Mechanism “Controlling access to the document”

It allows you to automatically manage the access rights to any documents in the system.

Flexible rules allow both access to new documents,  and automatically update the access for users during the document workflow

To whom can document access be granted?

  • User.
  • Positions.
  • Group.
  • Organizational units.
  • Privilege.
  • Policy.

What are the access level to documents?

  • Allowed to read and edit.
  • Allowed to read, editing is allowed only to the author of the document.
  • Allowed to read, edit prohibited.
  • Access is denied.

Inviting a new to the system / User registrations

The invited user receives an email with instructions and a registration link unique to them.

The first authorization process in the system includes several stages

  • Verification form.
  • Terms and conditions display at login.
  • Acceptance of system policies.
  • A page with instructions (optional).
  • Authorization form.

Registration links are customisable

  • Invitation can be time sensitive
  • Invitation expiry time is customisable.
  • Link length is customisable.

Auto disconnection of inactive user

If the user does not perform any operation the system can automatically close the inactive session.

  • Setting of the user`s downtime is set in minutes.
  • Session inactivity timeout can be set in minutes.
  • The user can acknowledge the disconnection warning and continue working.

After disconnection, the user can re-login and continue working, from the place they were disconnected.

Centralized password management

Options to set complexity of the for password

  • Use capital letters – Yes / No
  • Use lowercase letters – Yes / No
  • Use numbers – Yes / No
  • Use different symbols (except Space) – Yes / No
  • Minimum password length – number of characters

Additional settings

  • Password change interval
  • Prevent use of previous passwords

Anonymous connections to the system

By default, this feature is disabled. This means that only authorized users can work in the system. This extra level of security is recommended for closed corporate systems and for systems with highly confidential information.

 

Access control a to database and application

Access can be granted to a database or application.

Who can receive access?

  • User
  • Positions
  • Group
  • Organizational units
  • Privilege
  • Policy

What are the access levels?

  • Manager – the maximum possible access rights, such rights usually has only the main administrator.
  • Designer – can edit any documents, design of the application and business logic.
  • Editor – can edit any document in the current application.
  • Author – can create new documents and edit only their documents in the current application.
  • Reader – can only read documents.
  • Depositor – can only create new documents, any existing documents are not available, even those that the user has created previously.
  • No access – access is denied.

For additional security, additional roles can be created.

Encryption, authentication, and integrity of data transmitted over the network

ClevaDesk has the ability to use SSL and TLS certificates.

TLS – a hybrid cryptography system that uses several cryptographic approaches.

The TLS protocol provides:

  • Encryption
  • Authentication
  • Integrity