8 April 2014
This article requires that the reader have a familiarity with DPS Entitlement scenarios and how to use the iOS Developer Portal to manage iOS applications. In addition, the reader must have access to the administration panel in the DPS Folio Producer to configure an Application Account for Secure Content.
User level: Intermediate
Required Adobe products (retail)
Additional required other products (third-party/labs/open source)
In Release 30 of the Digital Publishing Suite, Adobe introduced a feature for Enterprise customers that lets a publisher encrypt folios. This feature arose out of many requests from Corporate customers who wanted to use DPS for sensitive content but believed that the DPS Service did not offer robust content protection for folios in the Distribution Service or in flight between the Service and a Custom Viewer. While Device Content Protection is an effective method of protecting content on the device, it does not offer protection for content in the DPS Service. In Release 30, a content manager can now opt to publish encrypted folios to the Distribution Service. This satisfies many customers’ requirements for using DPS to deliver sensitive content to their tablet-enabled workforces, but it is not a Digital Rights Management (DRM) solution in the traditional sense. Also, enabling encryption impacts the content creation, publishing, and reading experiences. This article will explore use cases for Secure Content, examine the changes to the authoring and reading experiences, and compare Secure Content to DRM.
Secure Content is inappropriate for most traditional publishing use cases, and it was not designed as a Digital Rights Management (DRM) scheme for folios. It is intended to offer Corporate publishers a method of protecting sensitive content while that content is in the Folio Distribution service and to limit the pathways for that content to escape the control of the Enterprise.
Common use cases for Secure Content include manuals, Board of Directors packages, regulated content, proprietary documentation, sales material, and other sensitive materials. These types of documents require close control, as they often contain proprietary or regulated information that could cause the company harm if it were to escape their control. Companies leverage many different strategies to control access to this kind of material, including printing, encryption, secure web portals, honor codes and DRM solutions. In all cases, the strategy relies on either technology or employee honesty to keep unwanted eyes away from that sensitive content. In addition, customers who publish content of high value may want to leverage Secure Content to provide an additional layer of protection over what in-app purchases or entitlement provides out of the box. Lastly, publishers who produce business to business or lead-generating content may consider using Secure Content.
Traditional DRM binds digital content such as ePub or PDF to a specific reader. It is common for a publisher to leverage Adobe Content Server to wrap digital content in a DRM container. Once wrapped, that content can be accessed via any number of client applications built on the Adobe Reader Mobile SDK. There are other DRM solutions on the market, and they feature proprietary wrapping and reading technologies. All DRM solutions are built on the idea of one piece of content being specifically bound to a specific reader, and there is significant overhead in managing the keys to support that level of protection.
For DPS, many of the requests for DRM come from customers who currently either deliver ePub via their websites or who email PDFs to their readers. In both of those cases, there is no control over the document or the context in which it is read, since there are so many ePub and PDF clients available. To protect that content, the ePub or PDF must include some kind of DRM. DPS treats content differently, since there is only one context in which the content can be consumed by a reader. All encrypted DPS folios must be read in the context of the Custom Viewer. In addition, only Retail folios behind an Entitlement solution can be encrypted and eventually consumed on a Custom Viewer. Under this model, the content is unable to escape the controlled environment due to the combination of encryption and Entitlement. In addition, social sharing of that content is forbidden when Secure Content is active, so in many ways, DPS offers control over access to sensitive content that is comparable to traditional DRM solutions.
The other use case for DRM has been user tracking. The publisher, usually a Business to Business publisher, wants to know who reads what content in order to generate leads for their advertisers. In a DRM scenario, the publisher knows only that a PDF or ePub was entitled and accessed, but they do not know how the reader engages with content. They must build complex tracking links into their advertising in order to deliver leads back to their advertisers. In our Protected Content scenario, entitlement is active, so Analytics can tell us who reads which folio according to their SubscriberID. Since the publisher owns the SubscriberID, they know specifically which reader engaged with which specific ad, that provides a more valuable lead than what the publisher can get from a traditional DRM solution.
The DPS Help Document for Secure Content provides instructions on how to enable encrypted folios. It is not just about folios, as you will discover when you read that article. Your app must be built to enable the device’s Secure Content mechanism, which means that you will need to rebuild your existing app. My Protecting content on an iOS Device with DPS article in DevNet outlines the hows and whys of enabling secure content on your iOS device. Of course, your custom Viewer needs to be at R30 or higher to use encrypted folios, so you can use this as an opportunity to update your Push Notification tokens as well as add in some other App features like the Welcome Screen.
In conjunction with updating your Viewer to R30, you also need to enable Secure Content in your Application Account. This requires administrative access to the Account Administration tool.
Once enabled, the account will now have some limits applied to it, which we will explore in some detail.
Secure content has some important implications for workflow. From the content creation side, customers expect that it should be hard for content to escape the control of the Enterprise. For content creators, it means that they will be restricted in how they can proof or share secure articles.
Proofing folios in a Secure Content account is limited to either desktop or tethered proofing. This means that in order to proof a folio, you need to either test it on the desktop from InDesign or connect your iPad to your Mac and turn on the Content Viewer. Once connected, you can click the Preview… menu in the Folio Builder panel and choose your iPad. For customers using the Media Publisher in Adobe Experience Manager or another Web CMS for managing folio content, this presents a unique challenge.
When publishers use Media Publisher or other CMS, the expectation is that all folio creation is done in a browser and that InDesign is not usually part of the workflow. It is not uncommon as there could be hundreds of contributors in a large organization, and those contributors tend to be business users or knowledge workers with no access to InDesign. For accounts without Secure Content enabled, this presents no problem, since content creators can always push their content to the Folio Producer, turn on their iPad, open Content Viewer, and sign in with the Application Account credentials to proof content.
One potential workaround is to create content using a “dummy” account that does not have Secure Content enabled. This “dummy” or staging account can be an Application account or an individual contributor account that will never have an App associated with it and will only be used as a staging account for the Secure Content. As a best practice, the Enterprise should develop a policy around these staging accounts so that content will be auditable by appropriate regulatory or brand authorities within the Enterprise. In addition, the Enterprise should establish review and approval workflows within these staging accounts and a workflow for migrating content from the staging account to the deployment (Secure Content) account. Authors will create and proof their content in the staging account. Once ready for review and approval, the author would start the review and approval workflow and reviewers can review content on their iPads with Content Viewer. In cases where the Enterprise does not want any content to be viewable unless on a tethered iPad, then authors and reviewers will need access to InDesign on their desktop machines in order to proof their folios.
All article sharing from a Secure Content account will be disabled. This means that if you currently share content between accounts, you will need to consider the flow of that content. It is possible to share an article from an account that does not have Secure Content enabled to a Secure Content account, though, as described in the previous paragraph in the staging account workflow. The expectation is that content in a secure account should remain in the secure account, and limiting sharing from that account reduces risk. As stated above, customers may need to adjust their workflows to consider the secure account as an endpoint for content rather than a source of content in situations where folio sharing is common.
In order to publish shared content in the secure account, a person with appropriate authority will need to log into Folio Producer and copy the shared article. Once copied, the original folio can be deleted from the Secure Content account, which will break the sharing relationship with the staging account. Unless there is a reason to keep the original shared folio in place, it may be best to remove the shared folio to reduce confusion and clutter in the Folio Producer.
Once approved, it is time to publish the folio. Once all of the required metadata is in place, you can push the Publish button in Folio Producer. You will notice a new checkbox: Encrypt Folio. This needs to be enabled for your folio to be encrypted in the Distribution Service.
In addition, there is an expectation among Enterprise customers that secure content needs to reside behind authentication. As a result, readers need to be entitled to any secure folios in order to view them in a Custom Viewer. This means that all encrypted folios need to be Retail folios, and the Custom Viewer needs to leverage Direct Entitlement or, more granularly, Restricted Distribution. The Enterprise will need to manage the relationship between the authenticated reader and published folios in its Entitlement solution. Once you configure the folio as Retail and enable Encrypt Folio, you can Publish the folio.
Having reviewed how Secure Content constrains the content creation workflow, let us turn to the reader experience. From the reader’s standpoint, they should not be able to tell the difference between an encrypted folio and an non-encrypted folio. While this is generally true, there are a few differences that readers may notice when using Secure Content.
In a traditional workflow, DPS offers progressive downloads for content. This feature allows a reader to begin reading an article while other articles are loading. In a Secure Content workflow, the entire folio needs to be present on the device in order for it to be decrypted. As a result, secure folios may appear to take longer to download. You may want to adjust your strategy with respect to folio organization if you routinely make very large folios if the download experience is disruptive. For most Enterprise customers implementing Secure Content, this delay should be communicated to users so that they are prepared for longer wait times when they first download a folio.
Once downloaded, the folio is ready for reading and will behave like any other folio, with the exception of Social Sharing.
One of the ways that content can escape the control of the Enterprise is through a reader socially sharing the article. When you enable Secure Content, any encrypted articles will not be able to be socially shared, regardless of the settings in the Application Account. This also means that no Web renditions will be created from any articles in encrypted folios, regardless of whether they are Protected, Metered or Free. It is a best practice, therefore, to disable Social Sharing in App Builder when making apps for Secure Content accounts. For many Corporate use cases, social sharing is inappropriate, since the content in the app is usually intended to be viewed in the secure context of the Custom Viewer. If it is necessary to mix Socially Shareable articles with encrypted articles, then the user may be able to generate a “dead” URL for the encrypted article by tapping on the Social Share button, which would be a jarring user experience. In that instance, it is best to warn the reader that an article is protected and that it is not intended to be Socially Shared.
While DPS Secure Content is not a traditional DRM solution, it offers publishers much of the same control with the additional benefit of deep analytics about how specific readers consume content. In addition, Corporate publishers can leverage Secure Content to expand their use cases to include sensitive materials such as manuals, Board of Directors packages, regulated content, proprietary documentation, and sales collateral. Knowing that all encryption is susceptible to attack, Adobe uses very powerful encryption technology to protect the folios in the Distribution Service. Nevertheless, each Enterprise needs to evaluate whether its content requires this level of protection. For many customers, unencrypted folios are perfectly acceptable. For others, encryption will be a requirement. Encrypted content expands the reach of the DPS service for Enterprises and offers those customers a pathway to distribute sensitive content to tablets.