Protecting confidential documents and information is necessary to prevent information falling into the wrong hands. How can you be sure that documents are protected and secured? While at the same time keeping this information accessible to the right people?
Content
Sensitive and confidential information pain point for many organisations
From research by industry association AIIM shows that around 60 per cent of document-intensive organisations recognise that losing or leaking confidential information is a major risk. Some 13 per cent even see it as a disaster if it happens. It indicates once again the importance of protecting confidential and sensitive information from unauthorised eyes. So protect confidential documents.
One of the biggest challenges for organisations: protect confidential documents
However, it is not only important to implement good policies on who is allowed to see, do or change what in specific information. Given the developments in laws and regulations (AVG and GDPR) regarding privacy, data breaches, etc., the need for every organisation to get its act together applies.
So, on the one hand, you don't want information to get to the wrong person under any circumstances, but on the other, you don't want information to become inaccessible either.
Traditional way of protection
Traditionally, documents in an application or on a central network drive are protected based on their location (folders and directories). Such a location is subject to rights, such as an Access Control List (ACL), to determine who has access to that location, but those rights then apply to all documents in that location.
This kind of 'security' is not very flexible and offers no security. After all, in many cases, multiple versions of a document will be kept, and how are access rights from other locations handled?
Metadata play a crucial role in smart and secure protection of sensitive and confidential information.
The modern way to secure: metadata
So you actually want document-level security, rather than a location.
Assigning metadata to documents, as is possible in a modern document management system, offers the solution. Documents can thus be protected based on parameters. Examples of parameters with which you control the protection of a document are the role of a user, the status of a document, a certain step in a workflow or, for example, after approving a document. We will explain these examples later.
This way of metadata-driven access and the associated monitoring provides the required security to trace - also in retrospect - who performed what actions on the document. This allows the policies put in place to be effectively enforced and enforced.
In such a metadata-driven approach, content can be controlled through a combination of object-specific permissions with the ACLs that can be set automatically, based on that metadata. The idea behind this is that through that assignment of metadata, an individual document is assigned its own rights. This allows users from different projects, other departments or even external parties to access such a document. Provided this matches the rights applicable to their function in combination with the document's metadata.
Moreover, these permissions can be adjusted as the status of a document changes; at a time when it is still in development phase, more people can access the document (e.g. for reviewing) than after it has been given the final version. All that is needed for this is to modify the document's metadata; document protection is then done automatically.
Granting specific rights
In a similar way, you can handle and metadata the documents in a specific project. You can thus dynamically adjust access to documents or change members of a project group, who then have or do not have access rights immediately. Simply by properly linking metadata to documents.
It can go even further: linking metadata to documents in combination with roles and functions. Then the project leader will see only those documents that are relevant to him, and that applies to all group members based on their role or function.
A DMS provides the right functionality
Access control on sensitive and confidential information is crucial within organisations. M-Files provides the right functionality to apply those rights flexibly and traceably. Other ECM systems tend to use a rigid and labour-intensive application of user rights to documents. Admittedly using metadata, but not in the way it is done in M-Files.
With M-Files, any form of an attribute or property assigned to a document can function as a trigger to apply and manage access rights. Both at document level and at document class level (e.g. project documents during x period).
Multiple metadata properties can also be applied simultaneously to the same set of documents, such as access to 'all project documents' except those labelled 'budget'.
This approach eliminates 'guesswork' with access control and gives users more scope to define documents and classes based on metadata assignment. This leads to more efficient and effective management of access rights, as well as a more workable and dynamic Enterprise Content Management environment. Do not wait any longer and protect confidential documents now.
Curious about how protecting confidential documents can work for your organisation? Schedule a no-obligation personal demonstration in and an expert will address your specific situation.