Skip to main content

Document Security

Document Security can be accessed from your Records Management Dashboard.

Groups and Marks

Document Security introduces two new concepts to federation:

Security Marks:
A piece of metadata that can be applied to a document or user/group. Once applied to a document, only users and groups with that mark will be able to interact with this document. Security Marks can only exist as part of a Security Group and are not shared between groups.

Security Groups:
A collection of Security Marks which enforces rules on how federated search interacts with its marks. There are three types of Security Groups:

AnyA user must have anyone mark in the group to see documents with these marks
AllA user must have all marks in the group to see documents with these marks
HierarchicalThe marks are ordered from highest to lowest clearance. A user has clearance to see documents which have marks at their level or below

Security Officer Role

The security officer is the only type of user who can interact with document security. Once given this role, the user will also have all security marks and their list will be updated when new marks are created. This role can be assigned by editing the user in the Simflofy Admin UI

Security Groups and Marks page

In order to access security marks in the ui, use the Records Management menu.

Select Security Marks and Groups

Creating Groups and Marks

On the left of the page is the list of security groups. They can be edited, and, if none of their security marks have been applied to content, an option to delete them will be available. The creation and deletion of Security Marks is not finalized until clicking Save. Security Groups must always have at least one Security Mark.

On the right of the page is the list of security marks for the group. The Marks can be reordered as needed to fit a hierarchy, with the top mark being the highest security level. A specific color can be set for the group so that marks will be easier to differentiate.

Create Security Groups and Marks

Assigning Groups and Marks

Next to the Security Groups tab, you can find the Assign Marks tab. Here you will be provided with a generic search for all users and groups in the users' organization (or all organizations depending on the users permissions)

Assign Marks

Once selected, the users current security settings will appear in the form of columns.

User Security Settings

After selecting the marks to apply to the user, click Assign Marks.

Assign Marks

Security Widget

This widget is only visible to users with the Security Officer role. It exists in both the Federated Search and RM Dashboard templates without any additional configuration.

Adding Marks to Documents

The options to add and edit marks are in the Document Actions menu. The option to edit marks will only appear if the document has security marks to edit.

Select Add Security Marks to Document

This will open a modal that will let you view the various security groups available and add marks one group at a time to the document.

Adding Security Marks

To bulk add marks to documents select multiple documents and click Bulk Document Actions menu, then click Add Security Marks.

Bulk Add Security Marks

Adding marks this way will attempt to add marks, regardless of the current marks on the document. If duplicate marks are selected they will not be added again. If you attempt to add a classified mark to a document that is already classified, the action will fail.

Editing Marks on Documents

This menu can be reach by click Edit Document Security, and should look like this:

Edit Marks on Documents

Note that only documents with security marks will appear, regardless of what documents are selected. If a document has no marks, add them using the Add Security Marks menu.

If the de-classify check is checked for a document, it will completely remove the documents classified mark if it has one. If the document is already declassified, the checkbox will simply be a checkmark.

The arrows on either side of the mark names allow you to upgrade or downgrade the level of a hierarchical mark. All available marks from non-hierarchical groups will be presented so that they can be added or removed from the document. Applying marks in this manner will completely overwrite the current list of security marks on the document.

Editing Marks for Records

The widgets work the same regardless of whether you're in the RM Dashboard or in Simflofy Search. If a document is also managed by the RM Module, its record metadata will be updated along with the index. If a record is updated through the RM Dashboard, its record metadata will be updated along with the source document index.

Searching for Records

All the same security rules for searching documents apply to searching records. Even an RM Manager will not be able to see documents above their clearance.