The simplest and most common means of securing a PDF is to add a password to the document and require anyone desiring to open the document to enter the correct password before the document will open. An added benefit of using this technique is that adding a password to a PDF document encrypts the document, making it less likely that someone could intercept a PDFs contents when the PDF is an e-mail attachment.  What many are not aware of is that Acrobat actually allows two independent passwords to be associated with a given PDF – one that a user must know to open the document and a second that users must know to make changes to the document. If the author specifies a second password, he can explicitly control what editing and printing privileges others will have when they open the document. There are several entry points to add passwords to a PDF document; among these are clicking on the Advanced menu, Security, and Encrypt with a Password.

In addition to securing PDFs with passwords, authors of PDF documents can secure those documents using digital certificates. To utilize this measure of security, one must first have a digital ID; a complete discussion of digital IDs is beyond the scope of this article; for more information on digital IDs, please visit http://tinyurl.com/k2tips-digitalid.  With certificate security, Acrobat encrypts the PDF so that its contents are accessible only by those persons specified by the author; further, document recipients have confidence in knowing that the document originated with the owner of the digital ID. Two strengths of using certificate security are that they 1) eliminate the need to share passwords and 2) allow authors to assign different permission levels to different users. The entry point to apply certificate security is similar to that of securing a PDF with a password; click on the Advanced menu, Security, and Encrypt with a Certificate.

In addition to the two common security methods cited above, other very good security options exist for protecting PDF documents in Acrobat. Users can save security policies, for example, for either password or certificate-secured documents and reuse these policies on future documents. Additionally, those in larger organizations may consider using Adobe LiveCycle Rights Management, a server-based security model that stores security policies; users connect to the server to work with these policies. Also, redacting sensitive information out PDF documents is an easy way to ensure that such data is not accidentally compromised; to redact information, select Redaction from the Advanced menu. Finally, creating a Security Envelope is a terrific way of encrypting and securing not only a PDF document, but also related files such as Excel workbooks and Word documents. A Security Envelope allows users to place a PDF “wrapper” around multiple documents of virtually any file type and use that PDF wrapper to control security for the entire batch of documents.

Accountants everywhere are storing sensitive and critical data in PDF documents. By default, PDF documents are not secure and, as such, the data contained therein runs the risk of compromise. Take a few minutes now to learn more about each of the methods for securing PDFs discussed in this article and decide which methods will work best in your situation. Regardless of the method or methods you choose, be sure to apply them consistently and insist that others in your organization do the same in order to avoid the potentially embarrassing and costly scenario of notifying others that you or someone in your organization compromised their sensitive data while it was in the hands of your organization.