1. In Acrobat Home, choose See all tools > Protect a PDF > Manage security policies.
Setting up security policies for PDFs Part 1
Note
For a full list of articles about security, see Overview of security in Acrobat and PDF content.
Types of security policies
If you often apply the same security settings to multiple PDFs, you can save your settings as a policy that you can reuse. Security policies save time while ensuring a consistently secure workflow. Creating policies for password and certificate security lets you reuse the same security settings for any number of PDFs. Two kinds of security policies are available:
Organizational policies are especially useful if you want others to have access to PDFs for a limited time. Adobe Experience Manager - Forms Server (Document Security) policies are stored on a server. Users must have access to the server to use these policies. Creating these policies requires specifying the document recipients from a list on Adobe Experience Manager - Forms Server (Document Security). Adobe Experience Manager - Forms Server (Document Security) controls access to PDFs and auditing events as defined by the security policy. You can use Experience Manager - Forms Server (Document Security) if your company has licensed the software and made it available to you.
User policies are created and applied by individuals. If you apply the same security settings to numerous documents, you can save time by creating a user policy. Then, apply the user policy to documents. User policies for passwords and public key certificates are stored on your local computer. With access to Adobe Experience Manager - Forms Server (Document Security), you can create a user policy that’s stored on the Forms Server. That policy is available only to you.
How organizational policies are authenticated
In addition to reusing security settings, policies stored on Adobe Experience Manager Forms Server (Document Security) enable you to expire and revoke documents. You can also maintain accountability by auditing users who open protected documents.
A. Policies are stored on server. B. Policies are applied to a PDF. C. Users can open, edit, and print a document only if permitted by policy.
Setting up server-based security policies involves four main stages:
Configure the Adobe Experience Manager - Forms Server The system administrator of your company or group usually configures Adobe Experience Manager - Forms Server (Document Security), manages accounts, and sets up organizational policies. For more information on configuring Adobe Experience Manager - Forms Server (Document Security), see the Adobe website.
Publish a document with a security policy An author creates a PDF and applies a policy stored on Adobe Experience Manager Forms Server to the PDF. The server generates a license and unique encryption key for the PDF. Acrobat embeds the license in the PDF and encrypts it using the encryption key. The author or administrator can use this license to track and audit the PDF.
View a document with a policy applied When users try to open the secure PDF in Acrobat, they must authenticate their identities. If the user is granted access to the PDF, the PDF is decrypted and opens with the permissions specified in the policy.
Administer events and modify access By logging in to an Adobe Experience Manager - Forms Server (Document Security) account, the author or administrator can track events and change access to policy-secured PDFs. Administrators can view all PDF and system events, modify configuration settings, and change access to policy-secured PDFs.
Create a user security policy
User policies can use passwords, certificates, or Adobe Experience Manager - Forms Server (Document Security) to authenticate documents.
The policies for password and certificate security can be stored on a local computer. Security policies created using Adobe Experience Manager - Forms Server (Document Security) are stored on a server. You can audit actions and change security settings dynamically. You can use Adobe Experience Manager - Forms Server (Document Security) if your company has licensed the software and made it available to you.
Create a password policy
2. Select New.
3. Select Use passwords, and then select Next.
4. Type a name and description for the policy, do one of the following, and then select Next:
To specify passwords and restrictions when applying this policy to a document, clear the Save Passwords With The Policy option.
To save passwords and restriction settings with the policy, select Save Passwords With The Policy.
5. Specify a compatibility setting and password options. If you selected Save Passwords With The Policy, specify the password and restrictions. Select OK.
6. Review the policy details, select Finish, and then select Close.
Create a certificate policy
1. In Acrobat Home, choose See all tools > Protect a PDF > Manage security policies.
2. Select New.
3. Select Use public key certificates, and then select Next.
- 4. Type a name and description for the policy, and specify the document components to encrypt.
Certificates must be current and have key usage that allows for encryption.
- 5. Determine how to enforce the policy:
To create a policy that is associated with individual recipients, do not select Ask For Recipients When Applying This Policy.
To create a policy that is associated with individual documents, select Ask For Recipients When Applying This Policy.
- 6. Select an encryption algorithm from the menu that is compatible with the recipients’ version of Acrobat, and click Next.
- 7. Do one of the following:
If you select Ask For Recipients When Applying This Policy, review the policy settings and then select Finish.
If you did not select Ask For Recipients When Applying This Policy, specify recipients by selecting digital IDs (including your digital ID). Then select Next.
8. Select Finish.
Related Articles
Setting up security policies for PDFs Part 2
Creating policies for secure file attachments You can add security to one or more documents by embedding them in a security envelope and sending it as an email attachment. This method is useful if you want to send a secure file attachment without ...Certificate-based signatures Part 1
A certificate-based signature, like a conventional handwritten signature, identifies the person signing a document. Unlike a handwritten signature, a certificate-based signature is difficult to forge because it contains encrypted information that is ...Enhanced security setting for PDFs
PDFs have evolved from static pages to complex documents with features such as interactive forms, multimedia content, scripting, and other capabilities. These features leave PDFs vulnerable to malicious scripts or actions that can damage your ...Overview of security in Acrobat PDFs
Security applies in two general contexts: application (software) security and content security. Application security involves customizing security features to protect Acrobat and Reader against vulnerabilities, malicious attacks, and other risks. ...Choosing a security method for PDFs
By adding security to documents, you can limit viewing, editing, printing, and other options to only the specified users. Choosing which type of security to use Security features range from relatively simple measures to sophisticated systems adopted ...