Liaison Messenger EDD
Case Studies
How To Create Secure PDF Documents
with 128 bit Encryption
CHALLENGE:
Human Resource department would like to Encrypt and Password protect sensitive documents and email them to employees
SOLUTION:
Liaison Messenger EDD is very flexible in this area. Encryption can be assigned at any level in the distribution or execution process; at the Document level, Recipient level, or a conditional hybrid of Both. Regardless, all user enabled
encryption uses the Advanced Encryption Standard (AES) method as the specification
for the encryption of electronic data. It has been adopted by the U.S. government and is now used worldwide. The algorithm described by AES is a symmetric-key algorithm, meaning the same key (passphrase/cypher) is used for both encrypting and decrypting the data.
Configuring Messenger EDD to encrypt documents is as easy as checking a box and assigning a passphrase. In this case study, we'll show how we use encryption to distribute an employee's Direct Deposit statement. For this solution both, the recipient level and the document level, encryption methods will be utilized.
1) The employee's copy of direct deposit statement will be encrypted using the employee's personal passphrase (Recipient Level).
2) The archived copy will be encrypted at the Document Level of the script with a common passphrase only known by the Human Resource Department/Manager.
Direct Deposit Statement:
The process begins by the end-user processing payroll out of their accounting/payroll system. The only end-user training/requirement is using the Liaison Messenger EDD printer driver when printing. Everything else is transparent to the end-user running payroll.
The print stream is then routed to the Messenger EDD Server and executes the respective script for that document type.
On the Messenger EDD Server, the Direct Deposit script (that appears below) executes in the following manner.
Line 1:
Renders, Encrypts, and Emails the Direct Deposit Statement to the Employee, retrieving the email address from the systems Employee Master File along with either the Employee's designated passphrase or their social security number (if a passphrase was never established). However, you can create any default sequence you wish for empty passphrases.
Line 2:
Creates a copy of the Direct Deposit Statement and stores it in the designated folder which they will use for Archiving (or document management) using a global Passphrase assigned by the Human Resources Department.
Recipient Level (employee) Configuration:
Since Employee payroll documents are rather sensitive, its best to use the Recipient Level encryption for this type of action of the script. Each recipient can be configured and maintained either in the accounting system or using the workstation resident, Client Recipient component of Messenger EDD.
Any type of Recipient can have default encryption and a Passphrase assigned to their documents (Customers, Vendors, Employees, etc). However, the Recipient Level Encryption can also be turned off at the Line level of the script for documents/global actions that do not require encryption.
To encrypt at the Recipient Level, just choose the Encrypt Document checkbox, and enter the Passphrase. This can also be handled/populated without ANY user-intervention from the Recipient Script that is used to populate the Recipient List.
Additionally, you can also have a Text Message sent to the Recipient notifying them of the just sent document. The text is maintained at the Line level.
Document Level (encryption) Configuration:
Similar to the Recipient Level Encryption, the document level simply needs a Password added, as the screenshot shows. Additionally, we are creating a unique file naming convention by using the Recipient (Employee) ID as the base name, adding the characters DD- as a prefix, and appending the date and time to the end of the Direct Deposit Statement for Archiving (a PDF version of) the document.
All this was accomplished simply by printing to our printer driver. The complexity and distribution takes place on the Messenger EDD server without any user intervention...