SBN GUEST ESSAY: Going beyond watermarks to protect sensitive documents from illegal access

Cyber threats continue to gain momentum and there are still not enough ways to counter it.

Related: Why the ‘Golden Age’ of cyber espionage is upon us.

The global threat intelligence market size was estimated at $10.9 billion in 2020 and will grow to $16.1 billion by 2025. Yet, according to the study by the Ponemon Institute, the number of insider leaks has increased by 47 percent in 2020 compared to 2018. As a result,

The majority of businesses (55 percent) are using some sort of a tool to monitor for insider threats; including data leak prevention (DLP) software (54 percent), user behavior analytics (UBA) software (50 percent), and employee monitoring and surveillance (47 percent).

They also enrich documents with metadata and place them in crypto-containers, access to which is only granted by permission. However, all of these solutions are powerless when it comes to photographing a document with a smartphone and compromising printed copies of documents. Therefore, these solutions cannot cope with such leaks.

The companies partially fill this gap through the application of watermarks. Watermarks can be used to protect digital or printed documents from unauthorized use by other people or entities or to identify the original creator of a copy.

The market offers many solutions, from free online programs to corporate software. In particular, watermarks can be customized to incorporate a specific text and specify the required properties such as direction, transparency, color, etc. But along with this, such markings have several disadvantages.

Watermark limitations

First, since the watermark is visible, it is easy to remove it. This can easily be done in any photo editor such as Photoshop. Second, it interferes with reading the content of the document itself. Often it overlaps some part of the text, which can carry a specific semantic load. Third, a watermark will not protect a document if someone takes a photo of its section without the watermark and uploads it online.

Demyanchuk

In addition, in the event of a leak, the watermark will not help to determine who leaked the document if an attacker cleverly cleans up the document, deletes it, or hides it. Watermarks are good when we talk about them as an additional measure to protect documents, but they cannot be a key one. Yes, they are cheap to apply. They can be dynamic. But they have more disadvantages than benefits if we talk about ensuring information security.

There are more exotic ways of protecting documents. One example is the so-called Yellow points (microdots), when small yellow dot-marks are placed on a sheet of paper. They are practically invisible. But, unfortunately, if such a document is photographed, the points won’t be visible either. In addition, they do not cover the entire page, so part of the document remains unprotected.

Some companies take an unusual approach by using special fonts. Special serifs are added to letters, for example. Using this approach, you can create unique copies of documents, but there is a significant limitation on the number of possible copies.

In situations when existing and popular solutions cannot fully close the gaps that have arisen, the need for new solutions becomes especially urgent. One of such solutions is offered by the G-71 company.

G-71 is a New York-based data leak deterrence software company that was founded in 2019 by experts in IT & cybersecurity with 20 years of experience in the field. G-71 created the state-of-the-art information security solution LeaksID to protect private and corporate documents from illegal access, complementing DLP systems.

Identifying leakage

LeaksID, already chosen by over 110,000 customers, has been designed to integrate with popular document management systems (such as Google, Microsoft, SAP, IBM, and others) and standard file formats and can also be used for document storage and conversion. In 2020, G-71 went through the Alchemist acceleration program and then launched a cloud-based solution.

Developed by G-71, LeaksID uses a patented algorithm (U.S. Patent No. 11.120.520) that applies invisible anti-leaks marks to all your documents and converts them to PDF format. In comparison with watermarks, such markings are entirely invisible to the naked eye; only the system itself can recognize them.

The technology uses the steganography method. Marking in the system occurs during any interaction with the document. As a result, clients can view, share, download, and print protected documents and identify the leakage culprit in the event of illegal publication.

It works even if the data is stolen by taking a photo or in hard copy form. LeaksID can make 27,000 copies for every person on Earth from one page of text – that’s 205 trillion unique combinations.

To remove the G-71 mark, you must delete all the text to revert the page to its original state or completely retype it in another document. But that would be falsification of documents, and a fake document without any marks of its authenticity loses its value and acquires the quality of gossip.

About the essayist:  Julia Demyanchuk is the head of marketing at G-71 Inc. She has more than six years of experience in marketing management in advertising agencies, the HoReCa industry, and tech companies.

 

*** This is a Security Bloggers Network syndicated blog from The Last Watchdog authored by bacohido. Read the original post at: https://www.lastwatchdog.com/guest-essay-going-beyond-watermarks-to-protect-sensitive-documents-from-illegal-access/