Skip to content

Securing PDF Packs and Snapshots

Overview

Brief Connect implements built-in security for all generated PDF packs and snapshots to ensure document integrity and prevent unauthorised modifications. This guide explains how this protection works, what actions are permitted or restricted, and where this security is applied.

It is important to note that while these files are secured against tampering, they are not password-protected for viewing. Anyone with access to the file can open and read it without needing a password.

How Security Works

Brief Connect uses an owner password to secure PDF documents, rather than a user password.

  • Owner Password: A unique, randomly generated password is assigned to the document when it's created. This password locks the document's permissions, preventing any changes to its content or security settings. It is stored internally and is not intended for user access.
  • User Password: No user password is set. This means users are not prompted to enter a password to open or view the document.

The primary goal of this security model is to maintain the PDF as a read-only, tamper-proof record.

Permissions and Restrictions

The following table outlines what users can and cannot do with the secured PDF files:

Permitted Actions Restricted Actions
✅ View the document ❌ Edit or modify document content
✅ Print the document (in full quality) ❌ Add or edit annotations and comments
❌ Copy or extract text and images
❌ Fill in interactive form fields
❌ Assemble the document (insert, delete, or rotate pages)

Scope of Protection

This security protection is automatically applied to all PDF documents generated by Brief Connect, including:

  • On-Demand PDF Packs: When a user generates a PDF pack directly from a record.
  • Automated Snapshots: When a workflow transition automatically creates a snapshot of a record.
  • Bulk Exported PDF Packs: When multiple records are exported as a single PDF pack.
  • Signed Documents: When a document is processed through a signing workflow.

Optional: Watermarking

For additional auditing and tracking, Brief Connect also supports optional watermarking on generated PDFs. When enabled via the WatermarkPDF setting, a watermark is added to each page, typically including the name of the user who generated the document and a timestamp. This feature works alongside the security restrictions.

See Enabling PDF Watermarking for instructions on how to configure this feature.