Access control and the EDMS

Posted on November 21, 2008. Filed under: Business, Collaborative Business, Document management, Risk Management, Technology | Tags: cloud computing, collaborative business hub, collaborative document management, COR² Technology, Document management, Risk Management, The COR |

How do you control access to your critical documents? Most of you don’t! To most of you putting the information in a drawer is secure enough in your mind. Do you really want your proprietary documents accessible to anyone who opens the drawer?

Access control for document management can be as simple as a network log in or as complicated as an eye screen. In any access control model, the entities that can perform actions in the system are called subjects, and the entities representing resources to which access may need to be controlled are called objects. Subjects and objects should both be considered as software entities, rather than as human users: any human user can only have an effect on the system via the software entities that they control. Although some systems equate subjects with user IDs, so that all processes started by a user by default have the same authority, this level of control is not fine-grained enough to satisfy the Principle of least privilege, and arguably is responsible for the prevalence of malware in such systems

Most EDMS providers have offer an authentication system for logging in users. This can be a major differentiator when looking for an EDMS provider.