Document control is a major issue for engineering and building firms. Adobe has come up with a system that uses the Internet to allow the authors to retain complete control over documents sent outside of their companies.
Product: LiveCycle Policy Server
Price: see text
Imagine, if you will, a technology that enables you to send secure documents to project members, outside of a traditional document management system, that allows you to retain control and provide feedback on nearly all aspects of that documents usage. A system which provides a mechanism to pre-determine a ‘time-out’ date, after which it cannot be used, or a real-time ability to render documents unreadable by specific team members, contractors or companies bidding for work. Imagine being able to universally remove access to an old drawing that has been updated, on any user’s machine, wherever in the world, while pointing them where to download the current version. Consider the benefits of a tool which provides an audit capability on the usage of one of your documents at another site or firm, such as how many times it has been opened, copied, forwarded or printed. Adobe calls this persistent control. After running the system at the office on a server, I call it bloody amazing!
Adobe PDF is pretty much an industry standard in both the MCAD and the AEC markets. The benefits of PDF are obvious; a common format that everyone can read (Acrobat reader is omnipresent on most PCs), a format that acts as a wrapper to encapsulate nearly every other digital document (Office, CAD etc), document review/mark-up, powerful digital forms capability, add digital signatures and add levels of security, like encryption that can protect the contents from those that don’t have the password. However, after a PDF has left the building, with whatever security settings you have assigned, it pretty much has a life out of your control. This is where, to give it its full name, Adobe LiveCycle Policy Server (ALPS) comes into the picture, extending control of that document outside of your Firewall, online and offline.
With Adobe Acrobat PDFs you can have three levels of security: Password, Public Key Encryption and Adobe LiveCycle Policy Server. For Password and Public key protection, it’s possible to create and reuse the same security settings that are stored on the local computer. With Adobe LiveCycle Policy Server, the security settings are stored on a server and managed by an administrator.
So, as the name would suggest, Adobe LiveCycle Policy Server is a server-level product which is targeted toward medium to large enterprises. While it could be deployed within just the engineering department, the kind of capabilities on offer could be used by any part of a company that distributes sensitive information, or simply wants to retain control of its Intellectual Property (IP) wherever it may end up, even behind other firm’s Firewalls.
The key to this technology are the security components delivered within PDF and Adobe Acrobat, as only Acrobat PDF files can be controlled and maintained in this way by the Policy Server. The essential components to this product, are the freely available Acrobat Reader clients, the Acrobat (and/or Professional) PDF authoring tool and the LiveCycle Policy Server. PDFs are secured using ‘security policies’ set in the PDF Authoring tool, while linked to the Policy Server. Security settings can also be done via a batch file or within products such as Microsoft Outlook. All security settings are stored on the LiveCycle Policy Server. These secured PDFs are then distributed by normal email methods (Microsoft Exchange Server etc.) to individuals or organisations and they are opened in the free Acrobat Reader clients, which link back, over the web, to the Policy Server when they encounter PDFs that have security policies limiting access or usage. However the web is not essential to control access as the PDFs can have default settings should a PDF and Reader not be online (perhaps on a laptop during a plane journey). Here secured PDFs can be configured to not open at all, or open with many Acrobat capabilities restricted, such as the ability to print.
The application resides on a server behind your firewall and serves up an HTML administration console to allow its configuration – that’s to say, set up distribution lists, audit features the security policies. Once people have been added they are notified that they have been granted rights to receive secure documents and they register with the server. Each time they get a document and launch Acrobat Reader to view a secure document, they must log in.
Security policies are similar to a template or preset, and they capture your security settings for reuse. There are two kinds of security policies that you can apply to PDF documents. A user policy is developed and applied by an individual user, and is stored on a local computer. An organisation policy is developed for an organisation and is stored on a policy server to be shared by a group. These security policies can be stored as favourites and appear in Adobe Acrobat authoring when looking at the security menu. It’s simply a case of applying a preset security setting to the current document e.g. the document may only remain accessible for two weeks and then all viewing rights will be revoked.
It’s possible to set many criteria in a security policy, like: ‘no printing’, ‘reduced resolution printing only’ and ‘no editing’. For each security policy it’s also possible to configure the audit capability, logging such events as how often a document has been printed, modified, open/closed, form filled or signed. Using the Admin tool, it’s possible to call up the audits for each of the documents and see exactly how people inside or outside of your company have used it.
Unlike most of the software that we review in this magazine, Policy server is a true enterprise application and needs to be set-up within the framework of your existing network. In our instance, the server took the engineer a day to install and set-up but was quickly in use after a short demonstration of the features now available both within Acrobat and from the Admin console.
To buy the server outright, the product is not cheap, weighing in at $50,000. However, Adobe offers other flexible models; The pricing for Adobe LiveCycle Policy Server has two other options: Per User or Per Document – the later is suited for standard volume documents; i.e. electronic statements, forms or e-invoices and is priced from ú7,000 per document type (i.e. a document type would be; standard high volume invoice generated as a PDF from an SAP system with the underlying XML to provide system-to-system integration.) This comes down to ú3,500 per document type if you pay to add up to 50 document ‘types’.
Then there is User based pricing which starts from 500 users at ú44 per user, but as soon as you get to 1,000 users, this dips beneath ú36 per user…and at 5,000 users it gets to ú30 per user.
There are also some integrated suites, where Policy server comes bundled with our LiveCycle Enterprise Solutions for Manufacturing; like Adobe’s process management suite and document generation suite – both of which integrate with ERP, Supply Chain and PLM systems where Adobe LiveCycle Policy Server becomes more attractively priced in as part of a total package.
I have to admit that the powerful capabilities that Adobe LiveCycle Policy Server offers, do come at a considerable cost. However, it is a unique way to maintain control of data outside of a traditional managed environment. On important projects, where security, or something as simple as ensuring everyone has access to the most up to date drawing is important, the policy server addition to PDF, could lead to less errors on site, better traceability, accountability and more control.
One obvious advantage would be the control of documents at remote locations, such as on-site at a construction, or at a remote/offshore manufacturing plant. Instead of using a web hosting service, Adobe LiveCycle Policy Server would allow the architect or design company to issue new drawings, while withdrawing the others. The web hosting option would allow the contractor or production manager to continue using the old version, should they not be informed of an important design change, which produces a revision.
Adobe is working with a number of other developers to refine Policy Server’s capabilities within the CAD market, extending the control and reporting function to include more engineering functionality. It would be interesting, after all, to know if any geometry was copied and pasted out of your drawings, or maybe selectively chose which parts of an assembly can be seen by different suppliers. It will be fascinating to see how Adobe will progress this technology in our market. The document industry hasn’t yet done a good job of making encryption and digital signatures particularly user friendly. This solution takes all the pain and hassle of using public key encryption, as well as digital signatures, you simply apply a security policy and the document obeys.
If your company uses PDFs as a standard format for document distribution and the volume and value of the content is worth protecting, I highly recommend trialing an Adobe LiveCycle policy Server, it sort of works like magic.