Thefts of organisations proprietary information are on the increase, which can put at risk a company’s revenue and potential profit, their competitive advantage, and hard earned customer relationships; generating adverse and negative publicity in the media; and potentially resulting in considerable fines and / or penalties for failure to comply with or breach of privacy laws.
Many information security solutions endeavour to protect electronically created documents only at their location of storage or at some point during transmission. For instance, there are organizations relying entirely on document management systems and virtual private networks (VPNs) to protect their documents.
With this approach document security remains an issue because these solutions only secure the communication lines or storage location; and don’t provide protection for the actual content of the electronically created document throughout its lifecycle.
When the document reaches the recipient, protection is lost, and the document can then be intentionally or unintentionally viewed by and / or forwarded to an unauthorized recipients.
As a result, numerous businesses are forced to employ an inconsistent combination of online and paper processes in where sensitive documents are still being printed and physically hand delivered to attain adequate levels of security. Therefore, the possible benefits of online processing are not be fully realized.
How to provide persistent document security
Document control plus digital signatures means persistent document security
A considerably more successful solution for the protection of electronic document is to allocate security parameters that are integral to the documents themselves.
The following criteria identify constant document security:
Confidentiality – Who should have access to the document?
Authorization – What permissions does the user have for working with the document?
Accountability – What has the recipient done with the document?
Integrity – How do you know if the document has been altered?
Authenticity – How do you know where the document came from?
Non-repudiation – Can the signatory deny signing the document?
Six key criteria for providing persistent document security
Document Management Systems