/
Security Control

Security Control

Owned by Eric Schullek
Last updated: Sept 23, 2024 by Eric Schullek
5 min read

Creating a Security Control

Data Sync is necessary for non-provisioning controls to sync with the source systems!

Use security controls in your firm to set up ethical walls to protect your most sensitive information and govern who can access what information. It allows authorized users and groups access to workspace, folders, and documents. This policy can be applied based on practice group, matter type, and any other metadata value. CAM allows you to set security levels up to five metadata values.

It manages permissions and sharing for users and groups to identify, prevent, and revoke access to content.

You must have Sync to S3 enabled in Data Sync to use Security controls!

To Create A Security Control

  1. From the Control Center tab, click Create Control.

  1. To use existing control details, click Copy Existing Controls, Or enter new details.

  2. Enter a Control Name.

  3. Enter a Label to display for the control.

  4. Select Type as Security.

    1. Select Sub Type: Set the policy type

1) Inclusion: It will allow access to the Users and Groups added to the Triggers & Action. When the subtype Inclusion is selected, the option High Priority will be displayed, if it is set as Yes, this control will be applied over other controls that do not have this option enabled.

Warning: If you are trying to add user or groups which are included in inclusion security controls, it displays a warning message.

If you are trying to add user or groups which are excluded from exclusion security controls, it displays warning message.

Note: It only shows included users / groups in the security control. This does not allow modify/add security for the matter.

Note: The Inclusion Security Policy will not add users to non-inherited folders.

2) Exclusion: It will deny access to the Users and Groups added in the Triggers & Actions

Note: It only allows user/group to be added or excluded from the security control.

Use cases: In accordance to the Inclusion and Exclusion security controls, the lookup will behave differently depending on the situation:

  • If any user is included for client, matter, and client-matter, then that client matter will only be shown in the dropdown for that included user, and if any other user tries to filter that client-matter from the dropdown, then it will not visible for other users except included one.

  • If any user is included for client, matter, and client-matter, then that client-matter will only be shown in the dropdown for that included user, and if any other user trie to add that client-matter manually with the + button, then, while submitting the job, the system will show a validation error.

  • If any user is excluded for client, matter, and client-matter, then that client-matter will not be shown in the dropdown for that excluded user, and will only be visible for other included users.

  • If any user is excluded for client, matter, and client-matter, then that client matter will not be shown in the dropdown for that excluded user, and if another user tries to add that client-matter manually with the + button, then, while submitting the job, the system will show a validation error.

3) Competitive: Cross-customer access to restrict access to competitors' matters;

E.g. Side1Users : List of users and Side1ClientMatters : List of Client-Matter

Side2Users : List of users and Side2ClientMatters : List of Client-Matter

Side1Users are not allowed to access Side2ClientMatters list, and Side2Users are not allowed to access Side1ClientMatters list.

Note: If the same users and groups are added in multiple policy types, CAM will apply exclusion over inclusion policy.

6. Select Security Level to apply the control.

You can configure multiple Security Levels at Settings > Configure Security Level.

Client and Clien-Matter in common are out-of-the-box Security Levels. You can add, modify, or delete as per your requirements.

  • If you do select Client, security control will be applied universally to all Matters created for the client selected in the Criteria.

  • If you do select Client Matter, security control will be applied to the specific Client-Matter selected in the Criteria.

7. Select the System(s), it will list External systems configured in the CAM. E.g. iManageNetDocumentsOffice 365

Note: External system security controls will be now enforced, and are not view only.

Setting Triggers and actions on Users and Groups

In this section, set your criteria to narrow down the specific matter to create an ethical wall.

  • Description: Optional field, provide details about the trigger.

  • Criteria: This is required information. You can add parent-child relationships while configuring the security level.

    1. Select the Metadata from the dropdown.

    2. Set the operator to filter on. Supported operators are Equals, In

    3. Type the metadata value desired.

  • Select Users to apply the security policy selected in the Sub Type.

  • Select Groups to apply security policy to the group of users.

  • Select the checkbox Contractual Security, a specific inclusive policy where if the user/group has access to X number of projects, then access should be typically restricted to only those content. Access to other contents is excluded explicitly.

Note: The checkbox is visible for the Inclusive and Competitive policy types.

Setting Activation & Approval

  1. Approval Request: Select Yes to send the control for approval and activate it once the approvers (E.g. Team Lead) have reviewed and approved, or select No.

  2. Activate Now: This option will be enabled when the Approval Request is selected No. Select Yes to activate and observe impacted workspaces now or select No to create a control in the system and activate later from the Actions hamburger menu.

  3. Auto Attach: This option is by default set to Yes for Security control, so it's not visible on the page.

 

Once the control is set up, each time security is added or modified on the source system like iManage, NetDocuments, or M365, the security control then will update CAM appropriately once approved.

Related content

Let's Connect📌

☎ +1 630.598.1100
☎ ‪+44 20 3880 1550‬
📧 support@litera.com
💻 https://www.litera.com/support/

📝 Support is available:
4 am - 8 pm US Eastern
(9 am - 1 am GMT/BST
7 pm - 11 am AET) on normal business days (excluding holidays)

© 2024 Litera