February 13th, 2007, 05:46 AM
secure file share
I have a few powerpoint files that I like to have my employees (all using PCs in my LAN) view for sometime.
All the PCs are also connected to internet and have USB. If I put them in a file-share they can as well e-mail them over or copy in other ways.
I want to minimize such risks and am in need of say a Secure Viewer which will let them just view the files but nothing else, just inside my LAN.
I am a startup with just 4 employees and I cannot afford much. Looking for a opensouirce/freeware or a product less than $50.
All are windows xp machines just connected on a LAN (without any Windows server, so they all are peers).
I want them to sit in front of the machine, be able to open the powerpoint slides I prepared, but not be able to copy them to a USB drive, or just e-mail them over to their personal ID etc.
So, I am dreaming of a magical secure-viewer that allows them to see the files inside it but does not allow anything else like copying to USB or internet.
February 13th, 2007, 09:23 AM
for example, there is a commercial product caLLED LockLizard Protector that does exactly what I want, but then it is very expensive.
February 13th, 2007, 09:43 AM
Hi, and welcome to AO.
I am not aware of any Powerpoint "secure viewer"..............part of the problem is that you are dealing with a Microsoft proprietary product, so there isn't much call for third party viewers, apart from those that might ship with a compatible office suite, and they will work pretty much the same as powerpoint does.
I have always been led to believe that Powerpoint presentations are particularly difficult to protect, due to their architecture. Basically you have a .ppt folder that you open within the application, and it resolves to a number of individual slides (images).
I know that there are a number of proprietary applications that claim to protect your proprietary data from copying, but I remain to be convinced that they really work against a determined adversary. I do know that they are neither free nor cheap.
OK. Say you can block copying to USB and CD, transmission over the internet and the like. That still leaves you with covering the print option within powerpoint, the local screenprint function and the very obvious digital or cellphone camera.
I also understand that a lot of these "security solutions" are vulnerable to the use of a Virtual Machine Environment, or a "Live CD" simply because they do not "see" them.
You say that you have 4 employees...........
1. Do they all need to access the presentation at the same time?
2. Do they need to access it on a regular basis, or is this some type of one off presentation, like a training course for example?
EDIT: At the end of the day, what is there to stop them writing it down or memorising it and then going and recreating it off your system?
I have had a look at the LockLizard product description, and I do not believe that it does what you want. I don't think that it can protect Powerpoint presentations.
The reason I say this is that it appears to work like a number of other (and cheaper) products of that type. Basically it encrypts your files and only allows them to be opened and manipulated within the security application itself. You can set rules as to what is and is not allowed.
Whilst you can obviously encrypt Powerpoint presentations, you have to open them in the Powerpoint application, or something similar.
The basic problem is that Powerpoint was never intended for developing secure commercial applications.
The workaround that I would suggest is to look for an application that will convert your Powerpoint presentations into something else that these security applications can secure.
Last edited by nihil; February 13th, 2007 at 01:25 PM.
February 13th, 2007, 02:05 PM
I am not looking at a 100% secure solution as I understand that there is no such thing. So, my goal is not to protect from digital and mobile cameras. Similarly I dont care if they write down the notes. May be I can convert the PPTs into video files and some how make sure that they cannot copy them onto the USB drive or send them over internet by placing them into some kind of sandbox (which I dont know of)?
Experts, please air your opinions.
February 13th, 2007, 05:39 PM
The problem with most content is that you need to download it to view it. If you share it as PPS or PPT the users still have to download locally to view it. Even if you were to go as far as to use FlashSpring to export the PPT into a Flash movie their web browser would give them the option to save the SWF file.
With a Windows 2003 AD environment you could invoke RMS (Rights Management Services) with Office 2003 and throw it on a share. With RMS you could restrict download, viewing, printing, copying or saving of the file. Users could open the file directly into PP2003 or they could use an ActiveX viewer if they don't have Office 2003.
If you don't have an AD or Office 2003 what you could do is to set up a MS Terminal Server session on Win2K (because XP can't map RDP drive letters with Win2k), lock the server down with a GPO (that mitigates any mapping of gdrives) and host the file in this central location. When they connect using Remote Desktop from their XP machines they will be able to view the content but unable to save it to any shares or mapped drives. You could turn on file access auditing so you could at least generate an event if they managed to copy the file some how.
Also, as TopLang has a product called Desktop Lock Business Edition. It's $50 USD and allows you to keep a PowerPoint show running while locking the computer (keyboard as well) and you could run it on a separate PC that each of your 4 users can take turns using. http://www.toplang.com/desktoplockb.htm
Anyhow, good luck.
Last edited by aciscorouter; February 13th, 2007 at 05:50 PM.
February 15th, 2007, 01:07 PM
Thank you everyone. Bravo and net-it now seem to be working.
By cheyenne1212 in forum Miscellaneous Security Discussions
Last Post: February 1st, 2012, 01:51 PM
By ThePreacher in forum Miscellaneous Security Discussions
Last Post: December 14th, 2006, 08:37 PM
By XTC46 in forum Site Feedback/Questions/Suggestions
Last Post: August 24th, 2005, 07:52 PM
By Tiger Shark in forum The Security Tutorials Forum
Last Post: March 4th, 2004, 04:00 PM
By Noble Hamlet in forum AntiOnline's General Chit Chat
Last Post: March 17th, 2002, 08:38 AM