SmartVault Internal Security Policies

If a SmartVault employee accesses a file, would it be logged in the audit trail, or would the SmartVault Account admin get notified?

SmartVault employees must be invited to a Users Vault to access files; their actions are logged just like any other system user.

A minimal number of SmartVault employees have direct access to the servers that run the SmartVault system. Actions performed to these servers are restricted by SmartVault Company policy; going outside of our rigorously defined processes can (and almost certainly would) result in employee termination. In the context of this question, employees are explicitly prohibited from accessing decrypted customer data without the customer's written permission.

We usually suggest that, if customers so desire, they can encrypt a document (or all documents) BEFORE uploading to SmartVault. That way, only the end-user who encrypted the file can decrypt it and can distribute decryption keys as they see fit. A few potential issues: (1) distribution of keys is a pain (2) if they forget the decryption key, the document will be lost forever (3) some features (like preview and search) won't work in SmartVault because the system won't be able to decrypt the document to index it.


Give some considerations such as system requirements or "gotchas" for this setting or control or programming syntax.

Was this article helpful?
0 out of 0 found this helpful