The board pack lands on your desk. It has names, salaries, redundancy options, and a draft press release that absolutely cannot leak. You need to share parts of it with three different people. None of them should see what the others see.
Protecting a confidential PDF isn't one action — it's a sequence.
Step 1: redact what they don't need
Don't share the whole file with redactions on top. Make a separate copy per audience and remove what they don't need to see. Use Flint's redaction tool to permanently strike content — not just cover it with a black rectangle, which can be reversed.
If you delete a whole page, use delete pages instead. Less to redact, less to leak.
Step 2: clean the metadata
PDFs carry hidden information: author name, software used, creation date, sometimes the original file path on someone's laptop. Strip metadata before sending anything sensitive externally. Saving a final copy via 'Print to PDF' is a quick way to flatten metadata, at the cost of any internal structure.
Step 3: encrypt with a strong password
Run the cleaned file through Flint's password tool. Use AES-256 (the default) and a passphrase generated by a password manager. Send the password by a different channel than the file — text, phone, password manager secure-send.
Step 4: sign or seal if authorship matters
For documents where you need to prove who issued them or detect tampering, add a digital or electronic signature. Encryption hides content; signatures prove authorship. Sensitive contracts usually need both.
Step 5: control how it's shared
Avoid email for the most sensitive material — emails get forwarded. Use a secure file-share link with expiry, or hand the file over on a known device. Set a calendar reminder to revoke the link or rotate the password once the recipient has confirmed receipt.
FAQ
Is encryption enough on its own?
Usually not. It hides content from interceptors but doesn't stop the legitimate recipient from forwarding, screenshotting, or printing. Pair it with redaction and access controls.
Can I rely on email being secure?
Email is encrypted in transit between most major providers but can be archived, forwarded and screenshotted with no audit trail. Don't treat it as a confidential channel by default.
How do I prove I sent the file securely?
Use a sharing tool that produces an audit log: who opened it, when, from what IP. For signed PDFs, the signature certificate carries its own audit trail.
What about screenshots?
No technical control fully prevents screenshots. Confidential documents rely partly on trust and partly on watermarks identifying the recipient — so any leak can be traced back.
Confidential means layered. Start with encryption, then redact and sign as the content demands.