CDSA

PDF Watermarking: Dos and Donts (ISE)

[svg-table-content]

PDF documents are used by nearly every company operating today. Most, if not all, of these companies will have employees with the need to share documents containing sensitive contents with individuals both inside and outside the organization. Organizations commonly watermark these documents with identifying information such as company and username to dissuade individuals from leaking documents and, in the event a leak occurs, to help identify the source of the leak. This post will explore some of the more common techniques used to watermark sensitive documents, discuss some issues with these techniques, and provide insight into more effective methods.

In the case of PDF documents, watermarking is usually implemented by overlaying each page of a document with a certain image or phrase. Watermarking can be an effective technique, but only if implemented properly. Typically, in the case of security, a watermark will contain information uniquely identifying the individual for which it was intended. This protection is twofold. First, it discourages employees from leaking confidential information, and second, in the event a leak occurs, the company or organization can easily identify the individual responsible for the breach of confidentiality. A simple example of such a watermark would be overlaid, semi-transparent text snippet containing the name or username of the individual originally granted access to the document.