A customer has added an additional layer of security requirement for publishing documents for individuals to see on the world wide web. The customer is interested in having a separate environment for all internal use and an external (second environment) within their DMZ for all published documentation for individuals to see through Public Portal/Web Link. The customer is worried about outside forces breaking through and having access to all documents that they are not supposed to have.

A few environmental notes. The customer is running Laserfiche Rio and has purchased Public Portal for remote access of documents. We have proposed having a “Production” environment for all day to day activities the company will be running and an “DMZ” environment for the web facing material.

First question: what is this the best approach for keeping only the documents that the organization wants to share with the public?

Second question: if two environments are implemented to separate the web facing documents, what is the best why to manage the documents between the two environments?

We have identified a potential complex process for moving documents between the Production and DMZ environments. Our initial thought is a 3 step process.

1. When a users would like to make a document public within their repository, they will click a “Publish to Public” business process icon within their toolbar. The business process workflow would create a copy of the document and/or folder and apply a Tag to the document and move the items to a “zz_Public Portal” folder for the department.
2. A workflow server dedicated to monitoring for these tags, would replicate the documents within the “zz_Public Portal” folder to the DMZ Environment. The workflow would always need to check the last modified date of the document to ensure the most current version of the document is available.
3. All of the public documents would be saved into a central repository within the DMZ Environment for viewing through Public Portal.

Has anyone has similar requirements from either their internal organization or customer? How did you overcome these challenges to implement a solution?