I’ve realised over the last few weeks that we (software engineers in IT) seem to have made security for Documents and Folders (whether in a Document Management System – DMS or just on a file share) overly complicated. Add to this the fact that we’ve now added powerful search engines over the top and guess what? We’re finding things are not secured the way we expected!
So here’s my suggestion for a simple security model from a real world perspective. Let me have your thoughts in the comments. Who knows maybe a DMS vendor will take note and implement it?
What do we have in the real world?
- A document or many documents.
- Which can be stored in a folder, or maybe collated into a set of folders for a matter or project.
- Then these are stored in a filing cabinet/pedestal. Right?
In the real world where is the security applied? By default it’s only accessed by those in the company (secured by building or floor access). Then if there are confidential items the filing cabinet/pedestal is locked and access to the key given to those that need it.
So how about we implement this for an implementation for the the DMS?
- The DMS as a whole is your firm, accessed by your employees.
- Now make a choice at implementation of the DMS – Do you apply the key to the filing cabinet (i.e. a DMS library) or do you wan to apply the key to a matter (i.e. a collection of files)?
Then during use the simple question is for the level you chose
- Who do you want to see this? Is it everyone on the firm, a group, or a few individuals?
That’s it, I’d have no granular security below this. Bottom line would be if you need security below, then set up a new collection of files.
But hang on, what about those cases where you need to share a document or file? Say you need some advice internally on a document but you don’t want to open up the whole matter.
- So final addition would be to introduce a concept of lending, in the real world you’d borrow a file or document and then put it back in the file. Do the same, set up a time limited “guest pass” for any point at lower levels (i.e. a folder or a document). That way if you forget to revoke the system will correct itself.
That’s it. I challenge you to think of any scenarios it can’t handle?