nextPage® security strategies

The NextPage Enterprise Service never transmits or stores files. Instead, it stores only information about the files. Users continue to work with files exactly as they did prior to subscribing to the NextPage service.

Consequently, many of the security vulnerabilities that typically arise with conventional document repositories simply do not apply to the NextPage service.

The number one document security question on every user’s mind is this: who will be able to see my files? Without NextPage, users control visibility by choosing where to store their files. For example, while a file is private, its author may store it on her own hard drive, then send it via email when she is ready to share it with one or two other individuals in the organization—effectively eliminating anyone else who should not be involved. When it is ready for broader consumption by her department, she may post it to a network repository that she knows is accessible only to her department. In fact, this progression from private to relatively public is one of the factors that may cause her not to start the document in the network repository in the first place.

NextPage changes none of these practices. If a user would not have been able to open a file without NextPage, he still cannot do so if NextPage is present. Even when a user clicks one of NextPage's convenient links to upload or open a file, he is using only his own security credentials.

With the NextPage platform, people see only the versions of files you want them to see. For example, sending the final version of a proposal to a customer does not give him the ability to obtain or see previous versions of the file, even if he also uses NextPage.

This security principle remains true even when NextPage metadata are embedded ("stamped") in a file. A hacker who understands the NextPage metadata format cannot use this information to obtain access to a different version of the same file. In this way, NextPage metadata DNA works like biological DNA. Suppose John is Bob’s son. No amount of testing on John’s DNA would enable a scientist, no matter how gifted, to reconstruct Bob. However, if you have DNA from both John and Bob, you can tell that John is descended from Bob. But unlike biological DNA, NextPage can detect this genetic relationship with 100% certainty.

Some organizations use encryption software to protect documents from unauthorized viewing while they are in transit via email or some other transport medium.

This does not present a problem for the NextPage service, which decodes a file’s genetic ancestry without regard to how it travels. As soon as a document is decrypted by its intended recipient, the NextPage tracking service detects its presence and continues to track it.

This is yet another example of how using NextPage allows you to leverage all of your existing security tools, conventions, practices and policies.