In a global economy, an organization's workforce may be located in various locations around the world. Because computers, and the potentially proprietary data that they may contain, may not be contained in a secure environment under the control of the company, there is a real risk that proprietary, confidential, and/or sensitive data (herein referred to as “protected data”) may be accessed or intercepted by unauthorized parties, whether by access to (or theft of) the personal computer or by interception of the data going across the connection to the remotely located personal computer. In addition, a company must try to protect itself from the theft of protected data by an employee or contractor having access to that data.
Conventional approaches to these problems include disabling the hardware that a malicious or unauthorized user might try to use to move or copy protected data to another location. For example, a worker in a remote location may be provided with a laptop computer having no floppy disk, no CD/DVD burner, and USB ports disabled. However, this is not an ideal solution because there is nothing to stop that worker from adding a mass storage peripheral, activating disabled ports, and so on.
Another conventional approach to these problems involves embedding some form of data within a file. This data is herein referred to as a “digital watermark” (or just “watermark” for brevity), and is named after the faint design that is made in some paper during manufacture, that is visible when held against the light, and that typically identifies the maker. A watermark may be hidden with an image file, a text file, or other type of file. The watermark data may identify the file itself, the source of the file, the computer or network address of the current location of the file, the name of the user that created, accessed, or modified, the file, or other information. However, this approach has two disadvantages. First, a savvy user may know how to identify and manipulate or remove the digital watermark. Second, the watermark may be lost when the file is converted from one form to another. For example, an image file may be converted from one format to another, e.g., from JPG to PNG. Likewise, a text file may be printed to PDF, scanned to a TIFF file, and so on. The watermarking information may be lost during those conversions.
Furthermore, most operating systems have the capability to take screen shots, i.e., images of data that is displayed on the computer screen at a given moment. These screen shots, which may display images, the contents of text files, and the like, may be printed, emailed, or saved to disk for later transfer. In this manner, protected data may still be compromised, even in systems having disabled peripherals, and even in systems that use digital watermarks within the files themselves.
Even in systems where the screen shot function is disabled, a malicious or unauthorized user can take a picture of the computer screen using a camera. In this scenario, a company that discovers that its protected data is being leaked by screen shots or photos is likely to be highly motivated to determine the source of the leak.
Thus, there is a need for a computing platform that allows an organization to secure its protected data from unauthorized access and to provide some way to identify the source of leaked data if that occurs. More specifically, there is a need for methods and systems for secure content watermarking and for identifying the source of leaked information.