Just like Sertainty, today’s advanced DRM solutions allow data owners to create and encrypt files and apply various governance rules. However, DRM solutions conduct all the critical security functions at a network location, generally remote from the user. This means the governance enforcement, authentication, and key management functions occur at that location as well. This approach leads to these primary problems:
- During key transport (which occurs at least twice in this process) there is an opportunity to intercept the transmissions.
- If a network intruder or insider threat acquires root access to the DRM server the keys become vulnerable or the server becomes a valuable ransom attack target.
- Since most governance functions occur at the server level, if network access is unavailable, then information inside the file is unavailable. To resolve this, traditional DRM solutions implement temporary local key storage to allow off-line access – ultimately those features only circumvent the governance rules to accommodate availability at the expense of security.
- Lastly, and perhaps most distinguishing, traditional DRM is limited to file-level decryption. Meaning, you access all of it or none of it.
The Sertainty technology enables software developers to avoid these issues by implementing a decentralized protection and governance architecture that internalizes and enforces these functions from within the file. This eliminates the need for an external server, the dependency on infrastructure and the resultant attack surfaces.