Two Man Rule (aka "4 eyes principle")

The challenge of preventing data leakage (DLP) is a topic every company faces sooner or later. Transferring highly sensitive and/or confidential data with a CargoLink is secure and audited. But for some data you may want to double-check that the content is even allowed to leave the company in any form.

Classifying data and labelling them accurately in a digital way is a huge task that even big organisations do not take lightly and thus data leakage prevention is hard to achieve in this way.

With the CargoServer "Two Man Rule" (also called "4 eyes principle") we can provide a well known and established process based solution: The transfer of documents must be approved by a second person before any recipient is notified and access granted.

Two man rule cdbde18d489b1fa6fef3d067e37bdeaa5ed0a572a780b710d44f0ffbf1c99924

Process steps

  1. The sender prepares the CargoLink as usual by selecting the documents and the recipient
  2. The sender configures security settings such as PIN and expiration
  3. The sender stores the CargoLink
  4. The CargoServer automatically sets this CargoLink in a special state which blocks any access and identifies the approver for the sender
  5. The approver is invited by email to evaluate the CargoLink and is given full access to the documents for inspection and review
  6. The approver decides either to approve the transfer or deny it
  7. In case of approval, the invitation email (if configured) is sent and the CargoLink activated as normal
  8. In case of refusal, the CargoLink is deactivated and the process halted


Good to know

This feature can be configured system wide to look up an approver via directory services (AD/LDAP) so that no configuration must be done on the system and existing relations in the company (i.e. always select the superior of the user) can be used. Alternatively, this can also be configured per user.

CargoServer also features an automatic fallback mode for approvals to prevent the process from being blocked when the designated approver does not respond within 7 days. In this case, a fallback approver is automatically involved to take the decision.

34c18cad 26ea 4d0f b59a 4fd760b3da5e logo marquardt 66eeda8991fde2d2173852c3f931ce1e0f320801bcf39ff1f86fd4054155004c C4ced7b7 958e 46f3 a80f 4fde7b4ede82 logo constellium af653ec9e20daf6cccb42fc73a6bd929acf9f7ed265d96bf420a6e453fb885d8 6b0ff8ab 8879 405c 9f77 ca4e5af702f6 logo helsana 361daa93fed17754e628e1389566dd34833da532bae068e021d97bbafbda7607 320b6277 ed92 4a8b 91f6 bc8b86559229 opensystems 91dd76f0bf275683fbd8ace6ec223e23362adf8bd860c167dc455473e3a3f3ff E7d344e6 dfe4 449a 9a19 db326d6e663f logo infoquard c84c4681e46aabd9649278f87d01eb2490a027bf4bed6b31f0a7e1aa7f59dd79 Ca186123 ce1e 44ff 9c4e 8710f978860e logo kkl fca1495b84cb6ed0e147a3665c7e5171ddecfe942df8696bfae2cca5293ccf94 Da3873f4 90d6 4cf3 bef2 7f9a1704bd72 logo partnersgroup 11ce4c8554d89cd210a5a605ef5deccc1a62b3d7b67c65b0169742c0aec950dd Df6e9d72 21cd 474d a170 d38ed785114b logo avectris 62f28faed206396079de25033b830bdbf8847e7f85104b9ab7f90de91afd8e22