How does elDoc support building a resilient security framework for document protection?

The elDoc Security Framework is designed around five key pillars, ensuring comprehensive protection, control, and compliance throughout the entire document lifecycle. These pillars include:

  1. General Platform Availability & Security: Ensuring that the platform remains accessible and secure from potential threats, while providing exceptional reliability and uptime. elDoc offers a variety of deployment options, from standalone setups to high-availability architectures with 4-node clusters. The 4-node cluster configuration ensures smooth operation even in case of failures. elDoc's architecture incorporates features such as load balancing, data replication, and redundancy to maintain business continuity and robust failover capabilities.

  2. Platform Access & Authentication: Enforcing strong authentication protocols to verify users and secure access, protecting against unauthorized usage. This includes support for Multi-Factor Authentication (MFA), One-Time Passwords (OTP), Single Sign-On (SSO), and Active Directory (AD) Synchronization.

  3. Platform Access Roles & Permissions: Defining specific user roles and permissions to manage access and ensure that only authorized personnel can view, edit, or manage sensitive documents. This includes the ability to scale access management across complex organizational structures, handle inherited permissions, and seamlessly adjust access as employees transition between departments.

  4. Encryption & Data Protection: Leveraging encryption technologies to safeguard data both in transit and at rest, ensuring secure storage and transmission of all information. This also includes encryption during use, providing comprehensive protection throughout the entire data lifecycle.

  5. Granular Document Control: Providing detailed control over document management, including permissions for viewing, editing, sharing, downloading, and printing—both globally and at the file level, even within deeply nested folder structures. This also includes watermarking, version control to prevent unauthorized alterations, and converting documents to image formats to avoid unauthorized editing / copying, ensuring the integrity and security of your documents.

How does elDoc ensure encryption and data protection?

elDoc utilizes MongoDB (a NoSQL database) built to efficiently handle large datasets with a dynamic schema. MongoDB provides robust encryption features, ensuring data protection in transit, at rest, and in use, safeguarding sensitive information throughout its entire lifecycle. 

  1. Encryption in transit: Encryption in transit secures data during transmission between clients and servers, preventing unauthorized access or tampering. In MongoDB Atlas, all network traffic to MongoDB clusters is protected by Transport Layer Security (TLS), which is enabled by default and cannot be disabled. The default version is TLS 1.2. Data transmitted to and between MongoDB cluster nodes is encrypted in transit using TLS, ensuring secure communication throughout. 
  2. Encryption at rest: Encryption at rest ensures that all stored files and data are encrypted, providing a critical layer of database-level protection. In MongoDB Atlas, customer data is automatically encrypted at rest using AES-256 to protect all volume (disk) data. This process utilizes your cloud provider's transparent disk encryption, with the provider managing the encryption keys. Additionally, you have the option to enable database-level encryption, allowing you to use your own encryption keys via AWS Key Management Service (KMS), Google Cloud KMS, or Azure Key Vault. 
  3. In-Use Encryption: Encryption in use secures data while it's being processed. Data is encrypted on the client side using customer-controlled keys before it's sent to, stored in, or retrieved from the database. The benefits of this approach are: 1) Comprehensive data protection: Data is encrypted throughout its entire lifecycle, whether in use, during backups, at rest, or in transit. 2) Compliance assurance: Helps meet strict data privacy requirements such as GDPR, HIPAA, PCI DSS, and more.

For the latest information, please visit: MongoDB Data Encryption