You are viewing limited content. For full access, please sign in.

Question

Question

Human Resources in Laserfiche

Laserfiche Security
Updated March 23, 2015
asked on March 20, 2015 Show version history

Hi,

Recently we have come across a scenario whereby a HR department would like to migrate all their documents into their existing Avante system. Currently the system is accessed by the whole company, comprised of a number of different departments, and managed by an on-site IT admin for Laserfiche maintenance.

The users are split up into the following:

Directors - Full Access & Privileges, Bypass Browse enabled.

IT admin - Full Access & Privileges, without access to view Directors documents. Roles consist of things such as: Adding new users, updating Metadata, assigning Access Rights etc.

HR - Limited Access & No Privileges. Currently they have a 'testing' HR folder structure in the Repository that can only be viewed by users of the HR group & the Directors. 

Basic Users - Limited Access & No Privileges. Can only see what they need to.

 

In order for us to migrate the existing documents to the repository, and for the HR admins to begin to use Laserfiche for these sensitive documents we would need to setup a secure infrastructure in Laserfiche to limit the levels of access that users can have - when both handling documents in the system and administering it.

 

The problem we see with this is that there is no real way to lock users out of folders - as there always appears to be a loophole somewhere. If the IT admin user is to Manage Trustees in the system, then effectively they could add themselves to the HR group, if the HR documents are locked by a tag, and a user has the Manage Tags privilege then they could add themselves to the tag group etc... 

 

I know this is the case with most file systems, it would be the same with a Windows file share, but I was wondering whether there were any solutions or perhaps any ideas to get around this?

We had an idea to get a second repository put in place, and only setup the HR users in this repository, should any faults or errors occur then we would handle the issues ourselves.

 

Thanks in advance ! :)

Dom

 

0 0

Replies

replied on March 20, 2015

You are correct there is always a way in. Workflow has  to have access in order to move documents around. Whoever set you system up knows that password. In all the companies that I set system up for in the past realized that and usually had someone that was trusted to be able to have full access with the Admin User account. Almost every company I have worked for had someone or a couple of someone's that had full access to everything, that is really about the only way for the Network and Laserfiche to be managed properly. 

2 0
replied on March 20, 2015 Show version history

I second Derek's comment. Usually those people are IT or whoever is the Laserfiche Admin. If that person can't be trusted, I believe that's an internal issue that you can't really resolve.

As a rule of thumb for our organization, the Admin user has access to everything across the board so that if anything were to happen, everything can still be accessed. Only a few people have the log in information for that user though.

2 0
replied on March 20, 2015 Show version history

To add to the consensus; my background is corporate IT Management and in our environment IT by necessity had access to everything.  We had policies and procedures in place that provided specific direction on how and when we accessed the systems, who could access what, and just as importantly who had authority to direct us to access specific systems.  We also had full audit trail capabilities on all systems and provided regular audit reports to the "C" level administrators and the Risk Manager.  Perhaps that approach would work in your environment as well?

4 0
replied on March 20, 2015

My general recommendation if this is a concern has been to recognize that some administrative users will always be able to grant themselves rights and then ensure that this is audited. Then if they do start abusing these privileges, you will have a record that they are granting the rights to themselves. 

That said, as Blake and others noted above, it's pretty much always going to be the case that IT has ways to access data simply be the nature of how windows networking, sql management, etc. is setup, and trust concerns with IT is a major internal issue independent of any single application. 

2 0
replied on March 23, 2015

Hi guys,

 

Thanks a lot for all your responses. It looks like it will be up to the trust of the customer and their onsite administrators to deal with how they want to go about handling these confidential documents. We can limit the access rights as much as we can but Audit Trail might be something to suggest to accompany this procedure.

 

What are your thoughts on the idea of setting up a second repository on the server (Avante environment)? We though about adding a Human Resources repository alongside their current repository, and setting up only those users within the HR Department, for which they would have to manage themselves. We could configure the Workflow to monitor the second repository and should any issues occur, we would fix any issues to prevent any on site Admins from having access. Any obvious issues with this that anyone can see?

 

Thanks again!

0 0
replied on March 23, 2015

For someone very concerned about this, adding a second repository and licensing advanced audit trail is really your best approach. Upon setup, make it so the administrators do not have read privilege for documents. This will make it so if someone does escalate privileges, it will be logged with audit trail.

The thing is though, if someone is very determined they can always go to SQL and  find image files on the hard drive.

0 0
You are not allowed to follow up in this post.

Sign in to reply to this post.

Details
Related Posts
Loading ...