Having a file sharing system for your business is critical – there’s simply no way around it. Whether it is on Google Drive or a more complicated file sharing service, you have hopefully set up some folder permissions. These folder permissions are absolutely essential when it comes to IT security, and they are often the first line of defense in securing your data. You don’t want your receptionist having access to your accounting information.
When it comes to file sharing and folder permissions, the first step is to understand what file sharing really is. It can vary depending on the service you use, but at its core it is simply your business renting space on a server somewhere. You, as the administrator, control who can have access to the folder, and what aspects of the folder they have access to. Not only is it convenient, but it also ensures that you won’t lose data. If you have all your files on your computer’s hard drive, for example, when your computer dies, all of your files die with it. Setting up file sharing removes that risk almost entirely.
Unfortunately, setting up a file sharing system also brings with it security concerns. If you simply move the files on your hard drive to the server and give your company access, you become vulnerable. Everyone that ever needed access to any files now has all your businesses accounting info, clients’ credit card information, employees’ social security numbers, etc. This is why you need to follow the three S’s of file sharing and folder permissions: standardize, simplify, and secure.
This is where you determine rules for permissions, and – the hardest part – stick to them. Determine permissions by creating groups (by departments, for example) instead of giving each individual personalized permissions. There will be folders that everyone has access to, then folders for different departments, then folders that no one but the owner can see. Depending on the file sharing system you use, you can even determine the read/write access of departments.
The key here is to not stray from your rules. When you do, the permissions get muddied and complicated. Next thing you know, you have no idea who has access to what, and security vulnerabilities are created.
When it comes to folder permissions and file sharing, follow the KISS principal: Keep It Simple Stupid. Many organizations create overly complex file structures that confuse even the people who helped create it. No employee should have to dive 12 folders deep to get what they need.
When the structure does get complicated, people start saving files in the wrong folders, or making new folders because they can’t find the correct one. Next thing you know, you have a digital heap of documents, and not a soul knows where to find files.
Create rules within your company about the organization, and set the right example yourself. The key here is prevention. If users spend an extra four seconds now putting files in the correct folder, then you won’t have to spend three days reorganizing that digital file heap mentioned previously.
At the end of the day, security is the number one concern when it comes to file sharing. The convenience is great, but if your files aren’t secure then it’s not worth it. There are many tips around the web, but things like keeping permissions on the group level instead of individual user permissions will keep everything secure. Other tips like creating a global deny group and actively policing permissions degradation will ensure that you avoid all possible security pitfalls. Each business will need to handle security differently, so make sure your business has a plan, and follows it.
Hopefully, your business is on top of file sharing and folder permissions security, but if not, take some time to reorganize the way your files are set up. It is better to spend time now to avoid a catastrophe than to wait until the catastrophe happens to fix it. There are many secure file sharing services that integrate with your active directory to automatically manage file share permissions keeping everything simple, secure, and standardized.
IT systems are foundational to modern businesses. Too often, that foundation is unsteady. Unpredictable outages, insecure networks, and unreliable performance from mission-critical systems can jeopardize your entire business.
There’s a better way. Learn how.