Updated

Security Best Practices for Automated Documents

PDFs often contain PII and sensitive data. Learn how to secure your document generation pipeline from generation to delivery.

A padlock securing a digital document file

Security Best Practices for Automated Documents

Documents are data. In fact, they are often the most sensitive data—contracts, medical records, tax forms. Securing the generation pipeline is critical.

1. Encryption in Transit and at Rest

  • TLS 1.2+: All data sent to the API must be encrypted.
  • Storage: If the service stores the generated PDF (even temporarily), it must be encrypted on disk (AES-256).
  • Ephemeral Storage: Ideally, the service should delete the file immediately after you download it.

2. PDF Permissions

You can secure the PDF file itself.

  • User Password: Required to open the file.
  • Owner Password: Required to edit or print the file.
  • Restrictions: You can disable text copying or printing for sensitive documents.

3. Sanitization

Be careful what you inject into the template.

  • XSS in PDF: If you are using an HTML-to-PDF converter, and you inject user input directly into the HTML, a malicious user could inject JavaScript that runs during the rendering process (Server-Side XSS). Always sanitize inputs.

4. Access Control

Who can download the generated file?

  • Signed URLs: Don’t just put the file at mysite.com/files/invoice1.pdf. Use a signed URL (like AWS S3 Presigned URLs) that expires in 15 minutes.

Conclusion

Security is not an afterthought. It must be baked into the document lifecycle.

Secure by design. MergeCanvas is SOC2 compliant and built with enterprise-grade security features to protect your most critical data.