With this solution, we now feel secure in distributing our research reports online, knowing they are protected no matter where they go.
By now we have all heard about the top secret US military documents pertaining to the Afghanistan war being leaked to WikiLeaks. More than 91,000 reports describing actions involving the US military’s actions between 2004 and 2010 were leaked to several major media outlets before being published online.
The moral and ethical implications of having these confidential documents leaked are not for us to surmise over, rather we are asking another question - how could the US military have prevented such a huge leak of internal confidential documentation?
The answer is astoundingly simple. With such sensitive information, the US military should have been using a PDF protection system that secured each document individually, requiring users to enter authorized credentials each time it was opened. We can only assume that the US military does use a document security system and we cannot comment on the security system they are employing, the nature of which is obviously confidential for security purposes. But what we can point out is that clearly there was a huge problem with it.
What specific security features should their PDF protection system have had?
1. Individual Document Protection - each PDF should have been secured instead of having a security system to protect all documents at once. If that one layer of security is breached, then all the documents are will be exposed.
2. Offline Access - each document should have been locked at all times, with authorized users having to login each time they want to access the document. This limits authorized users from unlocking the document and leaving it accessible all the time.
3. Print Control - authorized users should not have the ability to print any of the documents. This prevents authorized users from distributing hard copies of the confidential reports.
4. Document Tracking - the US military should have been able to see who exactly accessed what document and when. In the event of a leak, they will be able to pin point who leaked the document and when it was done.