This tab allows you to set up a variety of settings related to your Vitrium Security account including Watermark Settings, Content Settings, DRM Policy Settings, as well as adding Staff Users, setting up a User Portal, and viewing your Account Settings and My Profile.

 

5.1 Account Settings

Depending on which edition of Vitrium Security you subscribe to, you may see different fields in your Account Settings.

What Standard & Professional accounts will see:	What Enterprise accounts will see:

STORAGE SPACE CONSUMED

This is the total storage space being consumed by this account on Vitrium’s servers (if you are hosted with Vitrium) or on your company’s servers (if you have Vitrium installed on your environment). The limit shown here is the Storage Limit which is different than the File Limit. These are defined here: 

File Limit: the total size limit of your original files

Storage Limit: the total size limit of the storage space being consumed on Vitrium's servers (this will often be 3-5x more than your original files for the reasons listed below)

What Vitrium stores on its server:

For every 1 document or image (original file) uploaded into Vitrium, Vitrium stores 3 different copies:

• 1 copy of the original file
• 1 copy of the protected PDF file
• 1 copy of the web viewer file

For every 1 video (original file) uploaded into Vitrium, Vitrium will store 4 different copies:

• 1 copy of the original video
• Up to 4 additional copies of the web viewer file at various bitrates

Support URL

This is an optional field. If you would like to direct your users to a particular support page, this URL will show up in some of the error messages that the user may encounter when trying to unlock or view their content. The support URL may not appear in all error messages since the error may be related to a server connection issue or a single sign-on (SSO) issue which is generated from the customer’s side, not Vitrium’s side.

Time Zone

This is the time zone that is associated with your Vitrium account in the reports section. We recommend you change it to your local time zone as the default is UTC.

Global DRM Policy

If you only have 1 DRM policy that would apply across your entire business, then you could set your Global DRM policy here, however, we strongly recommend that you DO NOT set anything here as you may encounter conflicts if you are also setting a DRM policy at the file level or group level. Refer to section 5.4 for more details about DRM Policy Settings.

SSO Lite Mode (applicable to Enterprise accounts)

This is a convenient feature that allows a User to login to a file once, and afterward, they are automatically granted access to other files you provide to them. When this field is set to Device ID (the default), the user is identified by the web viewer cookie or Adobe Reader profile. When set to IP address, the user is identified by their IP address.

EXTERNAL SERVICE (applicable to Enterprise accounts)

If you will be connecting Vitrium to a 3^rd party system for user authentication via a JSON API server, then you will need to enable the External Service and fill in the following 3 fields:

Service URL: this is where you will add your JSON API Service URL

• Ensure you enter a secured site with “https” and an SSL certificate is highly recommended
• Be sure to suffix your server with “/api/2.0/”

Service Headers: this is optional if you wish to provide any header key value pairs

• Separate each header key/value pair with semicolons
• Separate each key and value with an equal sign
• Example: key1=value1; key2=value2

Web Viewer SSO Token Name: this is an optional field

IMPORTANT NOTE: You should also refer to the Vitrium API Guide when enabling an External Service or reach out to the Vitrium Professional Services team at ps@vitrium.com.

5.2 Content Settings

Content Settings are the protection settings that you apply at the file level – allow printing or copying, allow highlights or annotations, insert a watermark, and so on. Content Settings for documents and images will be different for video since they are different content types.

FOR DOCUMENTS & IMAGES

To add a new Content Setting, click Add Settings, then select DOCUMENT SETTINGS from the drop-down menu.

Content Settings tab

Name: enter a name for your Content Setting (we recommend one that includes details such as “No Print, No Copy, Left side Red Watermark”)

Allow printing: check the box to allow your content to be printed or leave it blank to block printing

Allow copy/paste: check the box to allow content to be copied or leave it blank to block copying

Select login form: this field will only show for Enterprise accounts that use different PDF login forms (not web viewer login forms) with their content

Select Watermark 1: you can select an existing watermark from the drop-down list or create a new one by clicking the + symbol; to add a 2^nd or 3^rd watermark, click the ‘Add Watermark’ link and select from the list again

Advanced Options

Protected as: there are two options to choose from:

1. Full DRM: this is the default option and will provide you the fullest extent of DRM for your content including the ability to control settings at the user level (user authentication, password-control, expiry date control, device limit control, and so on)
2. Social DRM: this option removes all user DRM controls and there is no login or authentication mechanism required for accessing content but it will still allow you to retain control over your content such as allowing or blocking printing and copying, and you can apply watermarks to your content

Set Acrobat cookie policy: this allows you to change the behavior of the Adobe global object security policy (GOSP) pop-up that appears in the protected PDF file which relates to how Vitrium tracks and counts ‘device limit’ or ‘application limit’ for the user:

PromptAndCloseDocument: this is the default selection where the Adobe GOSP pop-up message will appear and the user will need to close the prompt, make the required change (disable the GOSP by going to Preferences > JavaScript and unchecking the GOSP field), then re-open the file to unlock it

PromptOnly: if this option is selected, the Adobe GOSP pop-up message will appear with the instructions for disabling the GOSP but the user can just close it and continue on with unlocking their document but no cookie gets stored so you run the risk of the user reaching their PDF limit very quickly if they did not follow the instructions

NoPromptAndNoClose: if this option is selected, the Adobe GOSP message will NOT appear at all and is only recommended in scenarios where you DO NOT require setting a PDF limit for users

Disable Annotations in web viewer: this option allows you to disable both the highlighting and notes feature in the web viewer (note, this feature cannot be disabled for the protected PDF version)

Case sensitive password: this option allows you to force login credentials to be case-sensitive

Package key: this option is a specific field for one of Vitrium’s legacy customers and can be ignored

IMPORTANT NOTE: Content Settings can NOT be edited since these settings are contained within the protected PDF file and if a user already has the file, you cannot change that file, only send them a new file with the updated Content Settings. If you need to play around with different settings or watermarks, you will need to create multiple Content Settings, then delete those you no longer need.

FOR VIDEOS

To add a new Content Setting, click Add Settings, then select VIDEO SETTINGS from the drop-down menu.

 

 

Name: enter a name for your Video Content Setting (we recommend one that includes details such as “Licensed to Diagonal Watermark”)

Case sensitive password: this option allows you to force login credentials to be case-sensitive

Select Watermark 1: you can select an existing watermark from the drop-down list or create a new one by clicking the + symbol; to add a 2^nd or 3^rd watermark, click the ‘Add Watermark’ link and select from the list again

IMPORTANT NOTE: Currently, Video Content Settings can NOT be edited but we are looking to change that in a future release.

5.3 Watermark Settings

Watermark Settings are the protection & control settings for your watermark – whether you want to use a dynamic, user-identifying watermark or plain text watermark, what placement and alignment options you wish to choose, and what font, color, size, or opacity level you prefer.

To get started, click the button and you will see this screen:

Watermark tab

Name: enter a name for your watermark; we recommend one that includes details such as “Licensed to Vertical Left Red 9pt Font”

Type: you can select from two options:

User-specific: this is a dynamic watermark where you can add user-identifying information in it

Text-only: this is a generic watermark where you can enter plain text only (no dynamic data)

Placement: select the location where you would like to place the watermark (bottom, top, vertical left, vertical right, diagonal, or custom)

Alignment: select whether you want the watermark text to be left-, center-, or right-aligned

Advanced Options tab

Color: select a color from the drop-down list

Font: select a font type from the drop-down list

Font size: enter a font size

Visible on: select either ‘screen and print’ or ‘print only’

Opacity: slide the scale up or down to select the opacity (or transparency level)

 

5.4 DRM Policy Settings

DRM Policy Settings are the protection & control settings that you can apply at the user, group, file or folder level – setting expiry date, offline access, device or browser limit, print limit, IP address limit, and so on.

SETTING UP A DRM Policy

Go to Settings > DRM Policy Settings, then click the ‘Add DRM Policy button. Depending on which Vitrium edition you have will depend on which DRM policy fields you will see.

Standard Edition accounts will see:

Professional Edition accounts will see:

Enterprise Edition accounts will see:

DRM POLICY RULES

There are two important rules you should know about before setting up your DRM policies:

RULE #1: The most lenient DRM policy setting will always apply. For this reason, Vitrium recommends ONLY setting a DRM policy at one level as the most lenient policy will take precedent if you have set it at multiple levels. It could also cause conflicts and be challenging to troubleshoot.

RULE #2: You must enter a value for EVERY field in a DRM policy. Do not leave anything ‘not set’ otherwise you will receive error messages when trying to unlock a file. So if you don’t wish to set a value for any field, set it to NEVER or UNLIMITED.

DRM POLICY FIELDS DEFINED

Policy Name	This is where you can enter a name for your DRM Policy (we recommend one that includes specific details about the policy such as “1 PDF Limit, 2 Browser Limit, 1 Day Offline Access”)
Expiry Date	This is where you can define a specific date for when your content or file will expire for a particular User or Group. If you do not wish to set a date, then select NEVER as per Rule #2.
Expiry After First Unlock	This is where you can define a specific number of days that your content or file will expire after the first unlock by the User.
Offline Access	This is where you can set the maximum number of days that your User or Group can access your protected content or file when they are offline or not connected to the internet: For the protected PDF file, the User doesn’t need to do anything in order for the offline access feature to work. For the secure web viewer, the User will need to click the ‘Save to Browser’ button to be able to save the content to the browser’s cache.
PDF or Browser Limit	This is where you can set the maximum number of Adobe applications (PDF) or browsers that a User can access your protected content or file on. Total Limit: this is defined as the same as above. Individual Limit: this allows you to separate the limits for PDF (the number of Adobe applications) versus the number of browsers.
Library or Account Limit	This is where you can set the total number of files that a User can access or unlock.
Web Browser Print Limit	This is where you can set the number of times a User can print the web version of a document or image. NOTE: a print session will be counted even if the person selects only 1 page.
Content Open Limit	This is where you can the maximum number of times a User can access or unlock a specific file.
IP Address Limit	This is where you can set the maximum number of IP addresses that a User will be able to your protected content from. If you want to specify a particular IP address or range, enter 0 as the limit, then enter the IP address in the “Ignored IP Addresses” section.

 Where to Apply DRM Policy Settings

Before deciding where to apply DRM Policy, remember RULE #1: The most lenient DRM policy setting will always apply. For this reason, Vitrium recommends ONLY setting a DRM policy at one level as the most lenient policy will take precedent if you have it set at multiple levels, causing conflicts.

Recommendations	Steps to Apply
File/Content Level It’s recommended for Standard & Professional customers to set your DRM policy at the file/content level since you can see it visually every time you upload content and assign permissions. You can also easily change the permissions for a specific file, user or group from withing the Edit Content window.	In the Content tab, click Add Content Select your File and click the Permissions tab Select your Users or Groups Select a DRM policy from the drop-down box Click Save & Exit
Folder Level Recommended if you have a lot of files that you sort into folders AND you require the same DRM policy for all files within a particular folder. If you set a DRM policy at this level, you need to be very cautious when setting a DRM policy at other levels to avoid potential conflicts.	In the Content tab, in the folder section, click the arrow beside a folder and select Permissions Click Add, then select your Users or Groups Select a DRM policy from the drop-down box Click Save & Exit
Group Level Recommended if you have a specific policy required for a group of users. If you set a DRM policy at this level, you need to be very cautious when setting a DRM policy at other levels to avoid potential conflicts.	In the Groups tab, click on a Group Select the DRM policy tab Enter your policy values Click Save & Exit
User Level Only recommended for accounts with a small number of users where you will have different DRM policy for each user.If you set a DRM policy at this level, you need to be very cautious when setting a DRM policy at other levels to avoid potential conflicts.	In the Users tab, click on a User Select the DRM policy tab Enter your policy values Click Save & Exit
Global Level Only recommended if you have 1 DRM policy that can be applied across your entire business or organization. If you set a DRM policy at this level, you need to be very cautious when setting a DRM policy at other levels to avoid potential conflicts.	Go to Settings > Account Settings In the field “Global DRM Policy”, select a policy from the drop-down list

 

5.5 Portal Settings

IMPORTANT NOTE: Only Professional and Enterprise Edition accounts will have access to the User Portal feature and will see Portal Settings in their account.

Vitrium’s User Portal allows you to distribute your protected content to users in a central, secure web portal. The user can log into one place and access all their content, including any protected documents, images or videos that you have assigned to that particular user. The portal can be customized with your logo and branding colors.

 

Setting up the User Portal

Go to Settings > Portal Settings, then click the ‘Enabled’ checkbox and the portal fields will appear below. 

Active Portal Alias	This is the URL that your users will log into to access all the protected content they have access to. Until your portal alias is approved (see next field below), you will see a temporary portal alias after you click Save Settings.
Requested Portal Alias	This is the personalized name you can add to the end of the portal alias that the Vitrium application will create for you. The URL will look like this: https://view.protectedpdf.com/portal/your-alias-name We recommend you enter a company name or something unique to your organization. If you enter something generic like “test”, the name will be rejected. IMPORTANT NOTE: Your Portal Alias will be activated once Vitrium approves the name and you receive the approval email. Until then, the system will issue you a temporary URL.
Account Name	This is the name of your portal account which will appear at the top right-hand side of the user portal screen when users log in
Allow User Sign Up	Select this option if you wish to have new people self-register or sign up as a ‘User’ with access to your portal. IMPORTANT NOTE: Once a new user has been verified (via the email that’s sent to them), someone from your organization may need to assign them permission to content unless you have already assigned “All Active Users” with permission.
Allow Password Recovery	Select this option if you wish to allow users to reset or change their password.
Color       Hover Color	Select your brand color for the portal. This color will appear in the top banner and Login button in your portal.   This is the color that will show when you hover over or click on certain buttons.
Logo	Select your company logo. The logo should be transparent with an aspect ratio of 5:1 (width:height). You can upload a JPG or PNG file.
Favicon	Select your favicon which is a small image that appears in the left hand side of a website tab. The favicon image should be 16x16 pixels or 32x32 pixels, using either 8-bit or 24-bit colors.
Disable downloading document	Select this box if you don’t want your users to download the protected PDF version of your content. They will only be able to access the web version.

 SAMPLE USER PORTAL

The portal login page will look similar to this:

PORTAL ALIAS EMAILS

After you’ve entered a name in the “Portal Alias” field and saved your Portal Settings, you will either receive an approval email with a link to the URL for your users, or you will receive a rejection email and you will need to go back into your Portal Settings and enter a different alias name and save your settings again.

Approval Email

Rejection Email

STEPS FOR USER SELF-REGISTRATION

If you selected “Allow User Sign Up” in your Portal Settings, then people will be able to self-register for your portal. The User account will remain inactive until the person has verified their email address. Please note that you will still need to apply content permissions to the new accounts. Here are the steps that will occur:

1. Person clicks the REGISTER link on your user portal login page
   
2. The user will then need to enter their email address, a password, confirm their password, then click REGISTER
   

3. A verification email will be sent to the user and they will need to click to activate their account for the portal
   

4. The user clicks on the link to activate their account and you will then see them added as a User in Vitrium
   
   
5. You will then need to assign that user with permissions to access your content before they can see anything in the portal.

Viewing Content Through the User Portal

Using the portal link, login to the portal with a test user and, once logged in, you will be able to access any files or content that the user has been assigned permissions to:

Sort Options	This button allows the user to sort the content by Title (File Name) or the Created Date, and in Ascending or Descending order
Tags Filter	This button allows the user to filter the content by tags that were added to the file upon upload
View Options	This button allows the user to change from a thumbnail (tiles) view to a list view; the thumbnail (tiles) view is the default and is what you see in the screenshot above
Web Version	If the user clicks anywhere on the thumbnail it will open the web version of the content
Secure PDF	If the user clicks on the faded download icon, it will downloaded the protected PDF format of the content which will need to be opened in Adobe Reader or Acrobat
Tags	The user can also see the associated tags on each content by the grayed out text just below the file name
Search	The user can search for the content file name
Change Password / Logout	The user can click on their username at the top right hand side of the screen to select “Change Password” or “Logout”

 

5.6 Staff Users

As defined in Section 3.0, Staff Users are those who can log into Vitrium and perform administrative functions such as adding content, adding users, assigning permissions, viewing reports, and so on. A Staff User can also be an End User, or person who can access your protected content, but you need to add them separately in the Users tab.

Setting Up a Staff User

To create a new Staff User, click the button. Depending on which edition of Vitrium you subscribe to will determine what you see next.

Standard & Professional accounts will see:

Enterprise Edition accounts will see (with the addition of ‘Assigned Roles’):

OVERVIEW OF STAFF ROLES

	Master Admin	Support	Permission Manager	Content Manager	System Viewer
Content / Folders
View & Search Content	x	x	x	x	x
Edit Content	x			x
Activate / Deactivate / Delete	x			x
Download Protected PDF	x	x	x	x
Access Secure Web Link	x	x	x	x
View Report	x	x	x	x	x
Users
View & Search Users	x	x	x		x
Edit Users	x		x
Edit Group Membership	x		x
Activate / Deactivate / Delete	x		x
Clear Use & Provide Offline Unlock	x	x
View Report	x	x			x
Import & Export Users	x		x
Groups
View & Search Groups	x	x	x		x
Edit Groups & Add / Remove Users	x		x
Activate / Deactivate / Delete	x		x
View Report	x	x	x		x
Settings
View All Settings	x	x	x	x	x
Edit Global DRM Policy	x		x
Edit Support URL & Time zone	x	x	x	x
Edit SSO Lite Mode & Enable External Services	x
Edit Content Settings	x			x
Edit Watermark Settings	x			x
Edit DRM Policy Settings	x		x
Edit Portal Settings	x			x
Add & Edit Staff Users	x
Edit My Profile	x	x	x	x	x
Manage Login Forms	x			x
Dashboard / Reports
View Dashboard & Reports	x	x	x	x	x
Export Reports	x	x	x	x

 

5.7 My Profile

Vitrium Security also allows you now to change your overall profile information. You can now customize your Username, First and Last name, as well as access the ‘change password’ functionality while logged in.

5.8 Login Forms

Available to Enterprise accounts only, if you are a Master Admin, you can upload different PDF login forms into your account. These are the login forms that appear on the protected PDF files only, not the web viewer versions.

To add a new Login Form, follow these steps:

1. Click the
2. Click Browse and select the desired login form.
3. Once done, enter the name you wish to use to label your login form.
4. Click ‘Save & Exit’ to activate the settings