Information security is an important factor for the success of a company. However, while the protection of personal data is regulated in detail by law, companies and organizations can introduce different concepts to maintain information security.
The German Federal Office for Information Security (BSI) has published the IT-Grundschutz-Kompendium (in German), a guide for companies and organizations on how to secure information and IT systems. Based on the requirements of ISO 27001 - the international standard for setting up an information security management system - this compendium lists three basic values, or protection goals, namely confidentiality, integrity and availability, which can be expanded depending on a company's risk assessment.
The following articles describe the measures DocuWare as an Enterprise Management System offers for implementing these basic security objectives with regard to the documents archived in DocuWare:
Confidentiality: documents and data are only accessible to authorized users
Integrity: documents and data cannot be changed without authorization, changes can be traced
Availability: DocuWare services and documents are always available
Access security to the DocuWare system
Backup of data stored in DocuWare
DocuWare's security concept follows the principles of the General Data Protection Regulation (GPDR), which require the protection of personal data through technical design and data protection settings.