FP Defense Customers: To avoid account suspension, please make sure your status remains ACTIVE by logging into your FP Defense account. View the steps below to navigate through FP Defense and DRM.
ForumPass Defense & DRM Definitions
ForumPass Defense:
On December 30, 2015, the U.S. Department of Commerce, National Institute of Standards and Technology (NIST), issued the “Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations” ruling, commonly referred to as the NIST 800-171 requirements.
Exostar partnered with Seclore to create the ForumPass Defense application in order to comply with the NIST 800-171 requirements. While maintaining many of the features and functionality available in the standard ForumPass application, ForumPass Defense provides a secure, multi-factor authenticated environment, in the United States, and incorporates the Digital Rights Management (DRM) functionality to protect documents inside and outside of the environment.
Exostar partnered with Seclore to create the ForumPass Defense application in order to comply with the NIST 800-171 requirements. While maintaining many of the features and functionality available in the standard ForumPass application, ForumPass Defense provides a secure, multi-factor authenticated environment, in the United States, and incorporates the Digital Rights Management (DRM) functionality to protect documents inside and outside of the environment.
Digital Rights Management:
Digital Rights Management (DRM) adds a layer of security at the document level which protects document content from unauthorized access. DRM-protected documents are watermarked with the user’s name and the date/time the file is opened, and access and functionality in a DRM library is controlled by the ForumPass Permission groups.
A DRM-protected document may not be viewed by an unauthorized person, regardless of that file’s location. For Example, a DRM-protected document emailed to a person who does not have permission to the ForumPass Defense site where the document is stored, will not be able to open the file. Also, if an authorized user has downloaded a DRM-protected document to their local computer, that file will not be usable if the user’s site permissions are revoked, or if the file is removed from the DRM Library.
A DRM-protected document may not be viewed by an unauthorized person, regardless of that file’s location. For Example, a DRM-protected document emailed to a person who does not have permission to the ForumPass Defense site where the document is stored, will not be able to open the file. Also, if an authorized user has downloaded a DRM-protected document to their local computer, that file will not be usable if the user’s site permissions are revoked, or if the file is removed from the DRM Library.
Avoid Account Suspension
In order for your ForumPass 7 Defense account to remain active you must sign in to your account to maintain your active status. If you receive an email notifying you that your account will be suspended due to inactivity, please follow the steps below to avoid account suspension.
To Avoid Account Suspension:
1. From your MAG Dashboard, under My Applications, find ForumPass 7 US, then click Launch to open the application.
2. Navigate to your Defense site, then view or download a Digital Rights Management (DRM) protected file.
NOTE: If you do not have any files uploaded, you will need to upload a file first then view or download that file. (Please see the section below to upload a file).
3. Once you view or download a DRM protected file, your ForumPass Defense account status will be updated and remain active.
2. Navigate to your Defense site, then view or download a Digital Rights Management (DRM) protected file.
NOTE: If you do not have any files uploaded, you will need to upload a file first then view or download that file. (Please see the section below to upload a file).
3. Once you view or download a DRM protected file, your ForumPass Defense account status will be updated and remain active.
Access ForumPass Defense
ForumPass Defense is a subscription service made available through Exostar’s Managed Access Gateway (MAG) application. For questions about obtaining access to the ForumPass Defense, application, please contact sales@exostar.com.
In order to access ForumPass Defense two-factor authentication (2FA) is required. In addition to your User ID/Email and Password, you will need a digital PKI Certificate, Hardware Token, or One-Time Password (OTP) Token to serve as your second authentication credential.
To Access ForumPass Defense:
MAG is the authentication portal used to access the ForumPass Defense solution. Follow the steps below:
1. Go to https://portal.exostar.com, login with your UserID/Email and Password.
2. Then click Next. The MAG Dashboard will display.
3. Scroll to the My Applications section. Then locate the ForumPass Defense application.
4. Click Launch to elevate your login status with your OTP and you will be redirected to the ForumPass Defense landing page.
1. Go to https://portal.exostar.com, login with your UserID/Email and Password.
2. Then click Next. The MAG Dashboard will display.
3. Scroll to the My Applications section. Then locate the ForumPass Defense application.
4. Click Launch to elevate your login status with your OTP and you will be redirected to the ForumPass Defense landing page.
Digital Rights Management (DRM)
In order to use the FP Defense DRM functionality, the feature must first be enabled at the Site Collection level by a Site Collection Administrator. With the feature enabled for the site collection, it can be used in any ForumPass document library.
To Enable DRM:
Site Collection Administrators can enable the DRM feature at the Site Collection level.
1. At the Site Collection level, open the Settings menu and select Site Settings.
2. In the Site Collection Administration section, click Site Collection Features.
3. Scroll to locate the two Seclore features in the list. Click Activate to activate the DRM features.
4. Refresh the page and the features indicate that they are now active.
NOTE: Any ForumPass site can have both standard libraries and libraries enabled with DRM. However, only DRM libraries provide additional protection of digital rights management, and all files within a DRM library are protected.
1. At the Site Collection level, open the Settings menu and select Site Settings.
2. In the Site Collection Administration section, click Site Collection Features.
3. Scroll to locate the two Seclore features in the list. Click Activate to activate the DRM features.
4. Refresh the page and the features indicate that they are now active.
NOTE: Any ForumPass site can have both standard libraries and libraries enabled with DRM. However, only DRM libraries provide additional protection of digital rights management, and all files within a DRM library are protected.
To Enable DRM in Document Library:
1. Working in your project site, access the Settings menu and select Add an App.
2. Click the icon representing the Document Library.
3. Enter a library name and click Create.
NOTE: It may be useful to add DRM in your library name so it is easily identifiable as a rights managed library.
4. Working within your new document library, go to the Library toolbar ribbon and click Seclore Permissions.
5. In the Hot Folder window, click the icon at the far right of the Owner box.
6. Enter Techops@exostar.com in the email address field and click Search.
7. From the search results, select the TechOps email address. Click Submit.
8. Add a description in the Hot Folder form. Click Add.
IMPORTANT: Do not change the External Reference ID.
9. Once a library is assigned the DRM functionality, a new column displays within the library Seclore Online Access. This column is the visual queue this is a rights managed library.
2. Click the icon representing the Document Library.
3. Enter a library name and click Create.
NOTE: It may be useful to add DRM in your library name so it is easily identifiable as a rights managed library.
4. Working within your new document library, go to the Library toolbar ribbon and click Seclore Permissions.
5. In the Hot Folder window, click the icon at the far right of the Owner box.
6. Enter Techops@exostar.com in the email address field and click Search.
7. From the search results, select the TechOps email address. Click Submit.
8. Add a description in the Hot Folder form. Click Add.
IMPORTANT: Do not change the External Reference ID.
9. Once a library is assigned the DRM functionality, a new column displays within the library Seclore Online Access. This column is the visual queue this is a rights managed library.
To Remove DRM Protection from Document:
All documents in a DRM library are protected with Digital Rights Management as long as the file is in a DRM library. Once a managed document is downloaded to a client-side location, the DRM protection can be removed, assuming that user has permissions to do so.
1. Navigate to the client-side location of the document.
2. Right click (with your mouse) the file.
3. Select Unprotect.
1. Navigate to the client-side location of the document.
2. Right click (with your mouse) the file.
3. Select Unprotect.
To Run a DRM Report:
Site Collection Admins can generate Rights Management (RM) Files Activity Reports within site collections with DRM enabled. Only Site Admins can run reports and this can only occur after TechOps runs a script in order to enable the reporting feature.
1. With DRM and the reporting feature enabled in the site collection, access the Settings menu.
2. Then select View Rights Management Activity Report.
3. Complete the fields on the Right Management Activity Report request form, then click Run.
4. Specify the file names, activity dates, and user information to help narrow the scope of results, thus improving performance.
5. The report results display, and can be exported to Excel.
1. With DRM and the reporting feature enabled in the site collection, access the Settings menu.
2. Then select View Rights Management Activity Report.
3. Complete the fields on the Right Management Activity Report request form, then click Run.
4. Specify the file names, activity dates, and user information to help narrow the scope of results, thus improving performance.
5. The report results display, and can be exported to Excel.
DRM Permissions
Anyone with permissions to the site and library can use DRM Libraries. Access and functionality are controlled by standard ForumPass permission groups administered by the Site Collection Administrator or Site Owner. The default permission groups are as follows:
| Permission Group | DRM Viewer | View | Edit | Copy | Screen Capture* | Save As | Work Offline | Full Control | |
|---|---|---|---|---|---|---|---|---|---|
| Owner (Administrator) | Y | Y | Y | Y | Y | Y | Y | Y | Y |
| Member (Employee) | Y | Y | Y | Y | Y | Y | N | N | N |
| Visitor (Contractor) | Y | Y | N | N | N | N | N | N | N |
DRM Viewer
There are two versions of the DRM viewer:
- DRM Light Viewer: client-side application viewer which provides read-only view of Microsoft Word, Excel, PowerPoint (.dotx, .xltx, .potx) and .PDF documents in a DRM library.
- DRM Full Client: provides support for additional file types. You can download the DRM Full client from: https://drm.fps.exostar.com/policyserver/InstallerHelp.do.
The first time the DRM Viewer is used, you must download the viewer client. This does not require administrative permissions, and takes only a couple of minutes. The DRM Viewer client can be downloaded from: https://drm.fps.exostar.com/policyserver/start.
DRM Light Viewer supports the following:
| File Formats | Supported Applications |
|---|---|
| docx, docm, xlsx, xlsm, xlsb, pptx, pptm | Microsoft (MS) Office |
| doc, xls, ppt, csv, rtf, txt, odt, ods, odp | FileSecure Lite Viewer |
| FileSecure Lite Viewer |
DRM Full Client supports the following:
| File Formats | Supported Applications |
|---|---|
| docx, docm, xlsx, xlsm, xlsb, pptx, pptm | Microsoft (MS) Office |
| doc, xls, ppt, rtf, csv | Microsoft (MS) Office |
| Acrobat Reader | |
| bmp, jpg, jpeg, jpe, jfif, gif, tif, tiff, png | FIEDI, MS Paint |
| ansi, asc, ascii, asm, asp, bas, c, cc, conf, cpp, cs, css, cxx, h, hpp, hxx, ini, java, js, jsp, properties, txt, xsl, xml | FileSecure Text Editor |
| odt, ods, odp, odf, odg | OpenOffice |
Comparison between DRM Light VS. Full Client
| Actions | Full Client (Windows Desktop) | Lite Viewer (Windows Desktop) |
|---|---|---|
| Render documents in local application | Yes | Yes |
| Render MS-Office documents in MS- Office application | Yes | Yes |
| Dynamic Watermark support | No | Yes |
| Control Screen Capture | Yes | No (Documents with watermark) |
| Allows Annotation (PDF documents) | Yes | Yes |
| ‘Admin Rights’ required to install | Required | Not Required |
| Control Viewing, Editing, Printing, Copy Data, Offline | Yes | Yes |
| Control Document Expiry (Time / Date Controls), Lock to Device, IP Based Controls | Yes | Yes |
| Document Protection (Manual, Email) | Yes | Yes (Email) Product Roadmap (Manual) |
| Document Un-protection | Yes | Yes |
Known Constraints
The following table explains known constraints and expected behavior of the ForumPass Defense Digital Rights Management solution:
| Application/File Format Issue | Expected Behavior |
|---|---|
| General Edit, Print Controls | If the user does not have access to Edit or Print a file, related options will be disabled in the MS Office user interface. |
| MS Office Save As PDF | Protected files cannot be saved in PDF format. |
| MS Office Supported Office versions | Only MS Office 2007 and higher are supported. |
| MS Office older formats (doc, xls, ppt) | Protected files of older MS Office formats – doc, xls, ppt – will open in Seclore Lite for Windows and not in MS Office. |
| MS Office Copy-paste restrictions | Copying and pasting within and outside a protected file requires the Full Control permission. |
| MS Office Password protected files | Files encrypted with an MS Office ‘Open’ password will not open with Seclore Lite. Files with a ‘Modify’ password will function normally – the ‘Modify’ password prompt will be displayed after Seclore authentication. |
| MS Office password encryption | Seclore-protected files cannot be encrypted with an MS Office password. |
| MS Office Printing without Edit permission | Without the Edit permission, you can still change the contents of the file and print it without saving the file. |
| MS Office Mail Merge | Mail Merge is not supported for protected files. |
| MS Office Digital Signature | A protected document cannot be digitally signed using MS Office. |
| MS Office Save in unsupported format | If a protected file is saved as another file which is not a supported format (e.g. .dotx, .xltx, .potx), the file will be inaccessible. It can however be unprotected by the File Owner and any user with the Full Control permission. |
| MS Office New Window | The New Window button in the View ribbon is disabled when a protected file is open. |
| MS Office 2010, 2013, 2016 Insert Screenshot button | The Insert Screenshot button in the Insert menu is disabled when a protected file is open. |
| MS Office open Excel File | This is isolated to Merck users. Receive error message providing a repair link. Click the link to successfully open file. |
| Office 365 Online version open Excel file | To open/view Excel spreadsheet from a DRM library, you must have another Excel spreadsheet open. |
| MS Office | To view a DRM-encrypted file, you must be in the DRM library, not from a webpart on the Home page. |
File Management
Below are some of the most common tasks performed in ForumPass DRM including adding files, editing files and deleting files.
To Add Files:
Users with proper permissions can add files to the library using standard ForumPass functionality by uploading documents or using the drag & drop feature. View the ForumPass Document Management page for more instructions.
Upon upload, documents are immediately protected with Digital Rights Management without any additional action by the document owner. The DRM Viewer icon, located to the right of the file listing, is an indicator that the files are DRM protected. All documents in a DRM library display with a watermark of the user’s name and the date and time the file is opened.
Upon upload, documents are immediately protected with Digital Rights Management without any additional action by the document owner. The DRM Viewer icon, located to the right of the file listing, is an indicator that the files are DRM protected. All documents in a DRM library display with a watermark of the user’s name and the date and time the file is opened.
To Access Files:
There are several way to access files in the DRM library and each has unique functionality. The method in which you view, download, and update documents may depend on the file type. This section provides instruction on how to best access and update DRM protected content.
Browser View: All supported file types may be accessed using the DRM Viewer by clicking the file name from within the DRM-enabled document library in ForumPass, or by clicking the file’s DRM Viewer icon. Files open in a browser view (view only) which does not provide editing capabilities.
Browser View: All supported file types may be accessed using the DRM Viewer by clicking the file name from within the DRM-enabled document library in ForumPass, or by clicking the file’s DRM Viewer icon. Files open in a browser view (view only) which does not provide editing capabilities.
To Edit MS Office Documents:
Working within the DRM-enabled document library in ForumPass:
1. Open MS Office documents by clicking the file name to view in the DRF File Viewer.
2. From the File Viewer, choose to Edit the file (if you have edit permissions), and the file opens in Word for editing.
NOTE: For Excel files only, you much first open the Excel application and THEN open the file in order for it to display in the DRF File Viewer. You can also choose to download MS Office documents to your local environment for editing. See below for instructions on downloading documents to your local environment.
3. Make your changes and save the file locally.
4. Return to the ForumPass DRM library to upload the updated version into the library.
1. Open MS Office documents by clicking the file name to view in the DRF File Viewer.
2. From the File Viewer, choose to Edit the file (if you have edit permissions), and the file opens in Word for editing.
NOTE: For Excel files only, you much first open the Excel application and THEN open the file in order for it to display in the DRF File Viewer. You can also choose to download MS Office documents to your local environment for editing. See below for instructions on downloading documents to your local environment.
3. Make your changes and save the file locally.
4. Return to the ForumPass DRM library to upload the updated version into the library.
To Edit PDF Files:
1. Click the Ellipsis (3 dots icon) next to the PDF file.
2. A second Ellipsis displays. Click the Ellipsis and choose Download a Copy.
3. Once downloaded, click Open and the file opens in the File Secure Lite Viewer, where you have limited annotation and editing capability.
2. A second Ellipsis displays. Click the Ellipsis and choose Download a Copy.
3. Once downloaded, click Open and the file opens in the File Secure Lite Viewer, where you have limited annotation and editing capability.
To Download a Copy of File:
1. Go to the Library and place a Check Mark next to the desired document.
2. From the Files toolbar ribbon, click Download a Copy.
3. Make your changes and save the file locally.
4. Return to the ForumPass DRM library to upload the updated version into the library.
The file maintains its Digital Rights Management status, and any edits made on the file do not display in the original document until the updated file is uploaded. If the file in the library is deleted or overwritten with a new version, the local copy is no longer usable. The user must return to the DRM library and download another copy.
If the user is removed from the site, or the permission group, the local copy of the file is no longer usable.
2. From the Files toolbar ribbon, click Download a Copy.
3. Make your changes and save the file locally.
4. Return to the ForumPass DRM library to upload the updated version into the library.
The file maintains its Digital Rights Management status, and any edits made on the file do not display in the original document until the updated file is uploaded. If the file in the library is deleted or overwritten with a new version, the local copy is no longer usable. The user must return to the DRM library and download another copy.
If the user is removed from the site, or the permission group, the local copy of the file is no longer usable.
To Delete Files:
Users with permissions to do so can delete files from a DRM library using standard ForumPass functionality:
1. Select the file and click Delete Document on the Toolbar ribbon.
2. Click the ellipsis (…) to the right of the file name and select Delete.
When a file is deleted from a DRM library, all versions of the file, regardless of the file location, are unusable by anyone who ever obtained a copy of that file.
1. Select the file and click Delete Document on the Toolbar ribbon.
2. Click the ellipsis (…) to the right of the file name and select Delete.
When a file is deleted from a DRM library, all versions of the file, regardless of the file location, are unusable by anyone who ever obtained a copy of that file.