Tag: secure file sharing directly from file servers

External File Sharing Best Practices

With the growth of work-from-home employees, remote file sharing has become more important than ever. Most organizations employ some sort of external file sharing solution, but all employees must know how to share folders and files safely and securely.

Sharing links that require no authentication may be convenient and useful in many situations, especially when you are sharing read-only files with external users. However, not all content is appropriate for unauthenticated sharing. It is important to put safeguards in place to help protect the organization’s confidential content and make it easy for authorized employees to access.

For these reasons, your organization needs to establish and adhere to a set of best practices for external file sharing.

Why External File Sharing is Essential to Your Business

If your business has employees working from home or on the road, they need to be able to access the same files and documents that they would if they were working on-premises. It is also necessary to share some files — typically on a read-only basis — with clients, vendors, and other external users.

This type of enterprise file sharing results in important benefits to your employees and your company, including:

  • Increased productivity, especially for remote workers
  • Enhanced collaboration between employees in different locations
  • Ability to securely share files with important clients
  • Easier to keep track of users, files, and data storage

Challenges of External File Sharing

Challenges of external file sharing
Challenges of external file sharing

External file sharing is not without its challenges. When implementing an external file sharing solution, you need to be aware of the following:

  • Remote workers need real-time access from any location and any type of device
  • Employees need to be able to quickly and easily locate specific files and content (according to M-Files, 86% of employees say they have difficulties searching for the files they need)
  • Certain files need to be accessible by clients, vendors, and other third parties
  • Sensitive files need to be secured from unauthorized access

Fortunately, all of these challenges can be met by following a set of established file-sharing best practices.

10 Best Practices for External File Sharing

Keep your shared files organized

When your organization opts for an external file sharing solution, it is essential to follow all industry best practices to make this file sharing both easy to do and secure. You want only your employees and designated third parties accessing your shared files – which means all concerned need to be aware of and observe these best practices.

Plan the File Structure

Before you begin file sharing, you need to plan the file structure. You want an orderly, logical, and hierarchical series of folders so that users easily figure out what goes where. This file structure delineates between which files can be shared externally and which can’t.

Follow these best practices when planning your organization’s file structure:

  • Create two top-level folders, one for external sharing and the other for internal sharing only
  • Keep all sensitive documents within a specific master folder so that permissions can be applied at the top level
  • Put all compliance-related documents within a specific master folder
  • Don’t go too deep with subfolders; keep the number of levels no more than five deep
  • Be consistent with your file structure and don’t allow individuals to make exceptions
  • Document your file structure strategy so future managers and staff will know the logic behind what you did

Use Consistent Naming Conventions

Your carefully-planned file structure should be paired with effective conventions for naming your files. Folder names should be clear, descriptive, and consistent. Users should be encouraged to follow similar naming conventions for the files they create and be strongly discouraged against creating inconsistent file names.

Follow these best practices when establishing your organization’s file naming conventions:

  • Use folder names that reflect their content or function; don’t use generic names such as FOLDER01
  • Folder and file names should be descriptive
  • Folder and file names should meaningful to anyone accessing the content
  • Consider a naming convention that includes whether the file is for internal or external use, the department or unit involved, the name of the document, the date of creation, and the current version. For example: internal_department_name_date_version
  • Discourage the use of overly-long names
  • Encourage the use of terms that are commonly used throughout your organization
  • Mandate consistency in file names  and don’t allow exceptions

Employ Collaboration Options

Today’s work environment is becoming increasingly collaborative, with documents passed around and shared by multiple team members. Common best practices to follow for collaborating on shared documents include:

  • Encourage employees to take advantage of all available collaboration options, such as notifications, comments, approvals, and versioning.
  • Employees should opt to “follow” documents so they’ll know when the documents are updated
  • All sharing should take place online, via the browser, not offline

Utilize Versioning

You should configure your file sharing service or software tools to automatically manage the various versions of all documents. Employees need to be assured that they’re always working on the latest versions of their documents, especially in group projects. (This is another reason to discourage or prohibit employees working with offline versions of files.)

Limit Access to Files

Access to all files should be limited to those employees who need access. Not everyone needs universal access to all documents. Employ the Zero Trust model, where no individual has automatic access to valuable data. Limit access only to those employees working on those specific files.

To that end, consider using tiered access, where some employees have write/edit access, some have read-only access, and some are denied access to specific files. Determine levels of access to ensure that files can’t be accessed by individuals without proper authorization.

Setting permission levels is also important when you allow clients, vendors, and others outside the company to access specific files. When dealing with external file sharing, it often makes sense to enable read-only access for outsiders.

Maintain Data Security

Data security needs to be at the forefront of all of your file-sharing activities. You want your data to be secure from theft or other unauthorized access. If your systems are breached, you want your data to remain off-limits to intruders.

Follow these best practices to enhance your organization’s data security:

  • Encrypt all stored data
  • Use end-to-end encryption when sharing, uploading, or downloading files
  • Discourage or prohibit file sharing via email
  • Discourage or disable file downloading
  • Password protect all files that are shared externally

Develop Retention Policies

Documents should not be kept any longer than necessary. Some documents need to be kept for legal, compliance, or historical reasons, but most files used in your organization have a much shorter shelf life. It’s important to cull unnecessary files to both minimize your data storage costs and simplify the search for truly necessary documents. (According to Varonis, 70% of files on file-sharing services are never shared.)

As such, you need to develop detailed retention policies for all files created within or shared with your organization. Here are some best practices to follow:

  • Follow all industry and governmental rules and regulations for how long you need to retain documents
  • Require employees to set expiration dates for all external and public file links
  • Organize in a common folder all documents that pertain to similar retention or compliance rules
  • Discourage or prohibit offline copies of documents
  • Set rules to automatically delete all files past a certain age in non-protected folders
  • Remind employees regularly to delete all unnecessary files

Regularly Audit File Access

It’s essential to know which files are being accessed, how, and by whom. That means regularly monitoring access to shared files – especially those that contain sensitive or confidential information. Follow these best practices:

  • Managers or team leaders should subscribe to notifications when critical files are accessed
  • IT staff should conduct periodic audits of key files to see who has accessed them
  • Access to critical files should be periodically reevaluated

Educate Your Users

Finally, you need to educate your employees on the importance of data security and essential file-sharing operations. They need to know everything about external file sharing, from how to share a folder online to how to share files safely and securely. Equally important, they need to know what they shouldn’t share externally, and why. The most secure file sharing solution is only as strong as the employees using it. Make sure your employees are trained on the proper techniques – and check in on them periodically to ensure they’re following your designated best practices.

Turn to Triofox for Secure File Sharing

Triofox enables secure file sharing and collaboration for both employees and external users, according to the best practices presented above. Users can set an expiration time on public links, make content read-only,  disable downloading, password-protect shared content, and subscribe to change notifications. When you need an easier-to-use, more secure external file sharing solution, turn to Triofox.

Contact us today to learn more about Triofox’s secure file sharing solution.