FileHold Security Features

FileHold provides many means of user authentication and authorization to the electronic document storage. Authentication ensures that people are who they claim to be. Authorization uses this information to grant the appropriate level of access control to the document filing software.

Document Level Security

The system provides an additional layer of authorization control by restricting access to content within the library. This second layer of authorization control is essential in extranet situations when non-employees need to be restricted to only the content that is relevant to them. Authorization also extends to protect specific document types from being viewed in the system by non authorized users. The software controls access to the following content items in the library:

  • Access to Filing Cabinets - In many cases users have to be restricted to a specific area of the library. Cabinet memberships allow library administrators to quickly create dedicated sections (cabinet) of the library for different departments or groups. Granting file and folder access is restricted to the subset of users that have access to the cabinet.

  • Access to Files and Folders - Documents are contained in folders and folder membership controls who has access to the documents in the folder.

  • Access to Different Types of Documents - Some documents are more sensitive than others, for example performance reviews or expense reports. Document schema membership ensures only the correct users will have access to documents regardless of their location. Each document is assigned a schema; sometimes referred to as a document type or document template. The schema defines many attributes of the document including which users will have access to the document. If a user is not a member of the document schema they will not be able to see the document even if it exists in a folder they are a member of. 

  • Access to Approved Documents - There are documents that should only be visible to most users when they are approved. The document schema defines if documents should be hidden from most users when they are in a draft state. The documents will only become visible to a wider group of users when an approval workflow has been completed on the document.

Global Security Features

In addition to the features of any secured web application, running on Windows Server, that is properly utilizing IIS while running in a firewalled secured area of the network, the document management software offers the following additional Global Application Security Features:

  • Single Point of Logon (Authentication) - The software is accessible through a common logon screen providing a secure 'Front Door' to the entire system. Users first log on by providing a unique username and password. Each user's password is encrypted and verified against their account information held in a secure user accounts database or against the directory server the document management server is synchronized with.

  • Web Services Security - All the software Web Services require authentication preventing unauthorized users from sending or retrieving anything to the document management server by bypassing the web client or smart client authentication systems.

  • SSL Support - The software can be deployed under SSL (Secure Sockets Layer). SSL is an industry standard protocol and is supported by all major Web servers and browsers.

  • Session Security Services - Users are automatically disconnected after a configurable period of inactivity. Session variables are kept server side, and no information is left on the client browsers. This way if a different user accesses the browser at the same computer, no information is available until they log on as a new user.

  • Template Level Security - Template level security restricts execution and direct access to applications unless the user has the proper permissions by quickly checking a users access rights at every visit to every page.