Augmenting SharePoint 2013 with Browser DRM
A hole exists in SharePoint security. It isn’t the sort of hole one usually thinks about when considering content security, the type that allows unauthorized users to access restricted content. Rather, it’s a hole in the functionality spectrum.
That spectrum is marked by extremes: Out of the box, SharePoint provides only basic document security options that protect the integrity of the repository but don’t effectively address misuse of content through unauthorized distribution. At the other end of the spectrum are add-on solutions that address some of SharePoint’s shortcomings, but do so only for a high implementation cost.
What’s needed is a third option, in the center: an integrated way to augment SharePoint’s native digital rights management (DRM) capabilities easily and effectively for a low cost in terms of licensing, infrastructure, implementation, maintenance and user training.
The Status Quo
SharePoint 2013’s native security enables administrators to deny all access to a document by user, group or library, to assign read-only access, or to grant full edit access.
The read-only option is essential for fulfilling SharePoint’s promise of document collaboration, where multiple users need to read a document but must be restricted from editing its content. Though effective, the read-only approach still leaves room for misuse.
The unauthorized user in read-only mode can still print the document, copy text from it, or even save it locally, edit it and then distribute it under a new name. All manner of content misuse remains possible under core SharePoint DRM, save for checking an illicitly altered document back into the repository in its original location under its original filename.
For many organizations that store sensitive content in SharePoint—such as those in government, healthcare and law—that’s too little restriction for comfort and compliance.
For tighter control over document security, many organizations turn to products like Office Web Apps (OWA) or Microsoft SharePoint Information Rights Management (IRM). While generally effective, such solutions can be expensive, and costly and complex to implement and maintain, often requiring dedicated servers and other additional IT resources. And both OWA and IRM are limited to displaying Office documents and PDF files, and are useless for delivering accessibility to the myriad of other file formats actively used in the current enterprise landscape.
The Browser Is the Key
To fill the DRM functionality gap in the SharePoint ecosystem, what’s needed is a SharePoint-integrated document viewer that:
- Does not require the download of the actual document file to the user’s computer or device.
- Displays documents of almost any format outside of that format’s native editing application.
- Applies DRM controls that enable a SharePoint administrator to selectively enable or disable printing, copying and downloading by document, library, group or user.
All of this is achievable through a browser-based HTML5 document viewer called from SharePoint 2013 for selected users, groups, documents or libraries when the administrator requires better DRM control than native SharePoint supplies.
The browser solution displays the document without actually downloading it to the client. This method not only prevents unauthorized editing of the source document, but also provides performance advantages, especially when a document is viewed through a mobile device.
With a browser-based solution in place, the administrator can still grant or deny any and all basic access rights available within the core SharePoint feature set. But by using familiar SharePoint ribbons and permissions dialogs, the administrator can redirect selected users or groups already defined and configured in SharePoint to the browser-based viewer whenever tighter DRM is a business or compliance imperative.
Using simple checkboxes, the administrator can show a download button to grant access to the source file, or hide the button to prevent the source file from reaching the client. Similarly, the administrator can show or hide print and clipboard copy functions. In this way, a browser-based solution provides the full level of restriction that read-only mode is intended to provide, but cannot.
Once the document is viewed within a customizable HTML5 window, additional functionality becomes available, such as annotations, redactions and advanced search tools with hit highlighting.
A browser-based solution not only avoids the high cost and complexity of some other approaches, but also delivers additional savings. Users who only need to view and comment on documents of a certain file type won’t require a license seat for that type’s native application. And where users are viewing multiple file types through a single interface with a consistent, intuitive set of controls, training costs are lower than in organizations where users must learn to operate the individual native application for every file type they review.
Better DRM Augments SharePoint’s ROI
The improved DRM security and other additional functionality made possible by the integration of a browser-based HTML5 document viewer into SharePoint 2013 opens opportunities for organizations to work with their content more effectively, helping them to maximize the return they achieve on their SharePoint investment.
Legal firms working with case-related data for e-discovery or other purposes can realize great improvements in collaboration and efficiency through the ability to display electronic records without worrying about those records being disseminated to unauthorized sources.
Insurance firms can provide viewing of policy documents while maintaining client confidentiality.
Medical providers can show electronic records to authorized personnel while ensuring that those records never leave the building.
Research groups can share data with collaborators across the world while always maintaining the integrity of that data.
SharePoint delivers the most value when augmented by the additional third-party functionality required by specific organizations. Browser-based document viewing for SharePoint enables those organizations to enjoy all of the benefits of SharePoint standardization while enforcing the content control they require, and to do so in a way that does not break the bank.
With 20 years of experience in the technology industry, Peter Nuffer has worked with developers and executive teams throughout the world on a wide array of ERP and ECM solutions. At Accusoft in Tampa, FL, Peter serves on the sales engineering team.
Accusoft provides document, content and imaging solutions as fully supported, enterprise-grade, client-server applications, mobile apps, online and cloud services and software development kits, including the Prizm Content Connect for SharePoint HTML5 document viewer. www.accusoft.com 813-875-7575
Companies and Suppliers Mentioned