Document Security can be accessed from your Records Management Dashboard.
Groups and Marks
Document Security introduces two new concepts to federation:
A piece of metadata that can be applied to a document or user/group. Once applied to a document, only users and groups with that mark will be able to interact with this document. Security Marks can only exist as part of a Security Group and are not shared between groups.
A collection of Security Marks which enforces rules on how federated search interacts with its marks. There are three types of Security Groups:
|Any||A user must have anyone mark in the group to see documents with these marks|
|All||A user must have all marks in the group to see documents with these marks|
|Hierarchical||The marks are ordered from highest to lowest clearance. A user has clearance to see documents which have marks at their level or below|
Security Officer Role
The security officer is the only type of user who can interact with document security. Once given this role, the user will also have all security marks and their list will be updated when new marks are created. This role can be assigned by editing the user in the Simflofy Admin UI
Security Groups and Marks page
In order to access security marks in the ui, use the Records Management menu.
Creating Groups and Marks
On the left of the page is the list of security groups. They can be edited, and, if none of their security marks have been applied to content, an option to delete them will be available. The creation and deletion of Security Marks is not finalized until clicking Save. Security Groups must always have at least one Security Mark.
On the right of the page is the list of security marks for the group. The Marks can be reordered as needed to fit a hierarchy, with the top mark being the highest security level. A specific color can be set for the group so that marks will be easier to differentiate.
Assigning Groups and Marks
Next to the Security Groups tab, you can find the Assign Marks tab. Here you will be provided with a generic search for all users and groups in the users' organization (or all organizations depending on the users permissions)
Once selected, the users current security settings will appear in the form of columns.
After selecting the marks to apply to the user, click Assign Marks.
This widget is only visible to users with the Security Officer role. It exists in both the Federated Search and RM Dashboard templates without any additional configuration.
Adding Marks to Documents
The options to add and edit marks are in the Document Actions menu. The option to edit marks will only appear if the document has security marks to edit.
This will open a modal that will let you view the various security groups available and add marks one group at a time to the document.
To bulk add marks to documents select multiple documents and click Bulk Document Actions menu, then click Add Security Marks.
Adding marks this way will attempt to add marks, regardless of the current marks on the document. If duplicate marks are selected they will not be added again. If you attempt to add a classified mark to a document that is already classified, the action will fail.
Editing Marks on Documents
This menu can be reach by click Edit Document Security, and should look like this:
Note that only documents with security marks will appear, regardless of what documents are selected. If a document has no marks, add them using the Add Security Marks menu.
If the de-classify check is checked for a document, it will completely remove the documents classified mark if it has one. If the document is already declassified, the checkbox will simply be a checkmark.
The arrows on either side of the mark names allow you to upgrade or downgrade the level of a hierarchical mark. All available marks from non-hierarchical groups will be presented so that they can be added or removed from the document. Applying marks in this manner will completely overwrite the current list of security marks on the document.
Editing Marks for Records
The widgets work the same regardless of whether you're in the RM Dashboard or in Simflofy Search. If a document is also managed by the RM Module, its record metadata will be updated along with the index. If a record is updated through the RM Dashboard, its record metadata will be updated along with the source document index.
Searching for Records
All the same security rules for searching documents apply to searching records. Even an RM Manager will not be able to see documents above their clearance.