There's no way to do this I'm aware of.
Question: If your client doesn't trust his users, why is he giving them access to the material?
We had this debate within IT when they went to a remote Citrix system a while back. "OH MY!!! USERS COULD PRINT DOCUMENTS TO THEIR HOME COMPUTERS!!!" Well, duh. They could also print documents and carry them home in their briefcases. What's your point?
IOW, if you give users access to materials, then they have access. You can't really stop them from sharing those materials (even if it's through screen sharing). So the notion that you can prevent them from somehow disseminating the materials to unauthorized personnel is largely an illusion.
Exactly. They can:
- write it down
- take screenshots and print those
- take pictures with their cell phones
To expand on that: once you start treating the content as being more valuable than the people, it is a slippery slope and you'll be fighting a losing battle.
If you don't trust the people, don't let them interact with the content. But someone has to create the content...
Exactly. They can:
- take pictures with
- google glasses
- wide range of spy cameras
- a smart watch
- a tablet device
- email screenshots to themselves
- save to a thumb-drive/ external hd
- save/upload to a variety of cloud storage services
- any more?
MartinBridges - if your client is looking for the extra security, try suggesting password-protected pdfs.
One thing you can do is install monitoring scripts such that the system tracks who views and / or downloads the content. That would at least tell you who accessed a particular document in the time leading up to it going missing.
But again - what kind of culture are we dealing with here? Unless you're building a system for the NSA, is the insider threat really serious enough that we should be worrying about this sort of thing? If so, do we have personnel reliability programs in place? Background investigations? Security clearances? Two-factor authentication? Two-person rule? Security cameras? Biometrics?
Yes, I'm descending into the absurd ... on purpose. Security is a continuum, based on the likelihood of disclosure and the damage done when information is disclosed. So it all depends on what we're trying to protect. National security, yeah, you worry about this sort of stuff. Your mother's recipe book, of course not. Most business data, it's somewhere in between.
- any more?
Dictate the text into a microphone
The only way to secure computer data is to secure the computers that view it.
As mentioned anyone can make a screen shot of the monitor or even photograph it so the method described is suitable only for the uninformed as would be most methods.
Setting up dumb terminals in a secure location and searching the users for cameras, etc. would provide security of the data. But how would you secure their minds, read and tell...
Have your client google for "Visual data security" and understand that protection layers against this do not belong to / do not contain Filemaker.app.
There's no real protection against today's technology (last century we used to take floppy disk readers out of new Macs lol) and the only measure you can take is to set things up (log files, cameras etc as posted by other forum members) in such a manner that proof can be given of not making information theft easy and constraining users into leaving a trail of their actions. But honest users should not be stressed with unnecessary burden when doing the job they were hired for.
P.S. Been working 16 years for a big Swiss Trust Company, as head of IT... I feel your pain.
Burst the PDF into separate pages and pull into into related records in a portal...
You know I know how to do this...!!
And by the way why bother about one PDF in one record of one table, when you could wrap up yesterday's server backup tape in today's newspaper, make a ball, open the window and throw it out ? (while somebody is waiting for it to happen and is ready to get it as soon as it does)...
Transcribe from the screen—remember pens and paper?
ANother approach could be to store the documents in a seperate System (ie one of those archiving-systems like Canon Therefore, etc.) and access those pdfs via webviewer (those systems have all api's, ie for getting data via http/s). I know, You said that You want to store the data in FileMaker - but it could be an alternative. Drawback is that there might be another password to be entered..
IF You are on an 'analog' System, people may have one document/case on their desk. If the data is stored in Database (no matter if its FileMaker), they have all of the documents... if there are really convidential documents, just don't store them in a way people can access them through a 'global' key (like a DBMS).
DEaling with privacy here, employes have to sign a contract with those aspects. Then, a solution could be (as described in another posting) that You track the access/user in a seperate table. People have to know about that - but can't have any access to the log..
Adobe has been changing how it plays with others and this affects FileMaker since FileMaker does not write its own pdf viewer but relies on Adobe to do the viewing.
I've seen a change in the interactive portal where the PDF is not viewed directly in the container now but opens in an Adobe viewer which then gives all of the features you are concerned about such as printing, saving, etc. which is a security feature.
I suppose the individual PDFs can be password protected, etc. and perhaps the ability to save a copy disabled.
However, the viewer can use screen capture to capture what is being read...
I remember seeing how photographers could prevent the screen capture, or at least thought they could, of their web pages so they could put up an album to order from.
But then, even if you could lock down the computer, block the USB ports, etc. someone can still take a photograph of the screen or use pen and pencil to write what they see...
And if you only show one page at a time, what is accomplished. They can still copy the one page at a time...