Thursday, June 18, 2009

Redacting with Confidence

Redacting is the fancy term for blacking out parts of a document that you don't want other people to read.

With a physical document, this is pretty straightforward: you get a thick black marker, and you smear black ink over the sensitive part of the document until nobody can read it anymore.

With a softcopy document, this is trickier, because modern word processing software is pretty sophisticated, and although it allows you to mask over the text, the original text is still present.

I read about this years ago on Bruce Schneier's wonderful CryptoGram newsletter, and somehow it stuck in my mind.

Then, the other day, my wife asked me about how to do this properly, because it turned out that her office actually needed to redact a PDF document in a secure fashion.

I was impressed to see that the National Security Agency actually has some pretty good advice about this, published as a simple and clear document describing the overall process, with advice about common mistakes, and checklists for how to avoid them.

The most recent version of the NSA guide, which covers Word 2007, can be found at: http://www.nsa.gov/ia/_files/support/I733-028R-2008.pdf

A previous version, which covers older versions of Microsoft Word, can be found at:
http://www.nsa.gov/ia/_files/vtechrep/I333-TR-015R-2005.PDF

The documents are pretty good, in my opinion; your tax dollars at work!

No comments:

Post a Comment