Back to Knowledge Base
What is the Global Object Security policy and what do I need to do when I see this message?

The Global Object Security (GOS) policy is a setting in Adobe Reader and Adobe Acrobat that controls how cookies in Adobe products behave. The default setting is to "enable global object security policy" which means that every time someone renames a file or moves a file to a different location, a different cookie is created each time. Since Vitrium's content security solution relies on these cookies to track the number of 'devices' that a user opens the secured content on, it is STRONGLY recommended that end users disable this feature. 

How to disable the Global Object Security Policy:

  1. In Adobe, go to Edit > Preferences
  2. Click the JavaScript tab
  3. De-select (uncheck) the "global object security policy" field
  4. Click OK

Users will only need to do this once for one computer. If they wish to open the protected PDF file on a 2nd computer (assuming they have permission to do so), then they will need to disable the GOS policy in Adobe on the other computer as well. 

To learn more about disabling the GOS check out 'How to Support Your End-Users' guide or 'How to Open a Vitrium Protected PDF with Adobe Reader' videos.

Why do users need to disable the Global Object Security Policy in Adobe?

Because otherwise the user may exceed the limit that was set for them in their DRM policy and they will encounter the vc3 error message (You have exceeded your PDF or browser limit) even if they have only opened the file on the same computer.

By disabling Adobe's GOS policy, the user can then safely move the protected file from one folder to another, or rename the protected file to something else, but not reach their limit as the cookie is saved with the file on that same computer. 

Can I remove the Adobe global object security policy pop-up message?

Yes, you can remove this message but we only recommend this to Vitrium customers who DO NOT set a PDF limit in their DRM policy settings.

To remove the message: 

  1. In Vitrium, create a new Content Settings
  2. Click the Advanced Options tab
  3. Check "Set Acrobat cookie policy"
  4. For both Acrobat 10.0 and Acrobat 11.0+, select "No prompt and no close document" for both fields
  5. Ensure all your other Content Settings are created (i.e. no print, no copy, etc.)
  6. Click Save & Exit
  7. Then apply this new Content Setting to all files or only those files where you do not require a PDF limit for users

Using Vitrium's VersionUnique API, this content setting can be changed/overridden by including this parameter:

"DocPolicyOverride":
    {
    "AcroJsGosBehaviourType": "NoPromptAndNoClose",
    "AcroJsGosUnlimitedBehaviourType": "NoPromptAndNoClose"
   }

Where:

AcroJsGosBehaviourType would apply to Acrobat v10 and earlier releases
AcroJsGosUnlimitedBehaviourType would apply to Acrobat v11 and newer releases

Definition of each Acrobat GOS policy setting:

  • PromptAndCloseDocument - this will prompt the user if they don't have the global object security policy setting disabled and will close the document until they make this change. This is the default setting. 
  • PromptOnly - this will prompt the user if they don't have the global object security policy setting disabled but will not close the document. You then run the risk of the user reaching their PDF limit if they did not follow the instructions.
  • PromptOnce - this will prompt the user only once if they don't have the global object security policy setting disabled but will not close the document. The prompt will appear once per document, not per device. You then run the risk of the user reaching their PDF limit if they did not follow the instructions.
  • NoPromptAndNoClose - this will neither prompt the user nor close the document and is only recommended in scenarios where you DO NOT require setting a PDF limit for users. When set, a new deviceId/Tracking Id is generated when the user first opens the document; a new deviceId is generated if the user then renames and opens that document; and a new deviceId is generated if the user moves the document to a new folder and opens it from there. So be aware that a small device limit (1 or 2) can be exceeded by a user who simply renames or moves the Protected PDF on disk.

 

How do I save a copy for offline use?

For the secured web documents to work offline, a copy needs to be saved in the user's browser cache. This is a quick video shows how you can save a copy on your browser cache for offline use of the secured web document (Vitrium's Web Viewer):

Basically, the web document needs to be saved in the browser’s cache (as cookies) so it can be used later when the User decides to access it ‘offline.’ You’ll notice in the video also the delete button to remove this ‘saved copy’ from the browser for when their use is done.

We highly advise for the User to clean up their browser cache soon after they’re done reading the document offline as it will eventually fill up their browser caching storage (which gets stored on the hard drive). Simply put, if they save all  the documents they have permission to for offline use, the browser cache can get quite large and it will start to slow down their computer speed for processing things.

Here’s an article online that you can read for more  clarification on the browser cache: http://www.makeuseof.com/tag/browser-cache-makeuseof-explains/

What kind of password should I set up for the recipients of my content?

 

We recommend that you initially set up your Users (the recipients of your content) with a strong password, minimum 8 characters, and one that uses a combination of letters, numbers, and special characters.

We also recommend you select "Force user to change password" when you're adding Users into your Vitrium account as this way, the User can select their own password which may be more familiar to them. 

mceclip0.png

For additional password controls, be sure to read more about our "Security Settings" in the Vitrium Security Admin Manual.