This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Security Keyword and alerts on retrieval of specific documents

Marlyn_Soto
Confirmed Champ
Confirmed Champ

‎04-19-2019 07:49 AM

We have a need to further restrict docs within a specific document type.  I know that security keywords can accomplish this added security.  My IT security team however is also interested in knowing if we can add alerts to the history log.   Is anyone successfully accomplishing the request below via workflow or another baseline option?

 

  1. Can we audit and create an alert if any OnBase user retrieves a particular document that we have identified as restricted? In this case we would lock down the document with a specific security keyword to a small group of admins that need to have access.  Would we be able to use workflow or another option to send alerts when the document is retrieved by one of those authorized admins?  This would be required for docs associated with only 2 or 3  individuals.  
  2. Can we create an alert if multiple OnBase users access a particular document(s) in a short period of time? Specifically we set a window and a threshold.  Ex. If the doc for ID 1234 is retrieved more than five times in a week.  

Thank you for any any insight that you can share.  

Labels:
0 Kudos
1 REPLY 1

Eric_Beavers
Employee
Employee

‎04-19-2019 08:41 AM

I think you are approaching the solution design in the wrong way. If I understand the business problem correctly, a question of User Access,  then I feel that notifications after the fact are too reactive.

What if you took a more proactive solution approach?

The most common example I see when sensitive information is involved is a ROI workflow (Request for Information).  It starts with a user filling out a form requesting access/view of some restricted content. This heads into an approval workflow where notifications, logging, and human interaction (gatekeepers/auditors) can control precise access. Workflow would also let you count related requests or leverage Queue Monitoring(advanced tab in studio, properties window). If access is approved, the related content is added to a queue, load balanced to the specific requestor user, and a timer limits the access. Outside of workflow the user generally has no rights to the content (retrieval, doc type, view keywords), so it only becomes viewable when in the user's queue.

In more recent years,  ROI solutions have been taken further by the ability to leverage the cloud hosted ShareBase with access, expiring links, collaboration, and many other powerful options.

0 Kudos
Getting started

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2024 Khoros, LLC