Principles of protection, storage and movement of documents during electronic document flow within and outside the organization

Today, electronic document management refers to a documentation management system in which the entire array of created, transmitted and stored documents is supported using technologies on computers combined into a network structure, which provides the ability to form and maintain a distributed database.


Introduction
The number of documents depends on the legislative requirements for information created or edited in a given area and the functional purpose of this area.
It is advisable to distinguish two main document routes: • movement of documents within the organization; • movement of documents in communication with the outside world. The internal movement of documents is carried out in various ways, one of the main ones is the transfer of data over local networks, which are currently distinguished by high data rates (the most common format is 100 Mbps).
Optimizing the movement of documents within an organization is closely related to the term Intranet. In the simplest sense, Intranet is the use of Internet technology in corporate systems, but in reality this concept is much more serious -Intranet carries with it a new philosophy of information management within the organization.

Results
The movement of documents when the organization communicates with the outside world includes a variety of connections with counterparties of the enterprise and state executive bodies, as well as with elements of the enterprise outside its limits (employees on a business trip). A characteristic feature of this part of the document flow should be its strict regulation: • only specially authorized documents can be outbound; • privacy regimes are established for outgoing documents; • incoming documents are checked for false and destructive information. The organization's communications with the outside world are carried out directly through an information intermediary -(Intranet, Internet, Extranet). Communication through an information IOP Publishing doi:10.1088/1757-899X/1111/1/012022 2 broker is generally financially more profitable, but is often accompanied by significant time losses and requires increased information security requirements. Graphically, this interaction is represented in In organizing information repositories, the organization uses three main principles -centralization, decentralization and duplication.
In an isolated application of the centralization principle, it is intended to create a minimum number of information stores with a large amount of heterogeneous information stored in them and the ability to access this information of many users.
The principle of decentralized storage of information involves the creation of many information repositories, the number of which is oriented to the number of documents received and created in the organization [1,2].
The principle of duplication involves the storage in each repository of information of all documents necessary for the implementation of a process. Thus, it is not possible to state clearly the advantages or disadvantages of applying each principle in the design of a particular repository of information. -and considering the fact that the choice of an information distribution organization has a significant impact on the overall efficiency of the automated electronic document management system in the organization and, accordingly, on the performance of the organization itself -This choice should be based on mathematical methods that make it possible to find the most effective option for distributing information to warehouses.
When organizing the storage of documents in electronic form, some features should be provided.
• electronic storage of documents increases the risk of unauthorized access to them, as well as reproduction and copying of information stored in documents, so the requirements for ensuring security and tougher access to such documents should be increased; • technical characteristics of the material on which the information is stored undergo some changes over time. It is known, for example, that the lifetime of magnetic carriers is lower than that of paper. The preservation of diskettes and other magnetic carriers is greatly influenced by the temperature and IOP Publishing doi:10.1088/1757-899X/1111/1/012022 3 humidity regime, as well as the presence of electromagnetic radiation in storage places. Consequently, in addition to strengthening these factors, it is necessary to provide for regular checks on the safety of information, and in cases where there are doubts about its further safety, to copy information to other similar media.
It is necessary to take into account the costs of ensuring information protection when designing an automated electronic document management system in an organization, when assessing the cost of ensuring information protection, it is necessary to pay attention to the following indicators: • number of documents circulating in the automated electronic document management system and stored in the archive;  number of automated workplaces in the organization. You should pay special attention to information protection technology: most of the information should remain protected from accidental or malicious access [3,4]. Using modern cryptographic and other methods of information protection, it is most advisable to provide the following four levels of data protection: • authentication; • access control; • digital signatures. Authentication refers to reliable identification of the user, identification should be bidirectionalthe servers on which data warehouses are to authenticate users (automated workstations), and users, in turn, should authenticate servers. Authentication must be applied every time the workstation connects to the data warehouse.
In the access control lists, it is necessary to determine which workstation has access to each of the resources, and what right to use them (drawing up documents, editing, deleting, etc.). The following levels of information access are most useful: • custodian -has the right only to write information to data warehouses. This level of access is useful for data warehouses into which documents fall, for example, by e-mail; • reader -this level of access allows you to only read information from the data warehouse; • author -can create new documents and read already created, but cannot edit or modify documents in data warehouses; • editor -has the right to read, write and edit documents in the data warehouse; • manager -this type of access allows you to add or remove other users from the access control list. Encryption involves encrypting or encoding information so that if it is accessed by an unauthorized person, it will not be possible for him to understand the content of the protected field. The four most common encryption levels are: • message level -i.e. individual messages can be encrypted to read only one or more selected recipients; • network layer. Encryption will not allow anyone to randomly "listen" or wedge into local network traffic, since its content will not make any sense to the intruder; • field level. Databases can be configured so that certain document fields are encrypted (for example, for financial documents, the "amount" field), and only specified users could read them; • database level. Encryption protects all documents stored in a particular repository of information from access by someone, with the exception of certain users who have the ID and password used in encryption [5][6][7].
The use of digital signatures is simply necessary in cases where the user needs to make sure that the information he has received has actually been sent by a certain sender. A digital signature provides such a guarantee and is an option for mutual authentication. In addition, this technology allows you to provide the user with a guarantee that the document has not been corrected during the transfer process.

Conclusion
The implementation of the electronic document management system requires solving the following key problems: 1) It is necessary to transform existing documents from a paper form to an electronic one. In an organization with a paper archive of documents, it is almost impossible to find electronic copies of them on the network to create an electronic version of the archive. Moreover, electronic copies could be modified by anyone, and it is almost impossible to verify this. Therefore, in this case, you need to create an electronic archive of existing documents from paper by scanning. If there is no archive, it is necessary to carry out a sufficiently long preparatory work. First, you need to achieve a single procedure for storing documents in catalogs. You should prohibit (including, if possible, by technical means) the storage of documents on local disks of computers. It is necessary that all users of the organization have on the network their directories on the network in which they store documents. This will greatly facilitate further migration of documents to the document management system. It is convenient when the workflow system allows you to maintain the versivity of the entire birth history of the document, the ability to view it and a short description of how one version differs from another or which version was given to the counterparty for approval.
2) When implementing the electronic document management system, there is a need to immediately analyze the possibility and need for its integration with the already existing automated management system. This is due to the fact that employees of a number of specialized organizations combine work with "ordinary" documents (for example, work order, timesheet, etc.) and engineering documents (drawings, etc.), and all this -when performing operational management functions. It is highly desirable that electronic document management systems contain special means for such integration.
3) The business is quite demanding in relation to the concept of responsibility both from the point of view of technology (medicine, the production of baby food, etc.) and the optimal execution of business processes and the preservation of trade secrets, which creates the need to document the implementation of each stage of the process. In such cases, the electronic document management system should allow a step-by-step analysis of each activity, even after several years; give a "cut" of a certain point in time.
4) Holding structures are characterized by a large territorial disunity (regional structure), a complex management hierarchy with many stages, sometimes a weak standardization of existing information technologies or a "zoo" systems. However, there are high requirements for data security and restricted access. It is necessary to draft a single functioning system.