Re: secure file and prevent printing and saving?

["Scherck, Daniel" <scherckd () EVERGREEN EDU>]

I have to agree with the general message so far. There's no real technical solution if you want complete control of a 
digital medium. If it can be seen on the screen, it can be captured / copied / printed.

That having been said, there's other things that one could do if you need to exercise control...


-          Administrative control:  Rather than seek a technical solution, just send out a note with it along the lines 
of, "If you print / export this outside the network, you're fired."

-          Keep it inside:  Host it on an internal web server, maybe only accessible through a Java / Flash applet that 
displays the item without save option, and only allow access from domain computers within the LAN.

-          Dynamically generate a watermarked PDF for each user so you can track whose copy ended up outside the 
network?

Dan Scherck
The Evergreen State College

From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Maloney, 
Michael
Sent: Monday, May 06, 2013 8:23 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] secure file and prevent printing and saving?

Some sort of Digital Rights Management comes to mind.

However,  nothing prevents a end user from using a screen capture utility or a CTRL-A, CTRL-C to Word document.



From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Russ 
Leathe
Sent: Monday, May 06, 2013 11:12 AM
To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>
Subject: [SECURITY] secure file and prevent printing and saving?

Our President wants to send a file to all fac/staff that will prevent them from downloading, printing, saving the file.

In otherwords, a true read-only.

What have you used for this?

Thanks Again

Russ



From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Will 
Froning
Sent: Sunday, May 05, 2013 12:50 AM
To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>
Subject: Re: [SECURITY] Login/Logoff Activity

Hello All,


On Wed, Apr 24, 2013 at 9:32 AM, Will Froning <will.froning () gmail com<mailto:will.froning () gmail com>> wrote:
Hello All,

I'm wondering if any of your institutions monitor logon/logoff time for attendance/holiday/sick leave violations. I'm 
not looking for a technical answer, just whether or not your schools do this.

I'm trying to bring some support documents to the table so we can make an educated decision on if it's something we 
want to pursue. My feeling is that this is VERY unusual for HigherED, but links to policies or an email (with a yes/no) 
would be much appreciated.

If you like I can compile my responses (anonymously) and repost to the list if there's any interest.

This is just a followup to my original mail. All replies, save one, were posted to the list. They were unanimously 
"no". Since there aren't any "best practices" or obvious evidence of other schools doing this, the internal auditor has 
thankfully withdrawn his request.

To followup on the technical portion. If we were forced into doing this, I was going to suggest something like 
<http://www.authenware.com/> as one piece of the puzzle. That plus some network analysis and mobile device tracking 
would hopefully give us at least an understanding if they even came on campus.

Thanks,
Will


--
Will Froning
Unix SysAdmin
Will.Froning () GMail com<mailto:Will.Froning () GMail com>
MSN: wfroning () angui sh<mailto:wfroning () angui sh>
YIM: will_froning
AIM: willfroning