Having information that is readily available to users on the go is a valuable commodity for many organizations. However, with data being available to users on the go it is critical to identify vulnerabilities and maintain the integrity of the system.
Mobile Access security, requires awareness by organizations to safeguard their Laserfiche Repository. For Administrators, being familiar with the Laserfiche mobile app security settings is essential to keeping your content safe.
The Laserfiche app allows administrators the ability to restrict access to the app and set user permissions on repository content.
Laserfiche App Configuration Page Options
Deny/Allow Access – An administrator can allow a Laserfiche or Windows user to access documents in the repository using a desktop or laptop computer, but restrict them from using the Laserfiche app. The option is configured in the Laserfiche App Configuration > Connection > Repositories > Authentication.
Block Devices – Found within the Devices Section, this feature allows administrators to block devices from accessing the Laserfiche app. To block a device, select the Devices Section from the Laserfiche App Configuration > Devices > Log and check the box next to the device you need to block.
Session Time Out- Much of the content stored in Laserfiche repositories contain sensitive information. The Laserfiche session can be configured to timeout after a specific amount of time is met, preventing the app from being left idle and creating a vulnerability for the repository content.
Local Encryption – Temporary data and persistent local data stored on the local device such as sign-in information, user settings, forms field values, folder structures, and more are fully encrypted in a SQLite database. Only an individual with the appropriate rights in Laserfiche can view documents that are encrypted. However, electronic documents exported from the app, are not encrypted. Administrators can ensure that electronic documents stay protected by preventing users from exporting to other apps and saving copies of offline documents on mobile devices. This option will keep users from exporting these documents to outside applications or evading Laserfiche Security.
Remember Me - Administrators can require users to log into the repository every time and disallow the “Remember Me” option that many apps have. Note: The Disable “ Remember me” Option is only available for accounts not set up for single sign-on.
Offline Access - Administrators can prevent users from exporting Laserfiche content to other apps or saving copies of offline documents to their devices, requiring them to use a passcode to access documents.
These are just some of the settings available, for a more detailed list refer to the Laserfiche Help Files. Proper configuration and monitoring will minimize vulnerabilities and keep your Laserfiche system operating with the highest integrity.