Copyprotecting Excel Data

Question

4.00/5 (1 vote)

See more:

Hi, I have a client with a very precise requirement. The client receives an excel/pdf document with sensitive company data. This then gets distributed to some managers and external benefactors to inform them of the data.

Is there any way to prevent these people from keeping a copy of the data for themselves? eg. No printscreen, copy and paste, print. Also the data must only be available for 20min whereafter the screen must close and not be openable again.

My current idea is to write an asp app that will read and display the data for 20mins or until the user closes the window whichever comes first. Then use javascript to disable the printscreen and have the gridview read-only to prevent copy and paste.

Is this the only way to achieve this or is there an easier way I am missing?

Posted 13-May-12 23:46pm

Christopher Trevor

Add a Solution

Comments

John Orendt 14-May-12 15:22pm

How would you prevent someone simply taking a photo of the screen?

3 solutions

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

SASS_Shooter · Answer 1 · 2012-05-14T05:19:00

With all the requirements that you have surrounding these documents, I don't see that you have any choice but a custom application component.

The custom asp app will do it and you want to not only block print screen but also save page. (Actually ... cut off the ability for the context menu to display at all!) You would need a service to serve up the document and the service would have the task of timing out data availability as well as viewing only once. You would also need a component for the creator of the document who will define who can see it and provide the document to feed the service. That way your service can send out the email and start the clock ticking.

Seems with such sensitive data they should just pull the people into a room and show them a slide. That is the only way they could totally secure the information. :) The number one thing they teach in security is that the biggest threat of security breach comes from within.

Dave Kreskowiak · Answer 2 · 2012-05-14T06:39:00

Well, I don't see how you're going to stop anything in ASP or ASP.NET and JavaScript. It's about the most code-restricted environment there is. It's capabilities are very limited.

The problem with what you're doing is that you are "enumerating badness". You are trying to code to defend against a set of known attack vectors. But what about the ones you don't know of?

Simply disabling the normal print-screen will not stop someone from using another screen capture app, nor can you block all of those as well.

Are you going to stop someone from using Remote Desktop and/or Remote Assistance?

Seriously, the only way you're going to achieve these requirements is if the machine is setup in kiosk mode and is locked in a high-security room and it's the only machine that has any kind of access to the server it's getting data from.

All access should be logged and usage audited.

Really? What is this place? The Department of Defense?

---------------------------------------------------------------------

The problem with security is that it exists. The greatest threat to any lock is the existence of the lock itself. If the lock doesn't exist, you can't break it.

Christopher Trevor · Answer 3 · 2012-05-15T20:55:00

Solution 3

Thanks a lot for your input. The application is for a hospital group so it contains patient relevant information. That is why the high amount of security is necessary.

Posted 15-May-12 20:55pm

Christopher Trevor

Copyprotecting Excel Data

3 solutions

Solution 1

Solution 2

Solution 3

Add your solution here

Preview 0