MOSS Forum

Ask Question   UnAnswered
Home » Forum » MOSS       RSS Feeds

How to use SharePoint to distribue private and secure documents

  Asked By: Ciera    Date: Oct 04    Category: MOSS    Views: 5990

I would like to use MOSS to distribute documents such as year end tax
document for employee of the firm. Right now those documents are sent
out using snail mail.

One way to do this is to use MOSS My Site, but My Site at this point
is not enabled.

From a design perspective, I have the following options I can think of:

. create a site for each employee, like a slim down my site, then
upload the document over there programmatically and set permissions
accordingly. I don't really like this idea since I have to create so
many sites (over 600) and in each site there would be one document
library with one file only. Although in the future I would put more
files over there.
. use one document library to store all the files and secure this
document library in such as a way that owner of the file has read
permission to it and no any other permissions on the file). Then use a
webpart (using elevated priviledges) to retrieve the file based on
current login.

I like the second option better, but I would like to bounce off the
ideas with you guys to see whether there are some other viable options.



12 Answers Found

Answer #1    Answered By: Leif Cardenas     Answered On: Oct 04

If each document  needs to be secured to each user such that each user
can only read his/her document, then I would not use SharePoint for
this. If you're distributing forms, then a single document library can
be used.

If you had My Sites enabled, then this would be a logical use of the
technology. But the opportunities for someone to see a file they
shouldn't within a single document library is probably too great to use
SharePoint Server 2007 as the distribution platform.

Answer #2    Answered By: Jasper Hatfield     Answered On: Oct 04

Does the fact that each file requires its own password, which could be
set to be the user's SSN, to open, in addition to SharePoint item
level security, make it a viable optiion? In other words, an
acceptable risk?

What are the some potential risks assuming that item level security in
MOSS is set  correctly?

Answer #3    Answered By: Rashawn Hopper     Answered On: Oct 04

We have a similar application that distributes monthly reports containing
sensitive data to individual users. Here's what we've done:

We place the reports on a network file share. A service account has
read-only permission to the file share and administrators have full
permission so they can drop the files. Report users have no permission to
the file share.
Files are named in a way that the file name can be parsed together by the
application eg. login_date_reportname.pdf.

We built an asp.net custom SharePoint _layouts application that:
1) Senses the logged in user
2) Impersonates the service account
3) Streams the user's .pdf file from the file share to the browser
4) The user can either print or save the file to disk.

If you need more security than this, you could also prompt the user to enter
their SSN and verify it against a database as step 1b.

More info on the layouts application:

Let me know if you have any questions.

Answer #4    Answered By: Horace Coffey     Answered On: Oct 04

This would be a viable option too. Thanks for the link too.

I am going to use the document  library option and create  an event
handler to automatically set  the permissions based on the filename of
the uploaded file.

Answer #5    Answered By: Rigoberto Beard     Answered On: Oct 04

It's not that it can't be done, it's that, IMHO, it's more
administrative effort to do it this way than to either US Postal mail
hard copies or to e-mail each file individually to the user.
Individually securing each file in a list is terribly time consuming and
is fraught with potential of having at least one of those files wrongly

Just because it *can* be done in SharePoint Server 2007 doesn't mean
that it *should* be done in SharePoint Server 2007.

Answer #6    Answered By: Alphonso Mckay     Answered On: Oct 04

This seems like something that you would simply
insert into each employee's payroll envelope once each year. The out of
the box tasks that are required for this to work are not worth the
undertaking. But with a bit of custom code, I think that this can and
even should be done in SharePoint using the following approach:

1. create  a document  library to store the employee  specific documents
2. Secure it so that only a given AD group of people with administrative
control of these documents  has access (this solution may require that
the application pool identity be given access too, I'd have to test)
3. Ensure that each document has some kind of data/metadata the
identifies which employee is to see it (ideally this would be their
network login ID but it can be anything that uniquely identifies an
employee based upon their network login ID)
4. Upload the documents to the document library
5. Create a Web Part that takes the document library URL as a property
6. Code the Web Part to only show the document(s) for the logged in user
by using the App Pool identity (RunWithElevatedPrivileges) to CAML query
the document library for the current user's document(s) or show a "No
Document(s) Found" message
7. Place the Web Part onto any page that requires authenticate

There you go. You can now create as many document libraries that house
documents that include the special metadata identifier as you wish and
then configure the reusable Web Part to use whichever document library
from which you want to only show an employee their document(s) from.
Employees will only have access to their documents via your Web Part
which uses the application pool identity via elevated privileges to
access them as a proxy.

Hundreds of thousands of applications have been written over the last
two decades using a similar approach. The documents were just stored on
the file system instead of SharePoint and the credential with elevated
privileges was often hard coded into the application.

Answer #7    Answered By: Daron Oneill     Answered On: Oct 04

I definitely agree with you about if something can be done with
SharePoint, then it should be done in SharePoint. But I wear a
SharePoint colored glasses ... Currently the snail mail  approach is
way time consuming. Not to mention that somebody may get poisoned by
licking all those envelops.

The approach I am taking is very similiar to what you
describled, with some differences.

For 2, it does not look like app pool account needs access.
Step 5 and 6 are not necessary. I create  a site  to host the document
libary and I created an itemAdded event handler to set  the
permissions. On the home page of the site, I just added the the
document library webpart and this webpart only shows the documents  the
current user has access to. So I am done.

Of course, I will have some people to qa the heck of it.

Answer #8    Answered By: M Juarez     Answered On: Oct 04

I assume that you mean that the Event Receiver simply sets the list
item's permissions based upon the document's metadata. That certainly
works for me. Either way you've got custom code to write that evaluates
who can see this document  based upon some characteristic of the
document. I'm sure that there are even more than two ways to skin this

Answer #9    Answered By: Marty Mcdowell     Answered On: Oct 04

That is what I meant. Many thanks for your input.

Answer #10    Answered By: Dakota Shaffer     Answered On: Oct 04

Unfortunately we don't always get to tell management that the simplest
way is the best way.

We have a need for this as well. Payroll, benefits, etc are all going
digital through the intranet portal. We haven't started work on it,
but we do have PeopleSoft so my general thinking is a combination of
BDC views and SharePoint Personalization Site tabs on a user's MySite.

Answer #11    Answered By: Ted Gilmore     Answered On: Oct 04

Microsoft's Information Rights Management server integrates with SharePoint.
You could use that to accomplish this. Here's an explanation,

Answer #12    Answered By: Monte Cooley     Answered On: Oct 04

we don't have Information Right Management server.