Version 12.0.0.3700
Overview
Security classes define the accessibility of folders and the content within, as well as the retention for that content (e.g. how long it must be retained and stored for legal purposes or otherwise). Security classes are applied a the Folder level and Document level, and can be customized to suit your unique business policies, security environment, and legal obligations. Expand any of the sections below to learn more about Security Classes:
Understanding PSIsafe Security Classes
PSIsafe Administrators have the role of creating these security classes and retention lengths for folders and content within. If a user has access to the class, they will be allowed to access the folder. As documents are imported or created in PSIsafe, a security class is applied to the document from a dropdown list under the Options tab, as in the following screenshot:
Classes are an integral part of system access and document control, and should be reviewed carefully by the appropriate administrative staff if the business environment requires security policies to be enforced. Sensitivity class (Security Access) is used to define security settings for folders and the content within. As folders are created in PSIsafe, a class is applied to the folder for security purposes.
There are two Sensitivity Class levels: Folders and Documents. After creating sensitivity classes, rights are assigned to individual users and/or groups. For example, if a business only wishes for the HR Management Team to see specific content, am HR-Managers level security class will be created. Then, users will be assigned rights to this security level under Access > Rights, as in the following screenshot:
Only users with rights to HR-Managers will see the folders with that security class assigned when logged into PSIsafe. For more information on Access Rights, see the sections below, or jump to the PSIsafe Administrator Guide: Access Rights.
Adding & Modifying Folder Classes and Rights
A list of current folder classes will be displayed. To edit a folder class click on the class to be edited and update the name under the Folder Security Edit on the right. To add a class click the "Add" button and enter the new class name followed by the "Save" button.
Folder Rights
These are assignable under Access > Rights in the Management window. See the PSIsafe Administrator Guide: Access Rights article for full details.
- Preview – Allows the user to use preview in a folder
- View – Allows the user to view folder indexes
- Edit – Allows the user to change folder indexes
- Create – Allows the user to create a new folder
- Delete – Allows the user to delete a folder
- Lock – Allows the user to lock a folder and keep other users from doing anything to it
Adding & Modifying Document Classes and Rights
Classes for documents are enhanced security for documents which allow administrators to apply certain rights to users. Document classes simply provide a name with which to assign access rights. There are two special classes, {Read-Only} and {Non-Delete}. Users may delete a {Read-Only} document if they have delete rights, however no one can edit a document assigned to this class even if they have delete rights. If a document has been added with the {Non-Delete} class, no one (not even the system administrator) will be allowed to delete the document. While 250 blank Document Security Classes are created by default to allow for easy editing, the number of allowed Document classes is unlimited.
NOTE: The {Non-Delete} document class should only be used for documents which should never be deleted.
NOTE: The {Read-Only} and {Non-Delete} classes are located at the bottom of the Document Security List.
Classes can be added by clicking the "Add" button and entering the new class name. To edit a document class name choose the class to edit from the list and enter the new name. Remember to click "Save" after entering/editing the class name.
Document Rights
These are assignable under Access > Rights in the Management window. See the PSIsafe Administrator Guide: Access Rights article for full details.
- Preview – Allows the user to preview the document
- View – Allows the user to view the document in its native application.
- Export – Allows the user to print, email, or export the document to the file system on the PC being used.
- Edit – Allows the user to edit the document with its native application.
- Create – Allows the user to create a document with this access level.
- Delete – Allows the user to delete a document.
- Lock – Allows the user to lock a document and prevent other users from accessing it.
Adding & Modifying Retention Classes
Retention classes are used to enforce retention policies as defined in the organization. For instance, many CPA’s must keep certain documents for 7 years. To enforce this, when a document is added to PSIsafe, a retention class may be added to the document. This will not allow the document to be deleted even if the user has delete rights. Click on the "Add" button to setup a new retention class. Once the fields below have been filled click on the "Save" button.
-
Description - Enter a class name.
-
Duration Time - Select how long in days, months, or years to retain the documents.
-
Enter Duration - Enter the amount of days, months, or years.
-
Retention Types - All types prevent editing of documents even after the retention period has expired. When defining retention, a type must be chosen.
- Modifiable – This retention type allows resetting the retention policy. The policy can be set to any other retention policy including none. If set to none, the document can be edited. It also allows changing the retention type in the management console from modifiable to another type.
- Fixed – This retention type sets the retention to the defined period of time for the policy. The document can only be deleted or archived once the retention period expires. Editing of the document is not allowed. The retention type can be changed to another type in the management console. This would potentially allow for editing of the document if the type was set to modifiable, then the retention policy assignment was changed to none.
- Indefinite – This retention type sets the retention period to never ending. The retention type can only be set to a policy with Permanent type from this retention type. During the indefinite setting, the document cannot be edited or deleted from the system.
- Permanent – This retention type, once set, cannot be changed to any other type or policy. The document assigned this retention type cannot be edited. It cannot be deleted or archived until the retention period has expired.
Keywords: PSIsafe Management Key Concepts, How to create folder classes, How to create document classes, How to create Retention settings, How to Use Classes PSIsafe, How to Create Classes PSIsafe, Security Classes PSIsafe
Comments
Article is closed for comments.