FAQ
What kind of solution is Document Security?
Encrypting electronic documents generated within companies and organizations toEndpoint Document Security Orchestration Solution to Prevent Important Information from Being Leaked Externallyis.
- We bridge the gap between the previously complex internal security and flexible cloud collaboration through integration with cloud environments like Microsoft 365.
- Strategy for Coexisting Internal DRM and Cloud Securityresponds to changes.
- To solve document security issues arising in cloud environmentsCoexistence and OrchestrationProvides an approach.
What features have been improved in Document Security version 6 compared to previous versions?
- Improvements in Security Aspects
- KOSYASResponding to institutional requirements
- Improvement of security vulnerabilities such as offline functionality and header key management
- Strengthening Encrypted Communication and Responding to Latest Protocols
- CC CertificationSecuring Trust through Acquisition
- KOSYASResponding to institutional requirements
- Support for the latest versions of Windows and Office
- DS6 isReferenceOfficially supports Windows 11, Office 2024, and Hangul 2024, and quickly responds to the rapid changes in the IT environment.
- UX/UI Improvement
- Improvement of user experience with the introduction of a new UI exclusive to DS6 version
- Provides an intuitive and user-friendly interface compared to the previous version.
- Improving accessibility and usability of document security features
What should be prepared before introducing Document Security 6?
The main preparations are as follows.
- Understanding the Current Status of Existing DRM Solutions- Review integration options with the currently used document security solution
- Check Cloud Environment Configuration- Preparation for integration with cloud collaboration tools such as Microsoft 365, Google Workspace
- Establishing Security Policy- Document encryption policy, conversion policy when uploading to the cloud, etc.
- Network and Firewall Configuration- Network environment setup for secure communication
SOFTCAMP presents optimized document security orchestration solutions tailored to various scenarios such as the customer's DRM adoption status, cloud environment characteristics, and compliance requirements.
How is integration with the cloud environment supported?
Document Security 6 provides the following cloud integration features.
- Automatic conversion support when uploading cloud documents
- Internal DRM encryption document is automatically converted to be optimized for cloud environment.
- Microsoft 365 Support: Automatic Conversion of AIP Documents When Uploading to OneDrive, SharePoint, Teams
- Providing Equality in the Use of Collaboration Tools
- Providing equal accessibility and usability for encrypted documents, regardless of the environment or collaboration tools used.
- Cloud Plaintext Document Leakage Prevention
- Real-time detection and policy enforcement for plaintext documents downloaded or shared in cloud services
What is the document visibility feature?
Track the flow of the document to see what has happened since the document was created.Enhancing security management by making distribution channels traceableis a function.
- Tracking the entire lifecycle from document creation to distribution and usage
- Document Access History and Usage Pattern Analysis
- Establishing a real-time notification and response system for security policy violations
What is the difference between the permissions used for releasing and creating MIP documents?
In Document Security 6, permissions are distinguished and used as follows:
MIP Document Release
- **Application Permissions (Azure Application Permission)**use
- Processed in the same way as SHIELD DRM
MIP Document Creation
- Current user permissions (user token) logged into DS6use
- Performed with a user token issued by Microsoft, and label permission control is applied based on that user.
MIP → DRM → MIP conversion process에서 소유자가 변경되는 이유는 무엇인가요?
The authority subjects by transformation flow are as follows:
- MIP Release: App Permissions
- Creating DRM: Current DS6 Login User Permissions
- MIP Regeneration: Current DS6 Login User Permissions
Change of Ownership Reason:
- The subject is fixed as 'Logged-in User' when regenerating the final MIP.
- MIP creation is performed with the logged-in user token, and it is not possible to set another user as the owner with only app permissions/user tokens.
- Therefore, it can behave as if the "Owner/Applicable Subject" of the original document has changed.
What is the reason for the difference in perceived authority when converting MIP documents?
Due to the current operation mode of DS6, the following changes in perceived permissions may occur:
- MIP Release: Perform with app permissions
- Creating MIP: Perform with logged-in user permissions
As a result, during the conversion from MIP → DRM → MIP, the owner/applying entity of the final MIP may be attributed to 'logged-in user', which can change the perception of authority.
Is there another way to solve the owner change issue when creating MIP documents?
Yes, you can resolve the owner change issue when creating MIP documents through policy settings.
How to Set Up DS_MIP_INIT Policy:
"creatorAppAuth" : "use"
Setting Effect:
"creatorAppAuth" : "use"When set to __PH_0__, integrated login users __PH_1__App PermissionsCreates an MIP document.- This is not the token of the logged-in user.App TokenThis is how to set up a custom policy to generate MIP documents.
- This can solve the ownership change issue.
Application Result:
- Using app permissions when creating MIP documents also resolves the ownership change issue.
- MIP → DRM → MIP conversion process can maintain a consistent authority subject.
What is the reason that the SaveZoneInformation value in the registry changes again when the DSHLdr.exe process is executed, even though it was modified for the purpose of testing ADS value storage?
For testing the ADS value storage, the SaveZoneInformation value in the registry was changed to 0 (Able), but when the DSHLdr.exe process of Document Security is executed, that value changes back to 1 (Disable).
Cause:
In the case of DRM encrypted documents downloaded from the internet, there are instances where the document does not open correctly during the opening process due to the SaveZoneInformation setting. This is because the OS blocks access based on security settings when the SaveZoneInformation setting is applied.
System Operation Method:
- The settings for SaveZoneInformation are reset when SDSMan.exe is executed and the login is completed.
- Specific operation method:
- Delete conditions for SaveZoneInformation value:
DS_SHIELDEX_CDR_SERVER_IPIf a custom policy existsDS_SHIELDEX_CDR_SERVER_IPIf the policy does not exist,DS_NOT_USE_SENDLOG_ZONE_IDFIf a custom policy is not set or is set to 0- If the above conditions are met, delete the SaveZoneInformation value that exists in Current User.
- If the above conditions are not met:
- Sets the SaveZoneInformation value in Current User to 1 forcibly.
- Delete conditions for SaveZoneInformation value:
Solution:
To maintain the SaveZoneInformation value at 0 for the ADS value storage test, one of the following settings must be applied.
DS_NOT_USE_SENDLOG_ZONE_IDFSet custom policy to 1DS_SHIELDEX_CDR_SERVER_IPProperly configure the policy
The integrated login window has been closed, but a notification appears asking you to log in again. What should I do?
If you manually close the integrated login window and do not proceed with the login, a notification window requesting login will appear.
로그인Clicking the button will display the unified login window, allowing you to perform unified login.- The integrated login process is for using Microsoft 365.Essential Proceduresis.
- For more details,Account Linking Notification GuidePlease refer to.
A notification window has appeared indicating that account verification is required. What should I do?
This is the process of checking the Document Security account linked to your Microsoft 365 account.
- If the account verification is not completedYou cannot use features related to Microsoft 365.
계속하기Press the button to go to the user account verification window.- SSO Support Status
- SSO application environment: It logs in automatically, and there is no separate login process visible.
- SSO Not Applied Environment: You may need to log in to verify your account.
- If there is an SSO error or login failure, please check the network connection status, and if the issue persists, contact the customer support team.
- For more details,Account Linking Notification GuidePlease refer to.
In the user account verification window, the Document Security account and Microsoft 365 account are displayed. How should I proceed?
After checking the displayed account information,계속하기Click the button to proceed with the connection.
- Document Security Account: This is the user account information confirmed in Document Security.
- Microsoft 365 account: User account information verified in Microsoft 365. This account is used to access OneDrive and Microsoft 365 related services.
계속하기When the button is pressed, the result of the linkage will be displayed as either success or failure.- For more details,Account Linking Notification GuidePlease refer to.
You have successfully linked your account. Can I change to another account later?
Once the integration is complete, you cannot change to a different account.
- Once the account linking is complete, the account between Microsoft 365 and Document Security will be connected, allowing you to use Microsoft 365 related features thereafter.
Account linking failed. What should I do?
Even if account linking fails, Microsoft 365 services and Document Security services can be used normally since the login is completed during account verification.
- Retry Method
- You can reconnect your account when logging out & logging in to Document Security.
- Depending on the situation, if the Document Security logout feature is not available, you need to reboot the PC.
I am trying to move/copy files to OneDrive from Explorer while offline. Why is it not working?
Integrated Login (Document Security) In a non-logged-in state, documents to OneDrive of the local explorerCannot move/copy.
- OneDrive is a cloud-based storage service, and access permissions cannot be granted if you are not logged in.
- Login Method: Right-click on the taskbar tray icon →
로그인→ Enter Microsoft 365 account information in the integrated login window - If the problem persists after logging in, please check your network connection, and if it is not resolved, contact customer support.
- For more details,Account Linking Notification GuidePlease refer to.
You cannot access secure documents without logging in. What should I do?
You cannot access secure documents (DRM encrypted documents) without logging into Document Security.
- Login Method: Right-click on the taskbar tray icon →
로그인→ Complete the login by entering your account information in the integrated login window. - After completing the login, you can reopen the security document and access it normally.
- If you are unable to log in or the problem persists
- Checking the network connection status.
- If it is still unresolved, please contact the customer support team.