Business problem solved – Securing access to documents

FileHold can give the right people the right permission to find the right document.

The Pain

You work in IT at a medium sized accounting firm. Each accountant used to have their own cabinet for files, with their own lock and key. As the company has grown, these cabinets moved to a central filing room with an administrative assistant who could control who gets in. Now the company is moving to a paperless system but panic has set in: who will monitor the files? What if the wrong person deletes all their documents? Will someone monitor around the clock to make sure the documents are always accessible? What’s this talk about storing other documents there, won’t that give building maintenance access to all the confidential files? You need to calm nerves and allay fears now.

The Solution – Secure User Roles in FileHold

FileHold understands that on a shared drive, organizations will need to implement internal security to control who can see which files, and then control what these people can do with files.

Security Through Library Structure

FileHold uses the familiar concept of Cabinets to form the structure for the document Library. Cabinets are user-defined and form the first line of security. If an organization had multiple departments, each one could have their own Cabinet, such as “Accounting”; “Sales”; “HR”, and only the users from each department could see the Cabinet (with administration being able to see all of them). Each Cabinet contains Drawers. For instance, the Accounting cabinet could have “AP”, “AR”, and “Payroll” Drawers. Inside the Drawer are Folders which have their own set of security standards. So one user might be able to see all the Folders, while another can only see the Folders for projects they’re working on. To get even more granular security settings, the document schema or "type", can also have specific security settings. While the entire sales team might see the Sales Cabinet, the 2017 Drawer, and all the Project Folders, only the Head of Sales can see the Sales Reports schema, filed right alongside all the other working documents. This lets each organization fine tune security settings to allow their different users to work in the same Library, while controlling what each user can specifically see.

Security Through User Rights

FileHold understands that different members of an organization need different access to their documents. Some need to be master of their documents with the ability to add, edit, and delete documents as needed while others only need to access the Library as a reference source. FileHold offers eleven levels of user roles, each with their own permissions. These range from the read-only permission, who is restricted to viewing and (possibly) downloading documents, all the way to System Administrator who has complete control of the system – and all roles in between. Document Publishers can add and edit documents, but not delete documents, while Publish and Delete users can do all three functions. Publishers can create some library structure like folders and folder groups, and Library Administrators can add documents, cabinets, drawers, and folders. No matter what role is needed for a role in an organization, FileHold has the right user security setting to help.

Bringing Structure and User Right Security Together

Through this set up, you can assign different access and permissions to each user based on their specific role. For example, if you have a payroll officer who also handles AP, they could be given access to the Accounting Cabinet as a Publisher and Delete to let them add and delete their own files. For the HR Cabinet, the payroll officer is given read-only access to reference files; the remaining Cabinets are hidden from them. Or, you could have a Shift Supervisor who can Publish files to the SOP Cabinet to let them file reports but not delete anything, requiring no additional supervision. Whatever the role for the users is for any organization, FileHold can find the perfect user security settings.

Group Users for Easy Assignment

FileHold encourages the use of groups to apply security at the Cabinet, Folder, and Schema levels. By assigning individual users to a group, system administrators can efficiently reassign roles to new users or to existing users with a change in duties. FileHold offers Active Directory synchronization to make this process even simpler.

Monitor Activity

Administrators can audit user activity, deleting, and versions. They can access complete activity logs for all FileHold interactions made in the system, showing who has done activity. The soft delete option that the administrator has a grace period to bring documents back in case of accidental deletion. Version control assures that accidental over-writing is eliminated. FileHold has these processes working away for you in the background to make sure your documents are secure.

Problem Solved

Departments have their own Cabinets, managers can monitor activity, and the staff can only add or delete what they own in the Library. Files are accessible to anyone with permission anytime they can access the system. Crossover is controlled between departments, and documents are secure. Nerves calmed, and fears allayed.

To see more about how FileHold can help your organization control access to your electronic documents, contact sales@filehold.com.

Image
Chris Oliver

Chris Oliver brings his twenty years of experience in management in the entertainment industry to FileHold Systems as the Client Training and Retention Advocate. To learn more about how FileHold DMS can work for you, contact him at [email protected].