We’ve dealt with thousands of companies and organizations over the years in various industries that create, publish, and distribute a large variety of documents. When addressing the need for document protection and rights management, these companies always start with a thorough assessment of the value of the documents and data contained within them. The next step is to consider some scenarios that can and do, occur that would undermine the value of the content to the organization.
In today’s rapidly changing digital technology, the way we access and distribute documents continues to evolve, moving towards efficiency and convenience. Widespread file-sharing tools like Dropbox, Google Docs, and simply emailing valuable content have become predominant methods of distributing and enabling access to critical business information, but also exposes organizations to risks, such as:
Poor security or infrastructure on protected networks have left documents and data vulnerable to unauthorized sharing.
Most of us are under the impression that only huge companies are attractive to hackers. However, as documents and data become more ubiquitous and accessible, hackers find small and medium-sized companies (with their relatively few hardened security protocols) attractive targets. As a result, hackers may probe your networks for vulnerabilities, specifically targeting documents without wrap-around security, documents in transit, those synced to devices, in cloud storage, or unsecured emails.
The tools and trade of the hacker have become highly sophisticated, and companies large and small must now take steps to prevent threats, including:
Companies go to a lot of trouble and expense to produce original content, including those patented or copyrighted to protect the original investment or revenue streams attached. If you have copyrighted material, unprotected work can be:
Online pirates aren’t just interested in music, movies and stolen software. Your course material, eBooks, company data, board minutes, research data, maps, specs and all manner of information are valuable resources of information. Unfortunately, content can end up in illegal file sharing sites where over 90%3 of the material is copyrighted and should, by law, be protected.
It’s more important than ever to think about whether your company, firm, or organization could be a gold mine of data and files. When considering a document protection plan, determine whether or not your company has data, information or content that is “worth” protecting. Determine what would be the consequences to your business in terms of:
The table below illustrates what industries need protection based on the type of heavily used documents within these industries.
| Industry | Types of Document |
| Publishing | eBooks, manuscripts, draft works |
| Research, Development, Sciences, Pharmaceuticals | Abstracts, reports, studies, analysis, dissertations |
| Associations | Membership data, confidential & paid reports |
| Education/eLearning | Learning materials, eBooks |
| Corporations & Business | Corporate training materials, financial documents |
| Financial | Investment reports, tax info, statements, personal and/or business data |
| Management Consulting | Confidential market data and analysis |
| Legal | Contracts, wills, agreements, and any sensitive legal documents |
| Healthcare | Confidential patient information, reports |
| Oil & Gas, and Mining | Drilling sites, maps, specs and plans |
| Non-Profit | Member data, confidential and paid reports |
| Manufacturing and Technology | Innovations, patents, design specs or sensitive trade secrets |
| Advertising & Design Agencies, Architecture | Design briefs, compositions, plans, or sensitive trade secrets |
| Any Industry and Company | Confidential material Is to send to the Board |
These days everyone should be thinking about what they are sharing online, how someone could play with your sensitive information, and what end any potential leak could damage you personally, your business, or your reputation.
It’s more important than ever to think about whether your company, firm, or organization could be a goldmine of data and files.
Any documents, files or assets that generate revenues should be considered in your protection plan. For many types of organizations, large portions of their revenues will come from training or educational materials, standards and manuals sales, as well as intelligence and research reports. These assets are labour and expertise intensive and intrinsically carry their value. When they are distributed illegally, creators or distributors of these materials have no recourse to recoup the worth of their efforts. When determining the risk to your business if these files were leaked, hacked, distributed online, social networks, media, or competitors, it’s important to consider all the effort and money that went into creating the content.
There are many examples of revenue-generating content that are sold online. Some examples include; expensive research or market data reports, training materials for online courses, eBooks, and financial reports that one may receive as part of a membership to an investment service.
Intellectual properties are works or inventions created due to creativity, such as a manuscript or design, to which one has rights. These can include works for which a patent, copyright (more on this in the next section), trademark or other types of legal protections may apply.
For companies creating or managing these types of content, the value is contained within the original idea that has been expanded into a creative effort. With these types of work, value comes from releasing the content first and having time to collect revenues before the ideas enter the collective consciousness. Some examples of these documents may include patents, inventions, scripts, stories, books, dissertations, theses, eBooks, white papers, newsletters, or even internal corporate materials that include confidential or highly sensitive information.
The most important information that DRM can protect is copyrighted material, which can only be used or distributed by the company that owns the right. Copyright is at the heart of most intellectual property debates or lawsuits, so such creations should feature passwords and other security tools whenever possible.
Ultimately, even the largest companies couldn’t afford to retain lawyers to litigate every single instance of copyright infringement. This is especially true thanks to the fluid nature of the Internet. As such, document passwords and digital protection are the best ways to lock up content and media to avoid losses from unauthorized distribution. Any documents, files or assets that make you money should be considered in your protection plan. Of these assets, determine the risk to your business if the information in these files was leaked, hacked, distributed online, through social networks, to media, or competitors.
Distributed internally, trade secrets need to be protected whenever possible to avoid falling into the hands of other companies. Information contained in such documents is profitable (though unpatented or trademarked) and should be kept from prying eyes at all costs. Many data breaches are due to insider theft; choose a system that protects at the document level, so access is restricted to the document – not just the location on the network.
The Forrester report, Understand the State of Data Security And Privacy: 2013 to 2014(iv), states that insiders are responsible for 36% of all data breaches occurring in a company.
Authors and painters are not the only people who need to worry if unscrupulous parties or inattentive professionals will take their materials. There are also writers and even video editors who can have their work stolen and used for extralegal purposes. Scientists also need to be aware of the danger that their papers, analyses, reports and dissertations could be at risk.
Presentations can be considered intellectual property, such as lectures, talks, videos, recordings, and other instructional videos. This is also true for transcripts of such media, so take that into account when deciding what files should have document protection attached to them.
Companies that work closely with clients to design machines, processes, buildings or branded collateral didn’t have to worry in the past about their ideas being taken and corrupted until they’d already put them into action. Today, all the information that flows between organizations can be easily snatched from the digital world. Smart designers, engineers and architects know that high profile projects and clients deserve protection at the source. A good DRM system can prevent theft by applying encryption, controlling who can open the file, and even expiring the document after a certain time.
Even IT departments can share documents internally that might be detrimental if leaked outside of the network (via a mobile device), or the networks were hacked. Therefore, network architecture schema, diagrams, password files, list exports, logs, mind maps, and other information on internal security protocols should be considered critical information that should be secured, not just within a secure network, but with wrap-around document-level protection and especially if it is to be shared externally for any reason (vendors and other suppliers).
We’ve all heard stories about sensitive financial or private personal information getting stolen by database intrusions by hackers. Still, sometimes this data is in documents that are unintentionally shared outside the network or found on a lost or stolen device.
Also, board minutes and information for shareholders is often confidential. This information can affect a company’s value – and prove profitable to competitors. A good DRM system can protect these documents individually to ensure that no one gets their hands on it who isn’t authorized.
Oil and gas companies, mining, research, pharmaceutical companies and other industries must keep their operational information and reports deeply secret.
Research and development firms also need to protect their reports and other information from getting leaked. Companies should consider protecting these documents in any industry where there is a great deal of effort and value in these reports.