Document & Record Lifecycle Software
The system must provide system authorization control that covers all classification and retrieval activities in the Document Management Software. System authorization can be broken down into two interrelated activities 1) controlling access to documents 2) controlling extent to which a document can be utilized. For example 2 different users may be authorized to access to the same purchase order document but one user has read, add, edit abilities and the other has read only access. Typically in unstructured work environments one if not both of these authorization controls are neglected resulting in all users having unrestricted access to all documents.
Another challenge exists in the delegation of authorization control to administrators and end users. If administrators manage both controls they quickly become bottlenecks as they must control authorization for all content being added. If end users handle both activities document security may be compromised as users may be given edit or delete privileges to files in the system that they should only be able to read. Document security and authorization becomes even more critical in Extranet situations when non-employees need to be carefully restricted to what they can see and do when accessing company files.
The most effective blend of Authorization control is a split between administrators and content contributors with contributors controlling access to the documents and administrators controlling read, add, edit and delete access to the system.
In FileHold administrators maintain system level access controlling which users / groups can read, add, edit or delete content. Content contributors then control which users can access the content they add to the system. This extends to Document retrieval, ensuring that users can only retrieve content they are authorized to retrieve.
Step
1.
|