No, we’re not talking about an elite sect of the Central Intelligence Agency. This article is about how to bring control and security to your organization’s unstructured content (e.g., documents, emails, voicemails and the like — essentially the information that is not housed in a database) according to the security principles of confidentiality, integrity and availability (CIA).
Most business processes revolve around documents such as proposals, reports, contracts, purchase orders and invoices that are read, reviewed, edited and handled by multiple people — both inside and outside an organization. But organizations are subject to many regulations governing data retention, confidential information, financial accountability and business continuity, so controls around document security must be established.
When it comes to an organization’s documents, an enterprise content management (ECM) system can help the organization adhere to the fundamental information security principles of confidentiality, integrity and availability.
The principle of confidentiality protects an organization’s most valuable information from unauthorized access. The possible detrimental impact of non-compliance or a security breach on corporate reputation and value reinforces the importance of investing in solutions that ensure that sensitive business data — both structured and unstructured — is secure.
Let’s drill down into three ways ECM ensures confidentiality:
1. DoD- and VERS-certified solutions enable secure records management.
When it comes to records management certifications, there are two important ones to consider: DoD 5015.2 and VERS.
• DoD 5015.2: The Department of Defense (DoD) has rigorous requirements for ensuring that records are properly organized and managed. The DoD 5015.2 standard outlines requirements for managing classified records and includes requirements to support the Freedom of Information Act (FOIA), Privacy Act and interoperability.
• VERS: Endorsed by the State Government of Victoria, Australia, the Victorian Electronic Records Strategy (VERS) specifies a standard format for electronic records that focuses on data integrity and authentic archiving.
Unless an organization provides services to the State Government of Victoria, Australia, or the United States Department of Defense or one of its components, it is not typically required to meet the specifications of either standard. However, an ECM system that has been certified to meet stringent requirements for both organizing file structures and plans — and reliably preserving data — provides a multi-faceted set of tools to manage document lifecycle from initial capture to long-term archival.
For example, when it comes to managing classified or sensitive records, ECM allows an organization to secure individual documents with security tags and VERS classification levels. In order to see a document or folder with a security tag, a user must have been granted that security tag. VERS classification levels prevent users from moving high-security documents into lower-security folders.
When Ada County Sheriff’s Office deals with records that involve employees, their family members and high-profile citizens, it assigns a “Confidential” tag to these reports. This prevents unauthorized access by ensuring that only supervisors and the records manager can view these documents.
2. ECM gives you control over repository access.
In order to protect confidentiality, it is necessary to define and enforce appropriate access levels to information. There are three key security features an ECM system should provide to protect sensitive data, including:
• Unique users: A system with unique users allows administrators to control the level of access users have to view, modify or delete documents or folders in an ECM system. Each user should have unique security credentials, eliminating the need for shared passwords and allowing security best practices of role separation and least privilege.
• Windows authentication: Support for Windows authentication ensures that standard account policies such as password complexity and password expiration are inherited by the ECM system, while retention of Active Directory groups simplifies security delegation. Linking ECM to Active Directory also allows access to folders and documents in the repository to be granted or restricted based on the user’s department and role in the organization. For example, a human resources manager can view the files of all employees whereas the administrative assistant can only view his or her own personnel file.
In addition, certain users can be prevented from editing, printing or exporting documents, reducing the possibility of a document falling into the hands of an unauthorized third party. Along with restricting access to whole folders or documents, access can be restricted to certain parts of a document.
For example, the human resources recruiter may be able to view the job applications of all applicants for a new position, but will not be able to view the applicants’ social security numbers, which can be redacted from the job application’s image, text and metadata. The human resources manager, on the other hand, can be granted the right to see through the redactions.
• LDAP authentication: When each product has its own password, users tend to adopt poor security habits—such as using the same password repeatedly or using simple, easy-to-crack passwords like “password” or “admin.” ECM systems that support single sign-on using LDAP credentials eliminate these security risks by giving users authenticated access to the ECM system after they log into the network.
3. ECM tracks who sees an organization’s documents and what they do with them.
From Sarbanes-Oxley to HIPAA and the USA PATRIOT Act, the laws governing data protection and preservation create compliance challenges. ECM systems with auditing capabilities help organizations meet these challenges by automating the monitoring and reporting processes and expediting preparation for formal audits.
For example, an organization can configure its system to alert a manager every time certain documents are printed or exported to make sure that they are not shared outside the organization. If a document is printed, a watermark can be automatically applied to make it more difficult to pass the document off as someone else’s in the event that it is photocopied.
Look for a system that can track and monitor:
- Login and logout
- Creating, editing, printing or deleting documents
- Creating, editing or deleting templates, fields and annotations
- Adding security tags
- Exporting documents, volumes or briefcases
- Sending documents to the Recycle Bin
- Granting or revoking login rights for Windows accounts
- Adding or removing users from Laserfiche groups
- Modifications to access rights
- Modifications to repository-wide settings
- Creating, modifying or deleting users and groups
- Password changes
- Unsuccessful attempts to perform the actions listed above.
The principle of integrity allows organizations to maintain and assure the accuracy and consistency of data over its entire lifecycle. With ECM, a digital image of a document is captured and preserved in an unalterable format, such as TIFF, guaranteeing its integrity. Some ECM solutions allow organizations to convert both structured and unstructured content to non-proprietary TIFF and ASCII formats to ensure long-term access and security.
Look for an ECM system that can guarantee that the documents have not been modified or tampered with through methods such as:
• Digital signatures: A digital signature indicates that a document is authentic, has been signed by a particular person and has not been modified since the signature was applied. An ECM system can automatically notify a manager of any documents with invalid digital signatures so that the manager can quickly address the issue. For example, administrators and principals at Edgewood Independent School District use digital signatures to approve human resources documents such as new employee onboarding forms.
• Versioning: With version control, any changes to a document’s text, metadata, image pages and electronic document component will be retained in the document’s version history. It is easy to revert to an older version of the document if the changes that have been made are unnecessary or unauthorized. A manager can look at a document’s version history to see what changes were made, when they were made and by whom. A manager can also be automatically notified of any new versions to a particular document.
An advanced ECM system allows all documents that are part of an electronic business process to have all of the actions that have been performed on the document, the name of the person performing the action, and the date that the action was performed recorded in the document’s metadata. An accounting manager, for example, can simply open a check document in the ECM system and see who scanned the original invoice, who approved this invoice, and when the check was generated.
The principle of availability ensures that information is available when it is needed. ECM supports this principle by ensuring that unstructured data is properly maintained and accessible by authorized individuals at any time through:
• Mobile access: Users can log in to the ECM repository from any device and access the documents that they need to process or review without having to email or print copies. Thus, an ECM system provides centralized control of the content while embracing the mobile access of that information.
• Integration: In some of its most innovative uses, ECM serves as integrative middleware that links to line of business applications, allowing users to seamlessly access information using their current application as the front-end system. For example, ECM and CRM are integrated so that customer service agents can access signed documents from a client’s record in the CRM. When used as “integrative middleware,” ECM provides consistency, security and transparency to users across the organization, through familiar applications they use every day.
Wealth Enhancement Group LLC mitigated the risk associated with file theft and natural disasters by integrating its ECM and CRM systems. Client records are now stored and replicated on secure ECM servers and by the firm’s designated third-party as required by industry regulations. All client documents are accessible directly through the CRM with only authorized individuals having permission to access specific files.
• Backups: Since all of the ECM information is stored on servers and databases, a backup of the organization’s information, stored securely offsite, provides a relatively easy way to secure data, enabling work to continue even if offices are destroyed or the network is disabled.
Information can be both an asset and a liability. As regulatory and compliance mandates have raised pressures on organizations, the need to control unstructured forms of content has increased.
To ensure that your organization is protected from the perils of data breaches and regulatory compliance penalties, it’s crucial to adhere to the fundamental principles of confidentiality, integrity and availability. When it comes to document security, ECM is a vital component of your CIA strategy.
This article originally appeared in the December 2014 issue of Workflow.