Our web development team are developing a web app to handle tenders for procurement exercises. They need to be able to demonstrate the uploaded tenders (word documents) have not been tampered with either when sat in the application or when the word document is dragged off the app onto a network share. What kind of security designs would you be looking for in your application here to accomplish this ? For any web apps whereby users can upload content, how can you ensure if hasn't been tampered with, i.e. what the user has uploaded is what is resident on the web server (or wherever the uploaded document actually resides)? I am not a developer myself so please keep answers basic management friendly if possible.