We’re happy to announce that Adobe has joined SAFECode (Software Assurance Forum for Excellence in Code), a non-profit organization focused on the advancement of effective software assurance methods. We’re looking forward to sharing information on our software security process, learning from other SAFECode members, and helping to drive industry-wide software security initiatives. More information can be found here, and a Q&A with Adobe’s Brad Arkin can be found on the SAFECode blog here.
McAfee and Adobe today announced their global strategic partnership across enterprise and consumer businesses. For enterprises, the companies are developing an integrated solution to expand data protection across the enterprise using data loss prevention and rights management technologies. For consumers, McAfee’s free diagnostic tool, McAfee Security Scan, is available as an optional download to customers when installing Adobe Reader and Adobe Flash Player.
Building on the delivery of the PDF format to the International Standards Organization (ISO) as ISO 32000-1, Adobe has been collaborating with standards bodies around the world to make it easier for companies, organizations and individuals to leverage the ubiquity of PDF to make business processes quicker, easier and more reliable. However, the rush to go paperless has often fallen short of its true potential because signing a document oftentimes brings business critical processes crashing to a halt, requiring users to print out the previously electronic document in order to apply their nom de plume with an ancient writing implement. Electronic signatures are obviously the solution, but there’s still the question of interoperability and the use of electronically signed documents within certain legal frameworks, such as the European Union (EU). With last week’s announcement of an ETSI open standard for PDF digital signatures, that question can now be answered.
ETSI/ESI Technical Standard (TS) 102 778, better known as PAdES (pronounced with either a long or short a), documents how the digital signature format described in ISO 32000-1 meets the needs of the 1999 EU Signature Directive (see previous blog entry), and then goes on to describe how that format can be expanded to take advantage of certain capabilities such as long-term document validation, where digital signatures placed on documents today can be validated five, ten and even 50 years later. (The standard can be downloaded free of charge from the ETSI website at http://pda.etsi.org/pda/.)
The first part of Brad Arkin’s multi-part podcast interview with BigFix CTO Amrit Williams is now available. In his role as director of security and privacy, Brad guides Adobe’s long term security strategy. Part 1 of the interview describes Adobe’s current security focus and outreach efforts. It is a quick 9 minutes, check it out.
UPDATE: Part 2 and Part 3 are now available and complete the series. Part 2 touches on defense strategies and the internals of the PSIRT process, whereas Part 3 focuses on security during the product development cycle.
Canon announced today their imageRUNNER Advance Series to seamlessly bridge the distance between user and multifunction printer (MFP). These models have a tighter collaboration with Adobe technologies, by offering the ability to print and scan into a variety of Adobe PDF formats and integration with Adobe LiveCycle Rights Management ES to bring secure collaboration to PDF documents.
Integration with LiveCycle Rights Management is provided directly on the imageRUNNER ADVANCE control panel to easily select document security policies that persistent protect the electronic document after it is scanned on the device.
For the first time in history, the Honorable John M. Facciola, Magistrate Judge for the U.S. District Court in the District of Columbia, signed a judicial order, not with paper and pen, but with a digital signature! Press release here.
Judge Facciola viewing his just-digitally signed order in Adobe Acrobat. Courtesy National Notary Association (NNA).
Talk about setting precedent–while electronic filing has been required for some time, orders are typically printed out, signed, and then re-scanned into systems for filing. Not until now has there been such a vote of confidence in the legal significance and weight of a digital signature. By keeping the generation, signing and filing of the order completely electronic, the process is made much more efficient, potentially driving costs down and making the court’s systems work more effectively. This is the latest example of organizations understanding not only the integrity and authenticity benefits of digital signatures, but the resource savings also. Remember, it’s not so much the signature event that consumes time and money–it’s the processes around it.
Recently, Adobe launched its C2A (Click-to-Accept) service, providing partners and customers with the ability to electronically sign certain Adobe agreements without a lengthy approval and review process. And what’s more, not only was it developed with the cross-functional support of product, information technology and legal teams within Adobe, it’s also based on off-the-shelf Adobe server and client products, including Adobe LiveCycle® ES, Flash, and Adobe Reader®. We’ve talked in this blog about Adobe’s capabilities to support a wide range of electronic signatures within a single workflow, and here’s a clear example of that in production right here at Adobe.