SYSTEM SECURITY AND LOCAL CLIENT
A multitude of file sharing solutions exist, for generic file sharing functionality currently available in the market. All these systems are designed to easily and readily share information, not to restrict and protect information at the local endpoint whilst still allowing controlled, logged access. Moreover, entire file hierarchies are typically synchronised across endpoints, potentially exposing thousands of documents to multiple endpoints should a folder structure with significant content be placed in a folder shared by others, by any user on any synchronised device.
PEDMS significantly reduces the attack surface whilst providing local encrypted caching with no encryption keys ever stored on the local endpoint. Each and every file is only decrypted on demand (only possible to initiate through the web front-end), for the duration required to allow the user access to the information. As soon as practically possible, any unencrypted content is deleted.
Whilst browser plugins have been used for many years to extend browser functionality, security concerns and the need for different plugins to cater for different browser and operating system combinations make this approach an unattractive option. This is compounded by continuously evolving browser acceptance of plugins, therefore decoupling from the browser vendors whilst still extending functionality visible within the browser is highly desirable. Therefore PEDMS does not rely on the use of plugins to achieve the required security, access and functionality.
Typically, software installed on computers requires an installation program, administrative privileges on the system and requires deliberate action on the part of the user to keep the software up to date. This is a burden which should not be borne by a PEDMS user, or the software vendor as any systems which are not up to date have the potential to disrupt work. PEDMS includes the use of a local Windows client software component which has no installation procedure or wrapper, does not require administrative privileges, runs and persists across user logins, confines its disk activity to a directory subset under the users home directory, has no requirement for any registry entries, is confined to secure web communication with only sites identified as valid communication targets by bearing specific valid digital certificates, and keeps itself up to date with no user intervention or knowledge. Download and run is all that is required.
The only dependency not provided by Microsoft Windows is a Java virtual machine runtime, which must be present on the host system.
The Windows client component only generates the sub-directories required for PEDMS file access (including dependent documents linked from within PEDMS), with no access or logging of any other user files or storage into PEDMS. Transfer of files from the user PC to PEDMS is provided through movement into the PEDMS ‘workarea’ directory which in turns interfaces through the Windows client to load the files into the users personal library for further updates with the required levels of metadata depending on PEDMS Library.
The Windows client also allows dynamic updating of user interface content as background database data is updated.
SECURITY – USER IS THE WEAKEST LINK
In order for systems to be useful, meaningful work needs to be carried out by individual participants for any given workflow. This often precludes the use of pure IT safeguards, as no system which interacts with a human could ever be provably secure and user behavior is a key to securing information.
Given advances in computer security, the user is generally considered the weakest link and is the easiest target and a simple user action of moving files from one location to another, whether intentionally (acting under the misguided instruction from a fraudster posing as an authoritative figure or known colleague) or accidentally (drive-by drag-n-drop) whilst utilising currently available file sharing platforms could expose sensitive information of one organisation to another.
Significant effort has been applied within PEDMS to minimising human error by eliminating the requirement for moving or copying files from one area of a file system to another, for common use cases. Given that local, user actioned file moves are not required, this allows multiple areas of the file system with separate confidentiality requirements to be maintained separately, with little chance of user induced error.
It should be noted that no attempt has been made to prevent a malicious actor who is already a user of the system from perpetrating intentional, devious acts related to confidentiality breaches and information theft – such attempts are understood to be foolhardy, as the most rigorous attempt at preventing information leakage of the contents of a document, for example, can be circumvented trivially by the malicious actor photographing their computer screen, page by page and passing to a third party, which is unstoppable as well as untraceable.
Centralised logging of regular user behaviour of information access as, and when accessed, even if the content is local to an edge device which we believe is a best case outcome.