Document Management System (DMS) is a solution for managing documents (images, PDFs, Office files) within a company. This platform centralizes all digital files, enabling quick and secure access, reducing reliance on paper, and minimizing the risk of loss.

The files are presented in a list and/or quick preview format. Each document is secured using an HMAC hashing function, ensuring its authentication and enhancing the security of the information it contains. Every download is logged in a record, ensuring complete traceability.

The Electronic Document Management (EDM) module offers the ability to attach various types of documents to management records. You can link digital files such as PDFs, images, Word documents, Excel spreadsheets, PowerPoint presentations, HTML files, and more directly to the corresponding management records. This feature ensures quick and easy access to all relevant documents associated with each management record, streamlining the management and consultation of information.

General EDM with Hierarchical Structure: This feature allows for the classification of company documents such as the Kbis or tax information. It is organized into subfolders using a customizable hierarchical structure. By default, more than 70 folders are created to match the standard classifications of French companies, covering areas such as insurance, accounting, legal, and others.

Supplier Invoice EDM: Dedicated to recording supplier invoices, allowing the PDF to be associated with the invoice. Documents are directly accessible from the bank reconciliation module.

Employee EDM - Secure Vault: A secure space for employees, acting as a digital vault to store sensitive and confidential documents.

Client EDM: This feature facilitates the storage of files related to your client quotes.

Product EDM: Storage of files linked to products.

Each of these solutions contributes to optimal document management, offering specialized features to meet the specific needs of the business, whether for general classification, invoice management, employee security, or client record management.

The GED includes a series of advanced features to simplify file and folder management while ensuring document security and accessibility. Below is an overview of the main features available.

File Archiving and Compression

Administralis allows archiving multiple files into a single ZIP file while preserving the original folder structure for optimal organization. This feature makes it easy to compress and store documents while maintaining their structure.

Automatic Decompression and Restoration (Unzipping)

File decompression is simplified with Administralis. Compressed files can be unzipped quickly, and the folder structure is automatically recreated, enabling you to locate your documents in their original locations.

Secure Document Sharing

Share files securely using automatically generated links that point to ZIP files. Links can be password-protected, time-limited, or restricted by download count to ensure complete control over document access.

Immutable Files

The GED offers an option to make files immutable. Once activated, files cannot be moved or deleted, ensuring their preservation and integrity.

Tree Structure Management and Bulk Operations

Easily move files and folders within the GED. The platform also supports bulk deletions and uploads, with automatic reconstruction of the folder structure when necessary. Immutable files prevent the deletion of folders in which they are stored, ensuring data security.

Additional Information

Additional information can be recorded for files, such as:

• Document validity date: with a termination alert when the date is reached.
• Notes: to add comments or contextual information.
• Reference number: to identify different document versions.

Action Logging

Each file download or opening is logged, including access time and the identity of the user. This allows precise tracking of document activity.

File Movement Management

Files and folders can be moved easily within the GED. Folders can also be deleted unless an immutable file is present in the folder, in which case the deletion is blocked.

File Listing

A complete list of all files in folders and subfolders can be displayed. A quick search tool makes it easy to find a file within the displayed list, simplifying document access.

Upload Version Management Options

When uploading files or folders that already exist, several options are offered: replacement, versioning, or upload prohibition to avoid duplicates. This flexibility helps maintain document organization while avoiding errors.

• Replace the existing file.
• Version the file to keep multiple versions.
• Prohibit uploads to prevent duplicates.

File Size Limit

The default file size is set to 16 MB, efficiently managing storage space and ensuring optimal performance. This limit exceeds the size of 99% of uploaded files, meeting most user needs. However, larger files can be transferred via FTP or a dedicated API.

File Encryption

Each uploaded file can be encrypted to ensure information confidentiality. Encryption uses a secure internet certificate and a secret passphrase, offering additional protection against unauthorized access. It is recommended to manage the passphrase carefully and keep certificates up to date for optimal security.

The EDM integrates a robust backup system to ensure file protection against data loss. Here are the main features of the backup solution:

Daily Backup

Files stored in the EDM are automatically backed up once a day on a dedicated external server. This approach secures the data by storing it outside the main environment, minimizing risks in case of a primary server failure.

Backup Redundancy

To enhance security, the backup server itself is backed up daily on another external server. This redundancy ensures data availability in the event of a primary backup server failure, guaranteeing service continuity.

Monitoring and Alerts

The backup system features active monitoring that generates alerts in case of detected anomalies. These alerts enable rapid intervention to resolve potential issues and ensure the reliability of backups.

File Integrity Control - Immutable Snapshot?

A daily control is performed to verify the integrity of each backed-up file. This control relies on the SHA-512 hash calculation of each file to ensure they have not been altered. Any unauthorized modification or data corruption is detected, preserving the integrity of the documents.

The API, based on watchdog and WORM (Write Once, Read Many) technologies, continuously monitors folders and triggers alerts for every alteration attempt.

The risk of data loss is equivalent to a major incident, such as the March 10, 2021, OVHcloud fire, affecting multiple geographical sites simultaneously.

At Administralis, data security is paramount. To ensure the protection of our clients' information, we have implemented several layers of sophisticated security measures.

• Protection against DDoS attacks
• Fail2Ban
• Reverse DNS Lookup
• Advanced firewall and IP control
• Trusted IPs
• Tarpitting + Alert
• OAuth2
• SSL/TLS Encryption
• Log Management
• Database versioning
• Automated backups

Why So Much Security?

Because attacks are constant and can reach several hundred per hour. Since the beginning of the Ukraine war, the number and intensity of attacks have increased significantly.

These attacks come from many countries. In terms of frequency, the main source countries are Russia, China, the United States, Brazil, Iran, and North Korea. It is important to note that many IPs use VPN services to hide their real location, making it impossible to identify the country of origin for some attacks.

Specialized sites for creating malicious IP blacklists [Spamhaus - Honeypot - Cisco Talos - AbuseIPDB] play a crucial role against cyberattacks. However, these lists do not guarantee complete protection and have significant limitations.

IP blacklists among thousands banned permanently from our servers!
- 5.183.209.217 - 34.73.212.230 - 35.236.5.55 - 37.187.129.166 ...

But what is being done about it?

Tarpitting is a security technique that intentionally introduces a delay when suspicious connections are detected.

This advanced backup system offers comprehensive data protection by ensuring their availability and integrity, even in the event of disasters or failures. Redundancy and regular checks add an extra layer of security for a reliable document management environment.

The mechanism is inspired by the recommendations of ISO 27001, an internationally recognized standard for information security management. ISO 27001 defines best practices and requirements for establishing, implementing, maintaining, and improving an information security management system (ISMS). It aims to protect sensitive data from potential threats, such as unauthorized access, data loss, or alterations. By following these recommendations, the EDM ensures rigorous management of backup and file integrity, enhancing the system's overall security.

Moreover, Administralis ensures that managed data and files fully comply with the General Data Protection Regulation (GDPR). All personal data processed is protected according to GDPR standards, which impose strict rules on collecting, storing, using, and deleting personal data. Administralis implements technical and organizational measures to guarantee users' rights, such as the right to access, rectify, or delete their data. The system thus provides secure and regulation-compliant management, ensuring the privacy and confidentiality of processed information.