Security Best Practices
Keep your documents and organization secure
Follow these security best practices to maximize protection when using PDF Ghost.
Account Security
Strong Authentication
Use Strong Passwords
- Minimum 12 characters
- Mix of uppercase, lowercase, numbers, symbols
- Avoid common words or patterns
- Don't reuse passwords from other services
Enable Two-Factor Authentication If available in your organization:
- Add authenticator app (Google Authenticator, Authy, etc.)
- Save backup codes in secure location
- Don't share codes with anyone
- Use different 2FA for different services
Session Management
Review Active Sessions Regularly
- Check Settings → Security → Active Sessions
- Look for unfamiliar devices or locations
- Revoke any suspicious sessions immediately
Sign Out When Done
- Always sign out on shared computers
- Use private/incognito mode on public devices
- Don't save passwords in public browsers
Social Login Security
If using connected accounts:
- Keep your Google/GitHub account secure
- Review authorized applications regularly
- Revoke access if no longer needed
Organization Security
Team Member Management
Principle of Least Privilege
- Give members only the access they need
- Use Member role for regular users who create jobs
- Reserve Admin for trusted team leaders
- Only give Owner role when transferring organization control
Regular Access Reviews
- Review member list monthly
- Remove departing employees immediately
- Audit admin access quarterly
- Update roles when responsibilities change
Invitation Security
- Verify email addresses before inviting
- Don't send invitations to external addresses
- Revoke unused invitations
- Use corporate email domains only
Job Security
Recipient Verification Before creating a job:
- Double-check all recipient emails
- Verify names are correct
- Remove any test or invalid entries
- Confirm you have authorization to send
Visible Watermarks Consider using visible watermarks:
- Deters unauthorized sharing
- Reminds recipients of confidentiality
- Provides visual confirmation of fingerprinting
- Can include confidentiality notices
Distribution Security When sending fingerprinted PDFs:
- Use encrypted email when possible
- Secure file sharing services only
- Never post in public locations
- Track who received what and when
Document Protection
Before Fingerprinting
Document Preparation
- Remove sensitive metadata first if needed
- Ensure document is final version
- Check for embedded objects or scripts
- Test PDF opens correctly
Content Review
- Verify all information is appropriate
- Remove draft markers or comments
- Check page numbers and ordering
- Ensure proper formatting
After Distribution
Monitor for Leaks
- Set up Google Alerts for document keywords
- Check relevant forums or sites
- Review employee departure procedures
- Conduct periodic audits
Recipient Education Educate recipients about:
- Confidentiality requirements
- Consequences of unauthorized sharing
- Proper handling procedures
- Who to contact with questions
Data Protection
Privacy Considerations
Minimal Data Collection
- Only add necessary recipient information
- Don't include excessive personal data
- Use email addresses instead of full profiles
- Review data retention policies
Secure Storage
- Download artifacts promptly
- Store locally in encrypted drives
- Use secure backup solutions
- Delete from PDF Ghost when no longer needed
Data Retention
- Retention periods vary by plan (Free: 7 days, Starter: 30 days, Pro: 90 days, Team: 180 days, Enterprise: 365 days)
- Download important artifacts promptly before your plan-specific retention period expires
- Delete jobs when distribution is complete
- Archive systematically
Compliance
Industry Regulations Ensure compliance with:
- GDPR (for EU recipients)
- CCPA (for California recipients)
- HIPAA (for healthcare documents)
- SOX (for financial documents)
- Industry-specific requirements
Internal Policies
- Follow your organization's data handling policies
- Document distribution procedures
- Maintain audit trails
- Report incidents properly
Incident Response
If You Suspect a Leak
-
Document Everything
- Save the leaked document
- Note where you found it
- Record date and time
- Screenshot the location
-
Use Leak Detection
- Upload the document to PDF Ghost
- Run leak analysis
- Save the results
- Export the evidence report
-
Internal Investigation
- Don't confront recipient immediately
- Review distribution records
- Check job history
- Assess damage
-
Escalate Appropriately
- Notify your security team
- Contact legal counsel if needed
- Follow incident response procedures
- Report to management
If Your Account is Compromised
-
Immediate Actions
- Change your password immediately
- Revoke all active sessions
- Enable two-factor authentication
- Review recent activity
-
Assess Impact
- Check recent jobs created
- Review member changes
- Verify billing information
- Look for unauthorized access
-
Notify Others
- Alert your organization admins
- Contact PDF Ghost support
- Inform affected team members
- Update security procedures
Best Practices Checklist
Daily
- Sign out when leaving workstation
- Verify recipient information before creating jobs
- Use strong, unique passwords
Weekly
- Review active sessions
- Check for completed jobs to download
- Monitor plan usage
Monthly
- Review organization members
- Audit job history
- Update passwords
- Review security settings
Quarterly
- Comprehensive access review
- Security training for team
- Update security procedures
- Compliance audit
Security Features in PDF Ghost
Built-in Protection
Invisible Fingerprinting
- Undetectable to recipients
- Survives printing and scanning (to some degree)
- Unique per recipient
- Cryptographically secure
Secure Storage
- Encrypted at rest
- Secure transmission (HTTPS)
- Isolated per organization
- Regular security audits
Access Controls
- Role-based permissions
- Organization isolation
- Secure authentication
- Session management
Audit Trail
- All actions logged
- Job creation tracked
- Download events recorded
- Member activity monitored
Next Steps
- Review Privacy Practices
- Learn about Leak Detection
- Read FAQ