Get started Bring yourself up to speed with our introductory content.

Security policy for PDF use: How to secure PDF files for the enterprise

PDF files are an integral part of many enterprises' business processes, and, as such, they are a prime target for malicious activity. In this learning guide, learn how to secure your organization's PDFs, prevent attacks against them and decide when they are (or are not) the most secure option.

PDFs are a ubiquitous part of enterprise communications, but since organizations' dependence on them has grown, they have become a more lucrative target for attackers.

Recent PDF attacks have used sophisticated shellcode, making the malware difficult to detect and remove, and PDFs have been successfully used in meticulously targeted attacks against U.S. defense contractors, among other formidable victims.

It's apparent that, should an organization continue to use PDFs to transmit data -- especially sensitive data -- it must re-evaluate its PDF security policy and treat the documents with particular care. This mini learning guide offers best practices for securing PDF files in storage and in transit, and expert advice on when PDFs should and shouldn't be used.


How to secure a PDF file
As with most information security issues, there are a few basic do's and don'ts of creating a security policy for PDF use that can save an enterprise a lot of trouble if implemented. Learn the steps that can set a solid baseline for PDF security at your enterprise.

Enterprise PDF attack prevention best practices
Once you've created a baseline for PDF defenses, take an offensive step and begin PDF attack prevention. In this tip, expert Michael Cobb delves into a few of the most important things your enterprise can do to prevent its PDF files from compromise.

Security of email PDF attachments
While no email attachment should ever be considered secure by default, PDF attachments warrant particular attention. Learn more about self-signed digital IDs and encryption for more secure PDF transmittal.

How to use a PDF redaction tool with a redacted document policy
Data-stealing malware is not the only way that sensitive data can leak from an enterprise via PDF. On many occasions, intellectual property, PII or even embarrassing remarks have been sent to unintended recipients in un-redacted PDF files. Learn best practices for redacting such comments in this tip.

Are encrypted Microsoft Word files safer in transit than PDF files?
Microsoft Word documents and PDF files are two of the most common ways to send information, but which is more secure in any given scenario? In this expert response, learn which has the stronger native encryption, and how to secure PDF files with password protection.

This was last published in August 2010

Dig Deeper on Productivity apps and messaging security

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.