"I don't have access to that!" Document management systems and information access governance

Controlling access to sensitive information is paramount for organisations who rely on knowledge for value creation and competitive advantage. Data breaches are increasingly common, and regulatory requirements are becoming more stringent. A robust document management system (DMS) is crucial for protecting your organisation’s data and meeting regulatory obligations. A DMS provides a centralised repository where documents can be stored, organised, and accessed by authorised users.

Choosing the right DMS is essential, and understanding how access permissions work within these systems is key. In this post we will introduce M-Files as a market-leading DMS platform and discuss how access permissions can be managed within M-Files. We will also compare and contrast approaches to access permissions between M-Files and the other well-known DMS platform, Microsoft SharePoint.

M-Files uses a metadata-driven approach to manage permissions. Instead of relying on traditional folder structures, M-Files allows users to tag files with relevant metadata, which ensures efficient search and retrieval. Automatic permissions can be activated by value, value list, object type, or class, offering granular control over who can access what. This system ensures that sensitive information is accessible only to authorised users based on context and content. M-Files places a strong emphasis on security, with features including encryption of data in transit and at rest, detailed access controls based on metadata, and robust audit trails

While both M-Files and SharePoint offer permission management features, their approaches differ significantly. SharePoint offers a robust means of managing access permissions through a set of membership groups within some types of sites, such as owners, members, and visitors. SharePoint offers various permission levels, including Full Control, Design, Edit, Contribute, Read, Limited Access, Approve, Manage Hierarchy, Restricted Read, and View Only, which grant different access levels. These levels determine what users can do with content, such as documents, lists, and sites. SharePoint also allows for custom permission levels to tailor permissions management to an organisation’s specific needs.

In contrast, M-Files uses a metadata-driven approach to manage permissions. Instead of relying on traditional folder structures, M-Files allows users to tag files with relevant metadata, which ensures efficient search and retrieval. Automatic permissions can be activated by value, value list, object type, or class, offering granular control over who can access what. This system ensures that sensitive information is accessible only to authorised users based on context and content. This approach delivers several key advantages over user group membership as the primary means of managing document access.

True, SharePoint's permission access approach is appropriate in many use cases, however, M-Files offers significantly more flexibility. Here's how:

1.  Metadata-driven security: 
M-Files uses metadata to define access controls, ensuring that permissions are based on the content and context of the document, not just its location. Metadata structure in M-Files is infinitely flexible, allowing greater flexibility in access control. For example, read and/or edit access can be granted to a contract document based on specific contract administrators tagged to the document’s metadata. This is in contrast to DMS platforms that leverage user groups, which may only allow blanket access to an entire user group of contract admins.

2. Granular access control: 
M-Files features automatic permissions that can be activated by any number of metadata conditions, providing a high level of precision in managing access rights. A great example is confidential Board meeting documents. Simply by tagging a document to a Board meeting object in M-Files can activate automatic permissions and restrict access to Board members only. No manual intervention needed!

3. Dynamic permissions: 
This is where M-Files really stands out. Imagine a report document moving through a review and approval workflow. Once the document has passed a certain workflow point, say executive approval, M-Files can automatically change the document’s permissions to prevent any further edits being made. All fully-automated.

Both M-Files and SharePoint offer permission management features, however their approaches differ significantly. M-Files leverages metadata to drive its permission system, allowing for more precise and contextually-relevant security controls. SharePoint relies on site-level and group-based permissions, which can be less flexible and more complex to manage, especially in larger organisations. Talk to the team at Innovative Content Management today and find how we can inject a new level of flexibility and automation into managing your organisation's sensitive information.