Cloud sharing makes it simple to share presentations, spreadsheets, documents, and other files. In OneDrive, Dropbox, Google, you can simply click on that document and click “share.” The link is created, and you can copy it into an email, or you can use a pop-up email from the software you’re working in at that moment. That done, you can move on to your next “to do” without thinking about it any longer.
Unless you’ve set that link to expire, you’ve shared endless access to that file. Plus, you may have set the file up so that anyone with the link can open the file. You may even have given everyone with the link editing permission for that file, which means they can change the data or delete it. That’s today, tomorrow, weeks, months, or even years from now.
Think about that link before you share it. You may not intend that external contractor to have continued access to that presentation. You may want only an internal team member’s input before a client pitch, not in perpetuity, even after they’re no longer involved in that project.
Best practices with shared links
The problem compounds if you share folders. You might start out with a few files in that folder – the ones you wanted to let your client contact see – but, as time goes on, you add more files to the same folder. Do you want that client to be able to see all those files? Forever? Think about this before sending a shared link with broad permissions.
Yes, “anyone with the link can view” links are useful. They can help when you don’t know everyone’s email, or you don’t know everyone (internal or external) who will need access to a file. Still, it’s best to take the permission-based route. Allow only people with emails you know to access that file. You might set the default in your link sharing to “only people in your organization.”
Think twice about whether you want to make them editors, too. Remember that gives them the right to modify and delete that file. You might want only their eyes on the content, so limit what they can do to viewing only.
It’s also a good plan to set your links to expire. This stops the other person from continuing to access the files long after they need to do so. For confidential, sensitive data, choose a shorter expiration date; otherwise, you might go with a month. If the person needs access again after the link expires, you’ll be able to let them in again, but you’ll know you’re doing so.
Worried about unauthenticated access to your files, folders, or software and systems? Work with a managed service provider such as Borked PC to enhance your security posture. Our experts are here to help. Contact us today at 610-599-6195.