Adobe LiveCycle Policy Server
July 27, 2005
$40,000 (500 users at $80)
- Ease of Use:
- Value for Money:
- Overall Rating:
Offers tracking and some control over what happens to a document during its lifecycle. Keeps document access neatly self-contained.
Very expensive and not totally foolproof.
Cannot control who sees a document, but excellent if you want to track document usage.
Policy Server appeared with the release of Acrobat 7 earlier this year. It builds substantially on the encryption and password security of past editions of Acrobat and provides control over how Acrobat PDF format documents are accessed.
The software is Java-based, which makes it suitable for Linux, Unix and Windows with Java 2 SDK 1.4.2_04 or later, and it works with JBoss, IBM WebSphere and BEA WebLogic servers. It offers support for MySQL, Oracle, IBM DB/2 and Microsoft SQL Server databases.
The crucial requirement is that an LDAP-compatible directory is available on the server. Adobe recommends Microsoft Active Directory, Sun One Directory Server and Novell eDirectory. Installation is in simple, clearly documented steps using a wizard.
Policy Server is a standalone system and any users have to have access to the server and must be registered in the directory. Even the registration service is a wizard, with customized layouts for the invitation, confirmation and change of password emails to send the end-users.
The range of controls provided through Policy Server is fairly extensive. Offline access can be fixed for a specific period and blocked from being copied or forwarded. The recommended access is online only for the highest levels of security and this can be limited to behind the firewall for sensitive documents.
Event tracking can also be turned on to audit the number of times a document is accessed, by whom or number of copies made. Controls can also be applied and audited as to who can view, forward, print or copy content.
Sadly a lot of this merely makes it harder to copy, not impossible. With a screen grabber and OCR software it was possible to reconstruct a document.
Standard Adobe document controls can be included in the properties, which determine what degree of access a reader has.
Although Adobe's controls are diverse, the ability to screen grab or photograph documents means that the only real advancement is the ability to track document usage over a predetermined lifecycle – which makes the price tag look extremely high.
Sign up to our newsletters
SC Magazine Articles
- Long list of devices believed to be affected by NetUSB vulnerability
- Scammers target oil companies with sneaky attack
- CareFirst BlueCross BlueShield breached, more than one million individuals notified
- Study: Employees acknowledge risky security behavior, continue to engage in it
- Hack of airplane systems described in FBI docs raises security questions
- Hackers exploit Starbucks auto-reload feature to steal from customers
- Study: Nearly all SAP systems remain unpatched and vulnerable to attacks
- Former Nuclear Regulatory Commission employee arrested for alleged spear phishing campaign
- Millions of WordPress websites vulnerable to XSS bug
- FireEye first cybersecurity firm awarded DHS SAFETY Act certification
- Thousands of Bellevue Hospital Center patients notified of data breach
- Study: 86 percent of websites contain at least one 'serious' vulnerability
- Investigation ongoing in reported multimillion member Adult FriendFinder breach
- Report: $19M breach settlement between MasterCard, Target terminated
- FTC gives thumbs up to companies that cooperate during breach probes