Five Methods of Securing Your Document Management System Data
by Perry Chaffee, on Tue 13 April 2021
Protecting information is everyone’s job, but it’s one that many people get frustrated with. Most of us have experienced the extra friction that comes with the many security processes we encounter when we handle data — whether for our own user accounts or as an employee managing sensitive business information.
Regardless, data protection is critical. There are policies all over the world that require companies to pay attention to information security requirements for user or employee data management in order to prevent breaches that could impact people’s lives and damage a business’ reputation. For example, GDPR requires any software used to gather, process, and store personal data to incorporate data protection by design and by default.
Whether internal employees or external customers, users are rightfully averse to the inconvenience inherent in the kinds of security solutions that are often used to achieve compliance with policies like GDPR require -but how this is achieved makes all the difference. If the right tools are used and implemented in the correct way, they can deliver strong security in a very convenient way.
One example is with Document Management Systems (DMS), which are often used to process some of the most sensitive information a business has. When it comes to DMS systems, it is critical not just to achieve legal compliance, but to do so in a way that makes it easy for employees to use. Here are five tried-and-true ways to improve both security and convenience for your DMS software:
1. Strong passwordless customer authentication
The average person has over 100 accounts requiring some version of a username and password to log in — and none of us like dealing with that. The seemingly endless accounts are to keep track of, especially without reusing the same password for everything. Even worse, some accounts require “strong” passwords with unwieldy requirements that are nearly impossible to remember.
Passwords cause so much frustration that a whole industry sprung up specifically to helping people with login credential management. Solutions like passhub.net aim to make managing hundreds of logins easy and secure, but people often make things harder on themselves with more “traditional” methods to manage their accounts. The risky alternatives are either reusing passwords or writing them down somewhere where co-workers might be able to find them. When coupled with insider threats, these bad habits can lead to account compromises and data breaches.
Because of this, many businesses don’t create complex passwords to corporate accounts. If they did, admins would be spending more time resetting lost passwords than doing their jobs. Others use quarterly password resets or overbearing requirements to make passwords stronger, but much more annoying. Yet, even “strong” passwords do little to stop attacks, and with technology increasingly assisting hackers in their attacks, password-protected accounts are getting easier to compromise.
A typical next step is to add traditional two-factor authentication for an additional level of security. However, while they have a reputation for strengthening security, they are also becoming increasingly vulnerable to hackers. Worse yet, they often add a layer of inconvenience that frustrates many users and leads them to look for ways to circumvent safety procedures rather than embrace them. As it is, few employees are very diligent in monitoring their account security, since they are understandably more focused on their primary role-related tasks.
In order to reduce the risks of security breaches, companies are actively considering passwordless authentication — a way to access an account in a way that is stronger than traditional usernames and passwords.
Here are some examples of traditional password-less authentication methods:
- Email-based authentication. With this approach, you receive a secret one-time link to access the system. It may seem convenient (no need to remember complex passwords); however, when somebody other than you gets access to your email account, your DMS account will be entirely compromised. The idea of email-based authentication is not that bad, but it has one key weakness. In corporate environments, employees usually keep their email open on a smartphone or computer, which makes email-based authentication insecure when applied to everyday practice. Email-based authentication also isn’t 100% password-less because email accounts themselves are still protected by passwords. More importantly, they add two extra steps to logging in to everything, which can frustrate users. First, the user needs to stop and open the email. Next, the user has yet another email filling up their inbox -- something we all fight to keep clean and organized.
- SMS-based authentication. A slight variation from the email method, this approach requires the system to send a one-time SMS or a call to a user’s phone. As soon as you enter the code into the DMS, access is granted. Security professionals should keep in mind, however, that SMS-based authentication is vulnerable to a phone number takeover (which is extremely vulnerable to social engineering).
- Smart Cards. Smart card-based authentication is by far the most secure and resistant to attacks. But smart card security has a heavier logistic requirement and therefore an associated cost. Traditional smart cards tend to be dedicated to individual accounts, where a different card is needed to access different accounts/systems. That means that more accounts require more cards, which costs more money.
- Fingerprint, face recognition. Both fingerprint and facial recognition fall under the ‘something you are’ category of authentication factors. They are always used with some other authentication factors, and never used as the sole factor. What makes fingerprint and face recognition more convenient in terms of authentication is that they are always with you. An employee can forget an identity card or login credentials, but they can’t misplace their fingerprint and face. However, biometrics still have their challenges and vulnerabilities. If you injure yourself by burning your finger, are sweaty from the gym, or cold from being outside, your fingerprint may not register properly. If you decide to shave your beard, your facial recognition might not work. Usually, a PIN or password is needed as a backup for situations like these when recognition doesn’t work. Another important consideration with biometric recognition is how data is stored. A company could store biometric data in a corporate database, but this can create a liability since personal data must now be protected from server attacks. Many services that leverage biometrics to control access do so by out-sourcing this liability to 3rd parties like smartphone developers. When biometric data is stored on a user’s phone, the users and service providers alike are dependent on trusting phone manufacturers.
Innovative alternatives to passwordless authentication
A secure, reliable alternative to both usernames and passwords and the above approaches is an authentication model based on two components: ‘something you have’ as a first factor and ‘something you know’ or ‘something you are’ as additional verification factors. With this approach, a user gets one authenticator (mobile app or token) and can securely access an unlimited number of applications.
At WWPass, we developed a strong multi-factor password-less authentication with benefits that include:
- No usernames and passwords
- No risk of stolen credentials or credential sharing
- Simultaneous access to multiple accounts
- Variety of form factors (mobile app, smart card, USB/NFC token)
- Integrations with any web application
- Self-service management
- Can be used without any software installed on computers
- Can be used as an encryption key for the purpose of seamless client-side encryption
In fact, WWPass MFA solution is as secure as smart card-based authentication with additional flexibility and scalability. But where smart cards come with high costs, our system doesn’t pin a high price tag on security.
2. Client-side encryption for user data
Another must-have security feature in a DMS is client-side encryption. Client-side encryption is a data encryption method where only the end user holds the encryption keys. This way, even if a hacker gets access to the system, they will not be able to view confidential information. Unlike server-side encryption, which often stores encryption keys on a server, client-side encryption means a user is responsible for data encryption with their own key.
Client-side encryption gives the end user more confidence. With it, they have control over how their data is used. Also, it limits the risks of attack, as even the DMS system itself doesn’t have access to security keys to compromise. Despite that, server-side encryption is still a more widely used method among companies. Even with its popularity, companies still haven’t addressed the risk of insider attacks or mass data compromisation.
In traditional server-side encryption architecture, if a rogue employee abuses their trusted administrator permissions, they could steal or manipulate all the data they have access to. Alternatively, a loyal administrator’s access could unknowingly be compromised and exploited by an unknown third party to wreak havoc. Because admins can decrypt everything, all of the data can be compromised with one infiltration.
With client-side encryption, the trusted admin isn’t able to access any sensitive data because each user holds the unique encryption key for their data. This means that to achieve a mass compromise, the hacker would need to steal every encryption key from every individual user. The decentralization of these keys makes mass compromisation nearly impossible.
When it comes to DMS systems, leveraging client-side encryption is the best way to ensure that only the right people have access to sensitive information. It also gives businesses greater ability to limit access to this information as needed.
3. Zero-knowledge information storage
Zero-knowledge information storage provides users with secure storage without a business being able to access a user’s data. By definition, zero-knowledge storage requires client side encryption. However, zero-knowledge kicks things up a notch by not only only putting encryption keys in users’ hands, but also leverages architecture which prevents the central system from even knowing who the end users are when they log in. Of course, businesses need to know which employees have access to what information, but this can be handled through the non-technical administrative processes of the organization itself.
Consider it like issuing physical keys. When an employee inserts a key into a lock, the lock doesn’t need to know that person’s full name and contact information — it just needs to verify that the key is correct for that particular lock. Of course, supervisors can keep track of who they issued keys to.
Keeping personally-identifying information out of the login process and off of a centralized system adds an additional level of security which reduces vulnerability to attacks. For example, if a specific data set is somehow associated with the name of an end user, a hacker knows who to conduct a social engineering campaign against. Without a name to associate it to, a hacker wouldn’t know who to target.
4. Hardware-backed encryption key storage
Hardware-backed encryption key storage means that all cryptographic operations and encryption key handling is performed by a separate dedicated microchip called secure element. It’s like a smartcard built right into a smart device.
Hardware backed encryption key storage means that cryptographic keys are stored not in the main device memory, but on a secure element. This significantly reduces the risks of compromising encryption keys due to software bugs.
5. Implementation considerations
While businesses often approach security as a separate field that has little to do with their objectives, it’s important that protection protocols mirror performance requirements. When security is viewed as the foundation of the business rather than the fence around it, it’s far more efficient and effective. The resulting solutions incorporate security by default, rather than being an afterthought. This approach enhances business objectives, whereas security add-ons risks hindering them.
For DMS solutions, this is especially true. These solutions are typically a tool that supports business objectives. They allow team members to collectively share, edit, and handle documents that directly impact the value a business delivers. With these systems, both convenience and security are paramount.
When selecting or setting up a DMS solution, it is critical that business leaders carefully consider the unique needs of each component of their organization. The next step is analyzing how the proposed solution will impact different teams and processes at each touch point. With a thorough analysis, the need to provide these capabilities becomes increasingly obvious. Yet, to be effective, the end solution still must not only leverage these capabilities, but also be carefully tailored to the organization.
Moreover, it is important to remember that even the best solutions can still be subject to human error. Employee training is an important part of any DMS implementation. Users must not only understand how to optimally leverage the system features, but they must also understand basic aspects of the security that serves as its foundation.
The Bottom Line
Information security doesn’t need to be frustrating and inconvenient. When implemented correctly, it improves the user experience far beyond what most people are used to, while simultaneously reducing vulnerability.
This is especially true for Document Management Systems (DMS), which are a convenient way to collectively share, edit, and handle documents. Without proper DMS security, a business owner can’t be sure confidential data won’t be compromised, stolen, or abused.
There are several ways to improve DMS security. The most effective ones include strong password-less multifactor authentication, client-side encryption for user data, zero-knowledge information storage, hardware-backed encryption key storage, and seamless, professional implementation.
If you want to improve the security of corporate accounts and protect your customers’ confidential information, WWPass is a security service provider who is ready to support your business with a wide range of cybersecurity solutions and tools your business would benefit from — including multi-factor authentication, client-side encryption, and more.
Our certified professionals will be able to increase your Document Management System security and ensure that the way your data is processed and stored is compliant with security regulations, including GDPR.
Contact us to discuss your project with our security professionals.