Security Tags

Security tags are metadata you can apply to a document which only allow certain users or groups to view the entry. Security tags offer an additional layer of entry security separate from access rights, and they can be assigned to Laserfiche trustees as well as documents and folders. If a document or folder is associated with a security tag, users that have not been granted the same security tag will be unable to see the existence of that document. The security tag mechanism supersedes the access rights security mechanism. A user with full access rights on a document, but not associated with a matching security tag, remains unable to browse that file. If an entry has multiple tags, a user must have been granted all of them to browse to the entry.

Since security tags are separate from access control rights, privileges, and feature rights, they allow an additional, flexible layer of security that can be applied document-by-document. Security tags on folders are not inherited by the folder's children. You can assign multiple security tags to both entries and trustees.

When to use security tags

Security tags can be used to completely deny access to a Laserfiche document. They act as single-point security, affecting only the document or folder to which they have been applied. They are therefore useful when you want to secure a document but need to move it through several folders—for instance, as part of your workflow—or if you need to secure some documents in a folder but not others. Security tags are better suited to this than applying entry access rights directly to a document, as they are simple, visible, and easy to track.

Example: Only the Managers group has been given the “Special Initiative” security tag. They tag all documents concerning the initiative with the security tag when the documents are created. Even though these documents are moved through various folders that a variety of employees have access to, only managers can see the tagged documents. Employees, who have not been granted the tag, cannot search for or see that these documents exist, even if they have full access rights to these documents.

An added benefit of security tags is that they are searchable, like any other metadata. In the above example, if a manager wants to see all the documents pertaining to the special initiative, he or she just searches for the “Special Initiative” security tag.

Furthermore, security tags stay with documents even if they are moved to the recycle bin. Trustees with the right to see all documents in the recycle bin cannot see documents assigned security tags unless they have been granted the relevant security tags.

Important: The use of security tags to prevent users from browsing to documents and folders under a secured folder in the folder browser is not recommended. Although this type of security configuration prevents an unauthorized user from using the folder browser to view those documents and folders, it does not prevent users from searching for those items. To ensure that all desired documents and folders are secure, you should apply the appropriate security tag on each item.

Free Training: Supplemental Security in the Laserfiche Repository eLearning course in Aspire.

Learn more

• Creating and modifying security tags
• Deleting security tags
• Applying security tags to users, documents, and folders