that they have been authorized to use.
One-time activation DRM protection works a little differently
Instead of USB distribution, the customer will receive the file, license file, and secure viewer application links via email. They’ll then register their license file to their secure viewer application via the internet, and will not require a connection after that point.
The drawback of the above methods is that with no internet connection through the entire process, enforcing all of the features a DRM provides becomes difficult. For example, you can’t track how and when a user interacts with a document because there’s no way to send that information back to you.
Likewise, you can’t manually revoke a document because there’s no way for you to communicate with the software to do so. And if you want to grant additional access once a document has expired the user will have to connect to the Internet to receive this.
As a result, a hybrid approach is typically the best balance between security and inconvenience. The user only has to register their license file once, but the publisher can choose to enforce additional online checks. This could be having the user connect to the internet every x days, or performing a check with the license server before they’re allowed to print.
Choosing the right DRM solution for document protection
- Offline DRM protection
- One-time activation
- Hybrid DRM
- Always-online DRM protection
Which is right for your organization? The answer of course is that it depends. In most cases, an always-online DRM is not necessary, but it really hinges on what the requirements are for your documents.
For most organizations, a hybrid model will strike the best balance between usability and security. The ability to apply optional controls or mandatory connection after a number of days gives a great degree of flexibility without compromising too much on usability.
Businesses who are selling documents as a product, however, will likely want to give their customers more freedom yet. One-time activation can be perfect for this scenario. There are some departments, however, that require fully offline use for security or travel.
Then, of course, there’s little choice than to go for a DRM protection that never requires an internet connection. The reality, though, is that with the range of documents most organizations send, they won’t fit neatly into just one of these categories.
You might share confidential meeting minutes with an outside party while simultaneously providing academic journals to customers. The correct answer, then, is that the right DRM solution for you is the one that provides a free choice between these enforcement types depending on the situation.
34 total views, 4 views today
- Testicular Cancer: Malignant Neoplasm of Testis Causes - 04/12/2021
- 5 Tips for Professional Engineers to Be Successful - 03/12/2021
- Prostate Cancer: 5 Factors Every Man Should Know - 03/12/2021