The systems I'm familiar with require you to obtain a decryption key from a server every time you want to view the content. Once decrypted and viewable on the screen they deter you from saving/printing the content. Most can prevent the basic user from printing and select/copy operations (not hackers, not people with video capture boards,...).
The decrypted content and key are never stored on any persistent media on the client. Assuming recipients are not taking pictures of the screen with their camera, the content can be "shredded" by deleting the key from the server. The only thing left on the client is an encrypted document (with no decryption key).
The goal isn't to absolutely prevent the user from printing/saving the document. Most./ readers know that's provably impossible. The goal is to help control a company's information by guiding users in the right direction. There are a number of examples where this type of solution could have helped companies (e.g. Enron, Microsoft, Arthur Anderson,...). If two company executives are communicating about how they'll cut off their competitor's air supply, they both probably want that communication to be kept secure.
There are a lot of other issues, some of which were touched on by the AP article. For example, you have to maintain a retention policy on your server backups. You also have to worry about forensic analysis on the server hard drive, etc. These are somewhat solvable (burn the backup tapes after your corporate retention policy says it's OK, clean and rebuild the server database, etc.).
Slashdot Mirror
The systems I'm familiar with require you to obtain a decryption key from a server every time you want to view the content. Once decrypted and viewable on the screen they deter you from saving/printing the content. Most can prevent the basic user from printing and select/copy operations (not hackers, not people with video capture boards, ...).
./ readers know that's provably impossible. The goal is to help control a company's information by guiding users in the right direction. There are a number of examples where this type of solution could have helped companies (e.g. Enron, Microsoft, Arthur Anderson, ...). If two company executives are communicating about how they'll cut off their competitor's air supply, they both probably want that communication to be kept secure.
The decrypted content and key are never stored on any persistent media on the client. Assuming recipients are not taking pictures of the screen with their camera, the content can be "shredded" by deleting the key from the server. The only thing left on the client is an encrypted document (with no decryption key).
The goal isn't to absolutely prevent the user from printing/saving the document. Most
There are a lot of other issues, some of which were touched on by the AP article. For example, you have to maintain a retention policy on your server backups. You also have to worry about forensic analysis on the server hard drive, etc. These are somewhat solvable (burn the backup tapes after your corporate retention policy says it's OK, clean and rebuild the server database, etc.).