Document Management and Rights Management

Protection Against Unauthorised Access

Every enterprise has its secrets – for example, the new sales concept in its last stage of development – or confidential personnel data only intended for the HR department. One thing is common to all this information: It should only be made available to certain people. ArcFlow guarantees that the security and anonymity requirements of certain documents are fulfilled.

A document management system (DMS) ensures that all documents in the company are filed and archived in a structured manner. Whether we are talking about an invoice document, which can be viewed by all employees, the not-yet-official sales concept or a strictly confidential credit contract does not really matter. The manager usually files his confidential documents in a special folder which is either not accessible to others or only accessible to a limited number of persons, such as management members. However, this does not guarantee real anonymity as apart from the management there is one further person in the enterprise who can view the information: the administrator.

Allocation of Ownership Rights

For the reasons stated above the ArcFlow DMS integrates a technology for the complete protection of documents against unauthorised access. The system enables the blocking of access rights to specific documents for everyone, including the administrator, without removing these from the general access folder. The file is simply completely invisible to both the users and the administrator. Document access is granted by the manager through granting socalled rights of ownership to selected users. Depending on the respective settings a user who has been granted the right of ownership may only be able to read a document or he may be entitled to also edit and delete it.

The author of the file can define a password in order to allow a user access to a document without giving him owner rights in the rights table. This allows a user to access a document, independent of the existing rights definition. This alternative method saves time in such cases where, for example, a whole department needs to be granted access to a single file. Further settings providing additional document security are possible. For example, a superior, who is the author of a document, can set read-only or editing rights both for himself and others. A change of the rights definition is then required prior to deleting the file. An erroneous deletion of the file can be prevented in this way.

Non-Compromising Security

Through the use of this technology ArcFlow guarantees that the security and anonymity requirements of certain documents are fulfilled. Confidential data and non-official information is simply made invisible to the users so that not even the administrator can access it anymore. For the management, however, nothing changes – they can continue to process the document as they did before – without having to make any changes to the rights structure.