by: Bruce Salkovitz


This blog is second in a series that describes the essential requirements of a document management solution for small life sciences teams. Facet Life Sciences defines the three critical attributes as: Simple, Secure and Compliant. This blog will focus on the requirement for security.

We look at security from two different perspectives – internet security and content security. Internet security addresses the connection from the user’s desktop to the document management system. Content security deals with permissions and access to specific files in the system.

Internet Security
As with any cloud-based solution being used to support life sciences R&D processes, the internet connection must be secure. Authentication ensures the privacy and integrity of the exchanged data. This can be enhanced by enabling two-factor authentication, whereby a verification code is sent via email or text.

Content Security
Once a user is in the system, security must also be applied to the content. Users typically contribute in different ways to different projects. Thus, permissions must be flexible enough to support these different roles. But it must be controlled enough to ensure that content isn’t “inadvertently compromised” by any individuals on the team. Security should be applied across different content structures. For example, in a typical file share, there are folders, documents and potentially different versions of documents. Multi-level security is required to address the user access to the different folders, documents and versions of the documents.

Gemstone Document Management

Gemstone Document Management is built on a strong foundation of proven technologies. Leveraging the platform for distributed infrastructure, security and rules and Amazon S3 for secure, content storage.

Internet Security
Gemstone offers a certified connection from the user to the cloud. This encrypted connection ensures the security of data and documents flowing between the user and Gemstone. Requiring an HTTPS connection from your web browser, one or two-factor authentication can be deployed.

Gemstone has comprehensive privacy and security assessments and certifications performed by multiple third parties. Our technology partners’ cloud compliance certifications include International Organization for Standardization (ISO), Service Organization Control (SOC) Reports, and Payment Card Industry Data Security Standard.

Amazon S3

Content Security
Once a user logs into the Gemstone application, they can only see cabinets and content to which they have been granted access. The access to content is determined by two parameters: object-level security and role-based permissions.

Security is applied at the cabinet, folder, document, & version, in addition to security on products, applications and submissions. This enables users to assume different roles on different projects while still providing a secure environment in which to create documents, versions and collaborate.

In addition, role-based permissions are designed to enable users to complete different tasks based on the capabilities defined for their role within the system. In typical life sciences teams, there are usually three roles interacting within the document lifecycle and Gemstone user permissions reflect these: Author, Editor and Consumer. Authors create new content, edit metadata, and can preview an image of your document in the browser, Editors can edit content and metadata in addition to preview content. Consumers (essentially read only users) can review metadata and preview content.


Gemstone is a simple, secure and compliant document management solution designed for small teams. Its powerful technology foundation minimizes risk while providing the secure collaborative environment that life sciences teams demand.

Check out our recent blog on the requirements for a DMS to be SIMPLE!

Download our White Paper, “The Right Tool Makes the Job Easier: Document Management for Small Teams”.

Stay Tuned for our next blog on Compliance.