myDBR Forums » Feature requests & improvement ideas

Excel & PDF export files - include "digital signature" based on logged in user

(2 posts) (2 voices)

  1. eugfri, Member

    hi,

    My client is very concerned about protecting his data and we are looking for the ways to "lock down" environment in order to minimize potential data loss due to accidental or malicious user actions.

    1) One of the things we'd like to do is to limit Excel/PDF etc export based on user group and its already done via programming logic in reports themselves. Also, for those users who are allowed to download reports into Excel/PDF, we'd like to have in those files some kind of marker (signature) we can use in order to configure DLP (Data Loss Prevention) feature on our Checkpoint hardware device, i.e. so it would be able to detect the fact of files with the signature being transferred outside of our network and block the transfer (email with attachment, ftp, http post etc)

    2) Disable copy/paste from MyDBR screens - this can be done via javascript and its something I am intending to implement programmatically, also, based on user groups.

    It would be great for MyDBR to enable "markers" in exported Excel/PDF files in order to be able to use the marker for configuring DLP.
    Please advise if you think this could be added as feature to the new MyDBR release.

    Thank you!

  2. myDBR Team, Key Master

    Hi,
    so you are trying to limit the ways user can interact with the data (s)he has access to. That will be bit difficult.

    You can take some steps to make things more traceable, but trying to solve the issue on the browser level is not really going to do much. In worst case you cripple the access to the data for valid users and gain nothing on users who are not compliant.

    Things that can be done:

    • We can add the metadata to the created Excel files.
    • You can add metadata to PDF files can be done via postprocessing the created PDF files (you can script this yourself with qpft, pdftk by overriding the direct call to wkhtmltopf)

    Things that will make securing the data user has already access to challenging:

    • Blocking copy/paste from web page is impossible. You can make it bit harder, but cannot prevent it. As a security measure, it would be void.
    • User has plenty of ways exporting the data from a webpage (print it, print to PDF, save as HTML)
    • User can take screenshots, pictures from the webpage
    • Etc. etc.

    These remarks would apply to all web applications.

    --
    myDBR Team


Reply

You must log in to post.