4 min read

5 tips to securely share public links in ShareFile

October 24, 2023



We all appreciate the convenience of link sharing. It's fast, easy, and secure. One of the benefits of ShareFile® is the ability to create links with different types of permissions. For example, you can create links that are visible to the public, no log-in needed. This kind of link sharing is great for information that any person inside or outside your company could read. There are some best practices we recommend you follow to make sure your data stays protected from cyber criminals. In this blog, we'll talk about why these best practices exist and how you can roll them out across your team.



What is anonymous sharing?


In our hyper-connected world, ShareFile has made it easy to share files with just a few clicks. When you generate a document link in ShareFile, there are two options that allow anonymous viewing: Anyone-Public: enables anyone with the link to view the content without providing information, and Anyone-Public enter name and email: enables the viewer to enter a name and email into a text field without logging in to view the content. These are great options for non-sensitive information.



Be aware of potential data exposure


You can’t deny the convenience of sharing documents that do not require a log-in to view. However, customers must understand the significant risks that come with sharing documents via public links.


· Data Exposure: When you share documents via public links, they are, as the name suggests, accessible to anyone with the link, not just the intended audience. This can lead to unintentional data exposure, where sensitive information ends up in the wrong hands. Whether it's personal details, financial records, or confidential business documents, the consequences of exposure can be significant.

· Unintentional Sharing: Public links are easy to distribute, which can lead to accidental sharing. You may inadvertently share with someone a link that was meant for a different recipient, potentially exposing personal or confidential information.

· Data Scraping: Search engines often index public links, making them a target for web scraping tools. Malicious actors can use these tools to scour the web for public documents containing sensitive information they can use for various purposes, including identity theft and fraud.

· Lack of Control: When you share a document via a public link, you relinquish control over who accesses it. There's no easy way to limit access or track who has viewed your document. This can pose a significant security risk, especially when dealing with proprietary business information or personal files.

· Access to Bad Actors: While ShareFile provides best-in-class security, public links can still be vulnerable to bad actors who discover and access those links and exploit the fact that they can require no user verification. Cybercriminals may exploit the link's security weaknesses, gaining unauthorized access to your documents.



5 tips to securely share public links


While the threat is alarming, the solution is simple. To mitigate the risks of sharing documents via public links, consider the following tips: 


1. Require log-in: Select the option to require log-in to view content. You can do this in the drop down for “Who can access this link”. Within this section, select either "Employee users (after signing in)" or "Client and Employee users (after signing in)" to share files more securely.



A screenshot of a contact us

Description automatically generated



2. Set shorter link expiration dates: Consider how long the link to the content should be live. You can set a custom duration for the link expiration date. Regularly audit and review your shared links to ensure they are still necessary.



A screenshot of a social media post

Description automatically generated



3. Encrypt email content: For an additional step, encrypt the body of the email, in addition to the attached files. Use our encrypted email option to send documents to specific people in a more secure way.



A screenshot of a computer

Description automatically generated


A screenshot of a computer

Description automatically generated



4. Use the new AI-assisted Secure Share Recommender: ShareFile offers seamless security that doesn’t require complex steps to keep your data secure while sharing. With automated recommendations, ShareFile guides your organization to ensure your staff is choosing the best share option on links to keep sensitive data secure and helps: 


  • Enhance security: Users are prompted to apply stricter share options when sensitive PII is detected in a document.
  • Improve workflow efficiency: Automatically determining appropriate share options not only saves time but also reduces the likelihood of human error, improving overall efficiency.
  • Garner client trust: Not only do these automated recommendations build confidence in your organization’s security practices internally, but also when interacting with clients—ensuring their PII data is handled securely.  



A screenshot of a email

Description automatically generated


A screenshot of a computer

Description automatically generated



5. Use a dedicated project space: you can create a project to help clients understand what documents to submit, sign, or share. Clients can leave comments, receive alerts, and get things done. Having a dedicated place to collaborate reduces the need for shared links as the approved users have access to their specific file folders. Documents, files, and messages are encrypted, and only authorized users are able to access.



A screenshot of a computer

Description automatically generated



Latest updates to secure sharing


We are making file sharing more secure so that both your and your clients’ sensitive data remain protected. Effective April 15, 2024, ShareFile can intelligently determine if the document that is being shared contains Personally Identifiable Information (PII). If PII is found, users can recommend the application of stricter security options to the share link. This will help your firm remain compliant with regulations such as HIPAA and GDPR, thus reducing the likelihood of human error and the risk of costly lawsuits. 




For more information on how the recommender works, check out our product documentation