4 Replies Latest reply on Jan 27, 2016 7:56 AM by John.Cloyd@JCSConsulting.com

    Is there a way to make content view only?

    mcolen

      We have some highly sensitive competitive information we want to post on our internal Jive group - but we don't want people to download it, or use the view as PDF function....we have tried taking a photo of the content and inserting it in a blog, or discussion or document, but with all of these you are still able to print it out....Has anyone done anything clever with this sort of problem?

        • Re: Is there a way to make content view only?
          John.Cloyd@JCSConsulting.com

          Hi MaryAlice,

           

          Unfortunately to solve the problem you would need to change the laws of physics .

           

          Fundamentally the content you are trying to protect must be downloaded to a laptop/tablet/smartphone in order for somebody to view it. Once it is there it is subject to being copied and/or forwarded no matter what you do.

           

          At the most basic level - if you have made some content visible on a device the device owner can capture that content via screen-scraper, screen-cap software or even just by taking a picture of it with their smart phone and then forwarding the resulting picture.

           

          Some software products make this more difficult but still not impossible - If I can read it, I can somehow capture it and forward it on. And these software products would have to be deployed on every single device you are going to allow to view the sensitive content.

          1 person found this helpful
          • Re: Is there a way to make content view only?
            tburak

            Hi mcolen  - me too -

             

            I've had requests for this functionality as well - there should be a feature that doesn't allow download (with the intent of attaching to an email, and sending outside the business) and in the cases where something can be downloaded, we should be able to track who has - this is mainly for compliance reasons.

             

            And John Cloyd - agree - print screen is always an option, and we won't deter / stop all, but it would be good to have a measure of control or diligence over certain items -

              • Re: Is there a way to make content view only?
                John.Cloyd@JCSConsulting.com

                Totally agree Tanya.

                 

                It can sometimes be useful to organize the thinking around this aspect of security into two groups:

                • "unintentional", "thoughtless" or "casual" security breeches - somebody with access to confidential information forwards it to somebody who shouldn't see it without really having the intent to do an unauthorized disclosure. They knew it shouldn't be shared but just didn't think about it before making the unauthorized disclosure.
                • "intentional" security breech. This person knows the information is confidential and is determined to make the unauthorized disclosure.

                 

                I think the opportunity for technical improvement is around the unintentional breech; make it more difficult to "accidentally" disclose something.

                 

                Preventing the intentional security breech is much more of a process solution outside of the technical sphere; background checks, limited access to begin with, revoke access as soon as somebody no longer has legitimate current need for access to the information; auditing who accessed the information etc. It looks a lot more like how government classified information is controlled. But the bottom line is once you give somebody access to the information they can disclose it.

                1 person found this helpful