This article can also be found in the Premium Editorial Download "Information Security magazine: Exclusive: Security salary and careers guide."
Download it now to read this article plus other related content.
Document Detective 2.0
Price: $300 for a single-user license
|SRS Technologies' Document Detective|
SRS Technologies' Document Detective ferrets out secrets before releasing documents.
It's tough enough for security personnel to review every outgoing document for sensitive information-- whether it's a pharmaceutical company's latest drug research, a military contractor's weapons development, or classified government material. But below the surface lies metadata and hidden changes, embedded images, and charts and tables that may contain embarrassing, even damaging, information.
SRS Technologies' Document Detective is an innovative product that assists in the review and sanitizing of Microsoft Office, Adobe Acrobat and other text documents before releasing them outside an organization.
While Document Detective's basic functionality relies on a standard keyword-matching algorithm, its true power lies in its advanced techniques, including the ability to detect text that is obscured by an image, table, or other object, as well as remnant data from Track Changes operations; we used this feature to detect text that was covered with an overlaid text box. Another powerful feature is its ability to detect cropped images and identify remnant data that appears to be deleted by the crop operation but is actually hidden from view. Document Detective also finds embedded OLE objects, such as hidden support data behind a chart generated from a Microsoft Excel workbook. You may see a pie chart, but Document Detective reveals the spreadsheet--with cells of confidential data--used to generate it.
Running Document Detective is simple: Start the application and open the document you wish to review. Document Detective processes the document (it took up to three minutes when working with a large document on an average desktop system) and provides a comprehensive tree view of the document attributes, highlighting areas that contain potential policy violations and require human review. We found that this feature worked well, and, while the entire document tree contains a large amount of information, the policy violation flags helped target our efforts.
Upon completing your review, you can switch over to the native document application using the "Send to Application" feature. You're then presented with a Document Detective toolbar within the original application, allowing you to review suspected policy violations. This process can be quite tedious, as you need to print a copy of the Document Detective results and use the numbering scheme to navigate within the original application. Additionally, the numbering scheme changes as you make edits, requiring you to start at the bottom of the document and work your way to the top.
This was first published in July 2006