For thousands of businesses and governments, exchanging financial documents, reports and sometimes spreadsheets with customers and partners is crucial to their success. Because these organizations rely on rapid, easy information sharing, they are increasing their online document-based business processes to improve the quality, efficiency, and cost-effectiveness of their operations. But the use of electronic documents must not compromise the privacy of information. Organizations must protect document confidentiality at all times to comply with tough government regulations and meet customer expectations of privacy. As organizations move more business processes online, protecting the confidentiality and privacy of information used during these processes, as well as providing authenticity and integrity, are essential. Whether it’s a financial statement, medical record, or license approval — access and use must be precisely controlled and monitored.

Many information security solutions attempt to protect electronic documents only at their storage location or during transmission. However, these solutions do not provide protection for the entire process of an electronic financial document. When the document reaches the recipient, the protection is lost, and the document can be intentionally or unintentionally forwarded to and viewed by unauthorized recipients.

There are three main reasons that organizations need to address the security of electronically shared documents:

1. Regulatory requirements — Many companies are directly or indirectly affected by government mandates and regulations for providing consumer privacy. These include:
   
   • Health Insurance Portability and Accountability Act (HIPAA) — Protection for health-related data
   • Gramm-Leach-Bliley Act — Financial privacy
   • California 5B 1368 — Privacy notification
   • California AB 1950 — Protection of customer data

2. Return on investment (ROI) — Organizations can achieve significant ROI by migrating to electronic business processes. Automated workflows allow prospects, customers, partners and suppliers to participate, enabling organizations to reap significant cost savings. However, many workflows cannot be automated until adequate protections are put in place on the electronically shared information. For instance, how can you be sure that the financial report that you send only goes to those you intend to view it (authenticity), that it has not been altered in transit (integrity) and that it has not been viewed by someone other than the intended recipient (confidentiality)?

3. Information security — Thefts of proprietary information are increasing, which can jeopardize revenue, competitive advantage, and customer relationships; generate negative publicity; and result in significant penalties and fines for failure to comply with privacy laws.

How to Provide Persistent Document Security

A significantly more effective solution for protecting an electronic document is to assign security parameters that are an integral part of the document itself. The following criteria define persistent document security:

1. Confidentiality — Who should have access to the document?
   

2. Authorization — What permissions does the user have for working with the document?
   

3. Accountability — What has the recipient done with the document? DOCUMENT CONTROL PLUS DIGITAL SIGNATURES MEANS PERSISTENT DOCUMENT SECURITY
   

4. Integrity — How do you know if the document has been altered?
   

5. Authenticity — How do you know where the document came from?
   

6. Non-repudiation — Can the signatory deny signing the document?

Reasons to Implement Document Control to Enhance Electronic Document Security and Privacy

• More effectively control access with industry-standard encryption and fine-grained usage permissions
  

• Manage document security online, offline, inside, and outside the firewall
  

• Apply expiration dates and revoke access to previously distributed documents
  

• Leverage current authentication systems to check user credentials
  

• Implement customized document control needs with an open API

Adobe Security Solutions for End-to-End Document Protection

A significantly more effective solution for protecting an electronic document is to assign security parameters that are an integral part of the document itself. This approach differentiates the Adobe document security solutions, which enable organizations to more effectively manage the use of electronic documents with persistent protection. By applying security parameters to the individual document, organizations gain greater assurance in the confidentiality, authenticity, and integrity of electronically shared documents in addition to securing the communication line or storage location.

Adobe Acrobat and Adobe Reader

Document authors can use Adobe Acrobat software and the Adobe Document Center to create Adobe PDF documents, and apply encryption, permissions and digital signatures to Adobe PDF files quickly and easily.

These protected Adobe PDF documents can then be viewed using the free Adobe Reader. Adobe Reader provides multi-platform access to Adobe PDF files, enabling organizations to share secured documents with users outside the firewall and on a wide variety of client computers. Adobe Reader users can view protected documents, validate digital signatures and verify document certification.

For more information visit Adobe.