Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security in Laserfiche Jason Rothenberg Presales Engineer.

Published byPatience Gregory Modified over 8 years ago

Similar presentations

Presentation on theme: "Security in Laserfiche Jason Rothenberg Presales Engineer."— Presentation transcript:

1 Security in Laserfiche Jason Rothenberg Presales Engineer

2 Agenda ‣ Types of security ‣ How to apply security ‣ Best practices

3 Authentication Who are you?

4 Authentication Laserfiche Users Windows Accounts LDAP

5 Authorization What can you do?

6 Authorization Privileges Feature Rights Access Rights Security Tags

7 Authorization Group 1Group 2

8 Entry Access Rights

9 To Allow or Not To Allow ‣ Allow ‣ Not Allow (Blank) ‣ Deny Deny overrides Allow ‣ Tip Use “Not Allow” instead of “Deny”

10 Scope – Access Inherited ‣ This folder, subfolder and documents ‣ This folder and subfolders ‣ Subfolders and documents only ‣ Documents only ‣ This entry only

11 Order of Precedence ‣ Inherited rights vs. Explicit rights  Allow (Folders, subfolders and docs)  Allow (inherited)

12 Order of Precedence ‣ Inherited rights vs. Explicit rights ‣ Explicit rights will take precedence over inherited rights  Allow (Folders, subfolders and docs)  Allow (inherited)  Allow (inherited) Denied (Explicit)

13 Making sense of Inherited vs. Explicit Rights

14 Inherited Allow, Explicit Deny Inspector allowed at Justice folder, subfolders and docs Inspector denied at Judge’s folder

15 Inherited Allow, Explicit Deny Inspector allowed at Justice folder, subfolders and docs Inspector denied at Judge’s folder Conclusion: Inspector cannot see Judge’s folder

16 Inherited Deny, Explicit Allow Inspector denied at Justice Folder Inspector allowed at his folder

17 Inherited Deny, Explicit Allow Conclusion: Inspector cannot browse to his folder. But he can search for his folder.

18 Scope Best Practices

19 Order of Precedence Goal: Let each user see their own folder

20 Order of Precedence Justice group is allowed at Justice Folder, and scope is “This Entry Only”

21 Order of Precedence Justice group is allowed at Justice Folder, and scope is “This Entry Only” Inspector allowed at his folder Judge allowed at his folder Lawyer allowed at his folder Rambo allowed at his folder

22 Order of Precedence Justice group is allowed at Justice Folder, and scope is “This Entry Only” Inspector allowed at his folder Judge allowed at his folder Lawyer allowed at his folder Rambo allowed at his folder 5 steps

23 Clashing Access Rights ‣ Group and User ‣ Order of Precedence Deny overrides Allow/Not Allow Allow overrides Not Allow

24 Order of Precedence Which right takes priority? -Explicit Access Rights Deny, Allow, or None -User allowed and group denied = user denied

25 Order of Precedence Which right takes priority? -Explicit Access Rights Deny, Allow, or None -User allowed and group denied = user denied -User denied and group allowed = user denied

26 Order of Precedence Which right takes priority? -Explicit Access Rights Deny, Allow, or None -User allowed and group denied = user denied -User denied and group allowed = user denied -User allowed, group not allowed = user allowed

27 Order of Precedence Which right takes priority? -Explicit Access Rights Deny, Allow, or None -User allowed and group denied = user denied -User denied and group allowed = user denied -User allowed, group not allowed = user allowed -User allowed, group allowed = user allowed

28 2 Methods for Security 1.Allow all, then deny 2.Not allow, then allow ‣ Tip Not allow, then allow Use Scope and “This Entry Only”

29 Security Tags

30 Security tags offer flexible security Tags must be assigned to user Users can only use assigned tags Only users with tag can see document

31 Security Tags

32

33

34

35

36

37 Metadata Access Rights

38 Field Security Rights ‣ Read ‣ CreateApplicable to filling out fields ‣ Edit ‣ Modify Field ‣ Delete Field ‣ Read Security ‣ Modify Security } Field management } Access management

39 Template Security Rights ‣ Read Template ‣ Modify Template ‣ Delete Template ‣ Read Template Security ‣ Change Template Security

40 Volume Security Rights

41 Manage Volumes Delete Volume Read Volume Security Change Volume Security

42 Takeaways ‣ Use groups efficiently ‣ Easily administer security ‣ Don’t get deny happy ‣ Successfully secure your repository

43 Questions?

44 Security Resources ‣ Online Help Files: ‣ Security Administration Security Administration ‣ White Papers: ‣ Best Practices in Laserfiche Security Best Practices in Laserfiche Security

Download ppt "Security in Laserfiche Jason Rothenberg Presales Engineer."

Similar presentations

DIGIDOC A web based tool to Manage Documents. System Overview DigiDoc is a web-based customizable, integrated solution for Business Process Management.

DIGIDOC A web based tool to Manage Documents. System Overview DigiDoc is a web-based customizable, integrated solution for Business Process Management.
Using the Self Service BMC Helpdesk

Using the Self Service BMC Helpdesk
Informer Security PRESENTER: Tim Nicholson | | March 5-6, 2012.

Informer Security PRESENTER: Tim Nicholson | | March 5-6, 2012.
File Server Organization and Best Practices IT Partners June, 02, 2010.

File Server Organization and Best Practices IT Partners June, 02, 2010.
When you combine NTFS permissions and share permissions the most restrictive effective permission applies. For example, if you share a folder and assign.

When you combine NTFS permissions and share permissions the most restrictive effective permission applies. For example, if you share a folder and assign.
1 Chapter Overview Understanding and Applying NTFS Permissions Assigning NTFS Permissions and Special Permissions Solving Permissions Problems.

1 Chapter Overview Understanding and Applying NTFS Permissions Assigning NTFS Permissions and Special Permissions Solving Permissions Problems.
1 Chapter Overview Understanding NTFS Permissions Assigning NTFS Permissions Assigning Special Permissions.

1 Chapter Overview Understanding NTFS Permissions Assigning NTFS Permissions Assigning Special Permissions.
MIS 431 - Chapter 51 Chapter 5 – Managing File Access MIS 431 Created Spring 2006.

MIS Chapter 51 Chapter 5 – Managing File Access MIS 431 Created Spring 2006.
Hands-On Microsoft Windows Server 2003 Administration Chapter 5 Administering File Resources.

Hands-On Microsoft Windows Server 2003 Administration Chapter 5 Administering File Resources.
11 SHARING FILE SYSTEM RESOURCES Chapter 9. Chapter 9: SHARING FILE SYSTEM RESOURCES2 CHAPTER OVERVIEW  Create and manage file system shares and work.

11 SHARING FILE SYSTEM RESOURCES Chapter 9. Chapter 9: SHARING FILE SYSTEM RESOURCES2 CHAPTER OVERVIEW  Create and manage file system shares and work.
Lesson 4: Configuring File and Share Access

Lesson 4: Configuring File and Share Access
By Rashid Khan Lesson 8-Crowd Control: Controlling Access to Resources Using Groups.

By Rashid Khan Lesson 8-Crowd Control: Controlling Access to Resources Using Groups.
1 Securing Network Resources Understanding NTFS Permissions Assigning NTFS Permissions Assigning Special Permissions Copying and Moving Files and Folders.

1 Securing Network Resources Understanding NTFS Permissions Assigning NTFS Permissions Assigning Special Permissions Copying and Moving Files and Folders.
Group Accounts; Securing Resources with Permissions

Group Accounts; Securing Resources with Permissions
11 SHARING FILE SYSTEM RESOURCES Chapter 9. Chapter 9: SHARING FILE SYSTEM RESOURCES2 CHAPTER OVERVIEW Create and manage file system shares and work with.

11 SHARING FILE SYSTEM RESOURCES Chapter 9. Chapter 9: SHARING FILE SYSTEM RESOURCES2 CHAPTER OVERVIEW Create and manage file system shares and work with.
Chapter 5 File and Printer Services

Chapter 5 File and Printer Services
Sharing Resources Lesson 6. Objectives Manage NTFS and share permissions Determine effective permissions Configure Windows printing.

Sharing Resources Lesson 6. Objectives Manage NTFS and share permissions Determine effective permissions Configure Windows printing.
CN1176 Computer Support Kemtis Kunanuraksapong MSIS with Distinction MCT, MCTS, MCDST, MCP, A+

CN1176 Computer Support Kemtis Kunanuraksapong MSIS with Distinction MCT, MCTS, MCDST, MCP, A+
Chapter 7: WORKING WITH GROUPS

Chapter 7: WORKING WITH GROUPS
IOS110 Introduction to Operating Systems using Windows Session 8 1.

IOS110 Introduction to Operating Systems using Windows Session 8 1.

Similar presentations

Ads by Google