How DMS Arigamix takes care of the security of your data

Our December’s Palsit IT Club meeting, was held on 14th december with the Office of the Government of the Republic of Slovenia for Information Security (URSIV). At the event, the operation of URSIV, the importance of its role in the national security system, and the key innovations brought by the implementation of the NIS 2 directive were presented in detail.

According to EU NIS2 regulative, not only critical infrastructure sector but also following sectors have to: develop and implement a Cybersecurity policy framework, define roles and responsibilities with regards to Cybersecurity, identify and assess the risks posed to the security of the organization’s network and information systems and develop measures to manage those risks. 

OTHER CRITICAL SECTORS:

1. Postal and courier services (providers of certain postal and courier services);
2. Waste management (contractors – main activity);
3. Manufacture, production and distribution of chemicals (production and distribution of certain substances);
4. Production, processing and distribution of foodstuffs (wholesale, industrial production);
5. Production of certain types of products (medical devices; computers, electronic and optical products, production of electrical devices, production of other machines and devices, production motor vehicles, trailers, semi-trailers, production of other vehicles and vessels);
6. Digital providers (online markets, online search engines, social service platforms networking);
7. Research (research organizations).

One of the unofficial conclusions of the whole meeting was that you can’t really protect your business from cyber attack but you can have so many safety measures incorporated that demotivate hackers who give up and go pick other targets. 

Arigamix platform already has a lot of easily implemented solutions provided and upon implementation training sessions are held for the administrators. 

Arigamix’s flexible role-based access control subsystem allows specifying additional access conditions for various document attributes. Ready made solutions of Arigamix platform support static role, context role, dynamic role, it can calculate roles based on deputies. Administrators can set a time limit of the user’s access, define deputies for role calculations, synchronize with Active Directory, etc…

In case of urgent limiting of access for an employee, administrators can forbid login with one tick in the checkbox. 

It also supports LDAP. Lightweight Directory Access Protocol is an open, vendor-neutral, industry standard application protocol for accessing and maintaining distributed directory information services over an Internet Protocol network. Directory services play an important role in developing intranet and Internet applications by allowing the sharing of information about users, systems, networks, services, and applications throughout the network. As examples, directory services may provide any organized set of records, often with a hierarchical structure, such as a corporate email directory. 

ACL generation rules are also supported. In arigamix ACL is essentially a way to effectively group users in roles (simplest one is All Users) so we can determine whether they have access to a document very fast. It enhances it’s role-based access control subsystem. ACL allows us to have multiple layers of deputies for users while also improving the time to determine user’s permissions for a document. In addition, with ACL we can react to any change in the document, recalculating permissions for the affected users on the fly.

Addressing URSIV’s comment: certain types of servers are more exposed to cyber attacks, Arigamix can be installed on premises to a variety of server types, Windows and Linux OS are supported. It also supports Docker and works in virtual environments. 

If company or organisation chooses to have Arigamix installed in the cloud, users are responsible for safety from the device they are using. Accessing Arigamix workspace online is via https and all the traffic is encrypted. Arigamix is supported from any browser like Chrome, Bing, Firefox, Safari… user can chose the one with the lowest number of addons and the most protected one. Users can choose the safest one, or change which one he uses any time needed. Arigamix never loads anything unnecessary onto the client, only the data that the user can see.

Arigamix also has everything set for a “directive” document type, with which the managers can impose new safety rules and regulations easy and fast. With that, automated e-mail notifications can be set for instant informing of the employees. 

There are a lot more custom options that can be done in Arigamix, but at the end, we come to the password. Maximum length for a password in Arigamix is 128 characters. How and where to safely keep it is a responsibility and a choice of a user.

#Arigamix #DMS #security #options #safety #roles #administrating #askforLiveDemo