We have a requirement to prevent saving additional copies of PDFs that exist out on a network drive. Currently, we have “locked down” the PDFs as much as the format will allow – which means prevently copy/paste, editing, and printing. However, the client requires that no one be able to create an additional copy of the PDF once they have it open.

Using native PDF, this is not possible, because firstly, they can always click the link in the browser and “Save As…” to their desktop. Also, they can click “Save As…” inside of the Acrobat Reader and there’s no way (short of hacking) to turn that off. Also, even if we hacked the Acrobat Viewer, there’s always a chance that they might view and re-save the PDF in another 3rd party viewer.

There are a couple of initial alternatives that come to mind:

1. Use a DRM provider to lock down the access to the files – this is not an option due to the expense

2. Create a web service that converts the files to TIFF and then encrytps them with a “secret” key and serves them up as “.abc” files. Create a special viewer for “.abc” files that only runs internal to the client’s network and opens this file and decrypts it. Without the custom viewer they can’t view the files. They could make copies of them, but if the viewer is locked down to their individual machine or must run within the corporate network (checks for secret key from web service before launching, for instance), any copies they make won’t be open-able.

3. Create a Flash or Silverlight viewer that essentially does the same thing as above, but never actually saves the file to the PC – just shows it within the browser.

Does anyone have any other alternatives that might be simpler? The goal isn’t to have 100% bomb-proof security, just to prevent employees from easily making copies, emailing those copies to competitors, friends, or other folks who shouldn’t have access to these sensitive files.