Home | Subscribe | Contact Us | Advertise Home | Subscribe | Contact Us | Advertise
Smart features enhance the security of electronic documents
By Rebecca Trela
While paperless document solutions have been nipping at the edge of printing business for a long time, distributors have been largely ignoring these complex, sometimes expensive systems in favor of the devil they know—print sales and print management programs. After all, until recently only a few large companies needed smart paperless document solutions.
Now, however, the cost of these systems has come down at just the time when security standards, especially in the financial and medical worlds, are tightening. And forms sales reps, many of whom can conduct a workflow analysis and design interoffice paper flow procedures, are primed to position themselves as pioneers on the cutting edge. At the very least, technologically advanced security solutions are a tool every distributor should know. “Electronic medical records are going to be big,” says Aftab “A.J.” Jiwani, a California distributor who sells to about 4,500 clients in the industry. “A lot of big institutions and medical offices are going electronic, so old forms and pads are on the way out. It cost us some customers and got us thinking.”
Simple Approach to an Old Problem
Protecting “ordinary” documents has become more and more common, says Jennifer McEnerney, workflow marketing manager at Xerox Production Systems. Counterfeiters aren’t just focused on high-value documents like currency or checks, she says, and the company offers several types of software solutions to combat the problem. “They’re not absolutely fail-proof,” she says, “but it makes it a pain in the neck for counterfeiters.”
The programs, which are plug-ins for popular graphic design programs like Adobe In Design and Lightrod, allow special effects to be added with the normal print job or a variable job. The effects are microtext and correlation marks for black-and-white-jobs. Correlation marks require a simple overlay piece, or “decoder.” (“It’s like the prize you get from a cereal box,” McEnerney explains.) For color devices, the effects are gloss marks, fluorescent marks and infrared marks, all printed in-line.
For example, she says, the effects have been used on hospital patient bands, which are variably printed with secure identifying information. Using the correlation marks, the patient’s information is printed but appears “scrambled,” and nurses and doctors pass a plastic piece over the band to read it. It’s an easy way to comply with HIPAA privacy requirements. Some other applications include parking passes, ID badges or low-value event tickets where the cost doesn’t justify higher-end security features, but the customer needs it. (Watch a video of correlation marks at xerox.com)
Who Needs These Solutions?
While many users think of securing e-documents as a confusing process that must be handled by IT departments, it’s not that difficult to manage. Users have a lot of options through Adobe’s familiar PDF format, which can modify who can open a document and provides a report for who has. Utilizing software upgrades, there are far more sophisticated ways to manage this technology within the same formats.
"These solutions for lower-value documents aren’t absolutely fail-proof, but it makes it a pain in the neck for counterfeiters, and then they don’t bother."
Jennifer McEnerney, Workflow Marketing Manager
Xerox Production Systems
“Some of our customers, especially those with military and government applications, use the Adobe technology in conjunction with plastic SmartCards,” explains John Landwehr, director of security solutions and strategy at Adobe. “The cards are embedded with a random long number, which is encrypted.” Users swipe the card to gain access to facilities and to read and sign documents.
“The cardholder and the document are bound together at the moment of signature,” Landwehr says. “If you change anything in the smart document after it’s been signed, it ‘breaks’ the signature and it’s no longer valid.”
While working with the U.S. Army, Jim Till, chief marketing officer at Xythos Group, a software provider, heard this phrase: “publish in place.” It aptly sums up what his company offers to organizations like the UN and the Department of Defense, he says: a secure link that allows multiple users to work on the same document simultaneously, but keep all of the versions on the same secure server. “Instead of using email to send an attachment, you’re passing around a web link to those with the right passwords.”
Legal departments have been some of the first adopters, Landwehr says. “Last night I read an article online about a former employee of LG electronics, who left the company with thousands of top secret R&D documents about the company’s plasma screen TV plans.” These applications—in addition to board of directors binders with sensitive documents and accidentally forwarded internal emails—are driving some document managers to find a better way.
The High-End Approach
Last year, the Wilmington, Del.-based pharmaceutical company AstraZeneca became the first company to submit electronic documents to the FDA supporting a drug’s approval application. The company estimates it saved thousands, but more importantly, it saved travel expenses and time, which enabled the company’s drugs to reach the market faster.
“It enabled the submissions management group to focus on the submission quality rather than the logistics of scanned documents,” the company said in a report.
The pharmaceutical company executives realized that documents could be signed electronically from everywhere, according to a white paper published by the pharmaceutical consortium SAFE BioPharma. The organization is working to implement digital signatures in the biomedical industry. Scientists from AstraZeneca offices around the world, they realized, could collaborate in real time and authenticate research, findings and summaries. Although remote collaboration tools are readily available, until recently there was no way to secure the communication nor to translate that security to the printed page.
“Historically these companies show up at the FDA site with a tractor-trailer full of paperwork” documenting drug clinical testing, Landwehr says. “You can see the cost, not to mention complexity and risk, with those documents.” SAFE estimates that companies can save about $100 per signature in the digital format vs. the electronic one, but the efficiency savings in printing, copying, securing and managing the documents can number in the hundreds of thousands. The standard meets HIPAA regulatory guidelines and Title 21 CFR Part 11, which deals with FDA standards for electronic signatures and records.
To sign documents, users need both a SAFE credential and a passcode, much like using an ATM with both a debit card and a PIN. Sometimes this dual-prong approach is referred to as “something you know and something you have.” The system uses PKI, or public key infrastructure, to encode the signature.
In another common-document example, Penn State University utilized a related technology to manage its transcripts and prevent counterfeits. Previously, the university was issuing expensive watermarked transcripts, but it didn’t stop some unscrupulous students from changing their grades. In the PDF solution, the university controls a number of variable elements on every page as well as the printing and copying options.
“For the same price that the university was selling a paper transcript for,” Landwehr says, “they could get the document overnight to a student, no postage, no printing.” While the situation sounds profitable to a software company like Adobe, which licenses its platform for modification and resale, it could also be the money and labor-saving solution that helps a distributor keep a client this year.
How to Sell?
“Eight years ago, if I told you that you’d be wearing this little device on your belt that plays music and makes phone calls and you’d feel kind of lost without it, you would have told me, ‘No I won’t,’” says Ed Crowley, CEO of print industry research consultancy Photizo. “The brilliance of Apple is that they thought of how this new technology could apply and how people could use it.”
The same scenario applies in the printing world, Crowley says: providers must understand the complex technology, and understand the end user’s business, and then position themselves as the conduit between the two. In surveying print companies, he says, many tech-savvy sellers get new technology and ask customers, “I have this great device, how would you use it at your company?” The end users don’t know, he says, and sellers then think asking the customer isn’t useful. The right sales pitch, he says, is to suggest a solution, and then ask, “If you could do this, would it be useful to your company?”
Generally, providers need to know who has access to the document, what someone can do with it (print, modify, copy and paste), what someone has done with the document in the past, whether the document has been altered, and who the source is.
These are the questions that keep pharmaceutical companies up at night, Landwehr says. There are situations where secure documents can be integrated in a web-to-print scenario where the document is printed at a remote site, but that’s not altogether necessary, Landwehr continues. “You can email the file of your annual report to your print shop, but set it not to be readable until midnight the day before it’s printed or some other specific time.” That way, he says, the security resides with the document and not the provider’s website.
Do electronic documents spell doom for print industry channel partners? Smart document solutions such as these aren’t the same as a “paperless office,” says Jorge Ruano, CIO of wholesale mortgage lending firm Taylor Bean & Whitaker. The company is implementing a solution to secure their financial documents in dealings with the public.
“In a paperless office, anything you have just gets imaged, which is still a cumbersome workflow. With the smart documents option, you change the way documents are handled and distributed, instead of just taking a picture of it,” he says. “Instead of a piece of paper problem, you have the scanned image problem. When you have smart features, the problems take care of themselves.”
Rebecca Trela is assistant editor of Print Solutions Magazine. Email comments to rtrela@psda.org.