The crime of today is computer hacking. The importance of EDMS security cannot be overestimated. It’s extremely important that your enterprise document management software has both inner and outer security features. While many options exist, effective security requires that every EDMS contain very specific features.
The very first thing your EDMS security features must do is determine who can and cannot access the security functions. In most cases, only a very tight group of people should have this access. Most companies restrict this to the most senior staff, from the CEO to the head of the IT department. There’s no point in EDMS security if anyone can change it.
In the modern workplace, few people have just one job title. People work on multiple projects, sometimes even working across department lines. Additionally, people have different functions in different projects. While one person leads a project, they may be just another worker on another. You should be able to easily add employees to various group designations and projects. Every employee is a Venn diagram of projects and roles. Your EDMS security should reflect that.
If there has been a security breach, you should be able to act fast. Put everything on lock down as soon as you can. This will lock out whoever is tampering, and will make it easier for you to determine who was after something they shouldn’t have. A “panic button” in your EDMS security is a must. Most of the time, you won’t even know that it’s there. It can be inconvenient. The rest of the time, however, it’s a godsend.
Some of your employees should not be allowed to view others’ work and assignments. Some people need to be able to do so. Controlling not only who has permission to access assignments, but who has permission to view the records is a key feature. This doesn’t just mean that supervisors need to be able to check in on the Teapot Account (for example) to ensure that everything is being taken care of.
Comprehensive audit logs are essential for the smooth functioning of your company. These logs should be built so that no one in the company can tamper with them—even admin. It’s important that every instance of access to a file be logged. For an innocent example, knowing about audit logs will increase employee honesty. Everyone makes mistakes—even data administrators. Someone high in your company could accidentally access the wrong file and breach confidentiality. Repairing this damage is only possible when people know that it’s happened. Yes, breaches in confidentiality still “count” even if (you think) no one is going to know.
For a more nefarious example, you need to know who’s been viewing which files so that if data is changed, stolen, or missing you know who a likely culprit is. Hopefully, you’ll never face this situation. If you do, will your EDMS security have your back?
In summary, there’s a lot that your EDMS security has to withstand. Therefore, flexibility and thoroughness are the two most important features. Group your employees appropriately and assign permission masks to keep things flowing smoothly. Rely on audit logs to keep track of everything else.