We’re working on some exciting document security enhancements to ensure we continue to lead the industry in electronic data transmission. Our team is continuing to work diligently to release those.
In the meantime, I wanted to talk about how document safety has changed over the years… And how it’s both easier & more difficult to ensure you’re keeping all your information secure now that we live in a digitally connected world.
Document Security used to be simple
Before computers & the internet, the lifecycle of a document was pretty straight-forward. When someone handed you a document you knew it came from them.
Mail complicated things a bit. Sure, you could recognize someone’s signature but it was just as possible (although pretty unlikely) that someone else could copy that signature and start signing documents as that person.
Fax machines made that issue even more likely. With their low resolution it was hard to tell if there was a recognized signature at the bottom of a page or a random scribble. However, you could validate the phone number you received the fax from and interception was pretty unlikely.
The internet complicated matters
Now documents fly around the web all day. Proving where a document came from and where it’s going are things that can be reasonably accomplished with email addresses. But, there is a stronger possibility of that information being faked or documents being modified sender & receiver than ever before.
Adobe PDF has been the defecto standard for the last decade for document security. They’ve offered continually increasing security standards since the standards inception.
With an important document you need to verify the following information:
- Where the document came from
- Who the document was intended for
- Who signed the document
- That it hasn’t been modified during transmission
The fourth is the hardest to do.
Adobe PDF provides a means to ensure all of these requirements are met. It’s called a digital signature. (Not to be confused with an electronic signature. Yes, they are really two different things, read about the difference.) When you open a PDF in the standard Adobe Reader you can electronically sign a PDF – this doesn’t prevent modification later on and doesn’t reliably prove that the document came from you.
In order to create a digital signature you need a validated cryptographic certificate that reliably proves who you are. You also need a physical key to complete this validation or a Hardware Security Module. A Digital Signature is a much more reliable means of ensuring a document is what it looks like.
As compliance standards continue to increase in the backflow industry we intend to be ahead of the curve.
We aren’t satisfied with the status quo of providing electronically-signed documents and are moving to the higher standard of digitally signing all of the test reports submitted to water purveyors through C3.