Most of you who have seen my presentations have heard me make the claim that the Adobe product LiveCycle Rights Management, formerly known as LiveCycle Policy Server, is the future of security for the AEC industry. So what is LiveCycle Rights Management and how does is fit into your AEC workflow? LiveCycle Rights Management policy protects documents down to the document level. When you think about how you manage security today you are managing it at the application level. Most AEC companies have a Document Management application like Documentum, ProArc, etc. which protects the access point and what a user can or cannot do. Such as a user may have rights to a folder and they can view the document in that folder or even download. When a user downloads the document you now have lost full control of that document. LiveCycle Rights Management applies a policy to the document and you can maintain control even if the user has downloaded the document to their hard drive, burned it on a CD, put it on a thumb drive, etc.
It is a hard concept to grasp as first so you are probably asking how it works. LiveCycle Rights Management is an enterprise application. Meaning that you can either host it or you can subscribe to an ASP model. An administrator or end user sets up a policy and then any user can apply that policy to a particular set of documents. Once the policy has been applied it stays with the document for the life of the document. For example, let’s say that you send out an RFP or RFQ and it is due at 5 pm on Friday. You could setup a policy that expires that document at 5 pm on Friday and the user will no longer have access to it even if they have it burned on their hard drive. Also, another nice feature is that you can force revisions. If you issue Rev 1 and you need everyone to be working off Rev 2 you can revoke the access to Rev 1 and give them access to Rev 2. The user would open Rev 1 and it would tell them the document has expired and point them to the location of Rev 2. There is a whole host of capabilities in which I will describe in detail.
Typically when I talk about LiveCycle Rights Management, I am demonstrating Acrobat. The reason is because Adobe Acrobat gives you an access point to be able to setup policies on the LiveCycle Rights Management server as well as apply them to documents from within Acrobat. A very important point is that the technology does not just apply to pdf documents but supports other document types such as office documents and .dwg drawings in their native format.
I am going to take you through the administration and what the typical end user would see. First thing I am going to do is open up Acrobat and open the document that I want to apply the policy protection to.
Next I am going to select the Secure drop down at the top and then select to Manage Security Policies.
This will bring up the screen of all the security policies that I currently have access to. If I needed to apply the policy I could do so at this step.
I am going to take you through the steps if you needed to setup a policy to be applied to this document to highlight some of the capabilities of LiveCycle Rights Management. From the screen above I would select New to start the administration piece of the application.
From this screen I would select the “Use the Adobe LiveCycle Policy Server” option. Acrobat 8 has not been updated yet to reflect the new name of LiveCycle Rights Management. As indicated above I would click on next which would allow me to login to the LiveCycle Rights Management application.
The first step I would do is type the name of what I wanted to name the policy. In this case I am going to name it RFQ 2387. I can then setup either named users or anonymous users. This is important because if you setup a named user then it forces the user to login with their name and password. If you setup anonymous users then anyone can open the document. The reason this is important is a history or audit trail of all actions performed on a document can be tracked. If it is setup as named user then you can also revoke access or change access for each individual user. If you set it up as anonymous then it is an all or none type approach. In this case it is and RFQ that is going to expire at 5 pm on Friday and it will expire for everyone at that time so I am going to setup anonymous user.
Next I am going to scroll down the page and setup the Validity Period, Audit, and Offline lease period. In this case I am going to set the document to expire on a date and time. I could however setup a period of time or the number of days in which it is valid. Then I can choose whether to audit the document for an audit trail of actions taken on the document, and whether to give a lease for offline access. In anonymous user the audit trail will only show the actions taken on the document and will not show the user that performed the action. If you wanted the user name you would need to setup named users versus anonymous users. Also, you want to give an offline access period. People travel and are not always connected to the internet. The document has to communicate back with the server. In this case I am going to setup the offline access of 2 days.
Last, I can setup the type of encryption that I want, and the dynamic watermark, and whether only certified Acrobat plugins can be used. The dynamic watermark is a great feature. You can choose to have the user name of the user used as a watermark. This deters users from taking screen shots of the document. It would make them less likely to distribute the document to others if their user name was included on the document. In this case I am going to choose to use the “confidential” watermark to be applied to the document anytime it is opened, and then save the policy.
Once I save the policy, I can then go back to Adobe Acrobat and choose to Finish.
After clicking on Finish, you can see that the new policy is listed and available for me to be able to apply to this document. I simply select the policy and choose Apply to Document and save the file.
When I reopen the document you will see the lock in the top left of the document which indicates this document is secured and the watermark that has been applied to the document.
Next I am going to go back to the administration section of LiveCycle Rights Management and show you how you can audit the document as well as revoke or revision the document. The screen below shows the administration landing page.
I can then select the document option from the administration screen.
After selecting the document, I can then choose to view events, which will show me the audit trail of this document. Remember I set it up as anonymous user, so the individual users will not be shown.
Next I can go back to the main screen and choose either to revoke the document or to revision the document by taking away access to the original and pointing the user to the new version.
The next screen shows you how you can give it a reason, type a message to the user, and a url to point them to the new document.
Once I click on Ok the document it has been revoked and the user will no longer have access to the original but will be pointed to where the new document exists.
This highlights step by step both how a policy is setup and how it is applied to a document. Again, I think the future of security for the AEC industry is at the document level and not at the application level. Most end users would just simply be applying the policies to the documents and never see the administration. If you would like some more information you can visit the home page or contact your local sales rep.
Have Fun,
Jonathan
Leave a comment