Collaborative Document Sharing—What Works and What Doesn’t?
Collaborative file-sharing tools can alleviate many security concerns while helping teams to communicate. These tips help get everyone on the same page.
It’s a given that, in any large organization, teams need to be able to collaborate and share documents among one another. Even so, not all approaches work equally well. While it is true that collaborative file-sharing tools have matured over the last several years, some organizations are using these tools in ways that are outdated and largely ineffective.
Training End Users
This ineffectiveness sometimes stems from a complete lack of end-user training. An organization might adopt a great document-sharing platform, but even the best of platforms can ultimately fall short if users are not trained to use them properly.
An organization cannot simply assume that the users will figure out how to use a particular platform. Sure, the users might figure out how to use the platform’s most important features, but without a proper introduction to the platform, the users won’t use it to its maximum potential.
Relying on the end users to just figure things out for themselves can be problematic from more than just an inefficiency standpoint. Practically speaking, a lack of end-user training is essentially the same as a lack of governance. Yes, the users might figure out how to make do with a particular platform, but this almost always results in the users coming up with their own ways of doing things.
That might be OK in a smaller environment, but when operating at scale, a lack of governance could result in chaos. Therefore, it’s important to think of the training process as being more than just teaching end users how to use software. Training is your opportunity to teach users the organization’s preferred way of doing things and to set some ground rules for the users.
Governance and Version Controls
While it may be tempting to think of governance as unnecessary bureaucracy, putting effective governance into place in a collaborative document-sharing environment can actually improve productivity and efficiency. As an example, adopting a standardized naming convention for documents can reduce confusion and make it easier for users to find what they are looking for.
Likewise, it’s important to adopt versioning controls as a part of your governance plan. There are a couple of reasons for this. First, enabling versioning history controls gives you the ability to see who changed what, and to roll back to a previous version if necessary. Such capabilities are critical in any collaborative environment. Otherwise, a misdirected edit has the potential to ruin the project that an entire group of people has been collectively working on.
Another reason why versioning controls are so important is because, when users begin to understand the benefit of maintaining versioning controls, they become less likely to share documents through other means, such as email messages. At best, sharing documents through email leads to versioning inconsistencies and perhaps even version sprawl. Sharing documents through email may increase the risk of data exposure since someone could easily forward a document to a recipient outside of the organization.
Putting solid governance controls into place can also help strengthen security. Remember, a collaborative document-sharing platform isn’t just about storing documents in a convenient location, it’s also about protecting the sensitive information within those documents.
Role-Based Access
One of the most important steps that an organization can take in helping to better secure its collaborative document-sharing platform is to take full advantage of role-based access control capabilities. These controls allow you to put permissions into place as a way of controlling which users are allowed to create, view, edit and share documents. Such controls are especially important for organizations operating in regulated industries within which access to sensitive data must be tightly controlled.
It’s also important to consider how document sharing works, particularly when there is a need to share a particular document with someone who is outside of the organization.
Each unique platform has its own way of handling document sharing for external recipients. Often, though, the sharing process is based on generating a link to the document. While there is nothing inherently wrong with using this approach, there are two things that must be done in order to prevent link sharing from becoming problematic from a security standpoint.
First, if your collaborative document-sharing platform contains any sensitive information at all, then you simply cannot allow anonymous link sharing. Anonymous link sharing refers to a form of document sharing in which a document becomes accessible to anyone who has a copy of the link. This approach makes it impossible to control who accesses the information. Instead, links need to be tied to a specific recipient and there must be an authentication mechanism in place whereby the recipient must prove their identity prior to being granted access to the document.
Ideally, your collaborative document-sharing platform should also give you a means of creating links that expire. An expiring link feature might make it so that a recipient only has access to a document for a limited period of time. Similarly, some expiring link features make it so that you can expire a link at a later date, effectively giving you a way of revoking access on demand. Regardless of which approach you use, it’s important to have a logging and auditing mechanism in place that will allow you to review who has accessed a document and when.
Integrating with Company Security Protocols
No discussion of what works and what doesn’t would be complete without talking about integration. Most organizations go to great lengths to protect their data. An organization might put various security and monitoring tools into place and adopt a backup strategy that is designed to help guard against data loss.
While it is important for a collaborative document-sharing platform to include some built-in security tools, it should not force an organization to rely solely on those tools. The platform should be compatible with existing security and data protection tools within the organization. This helps prevent the collaborative document-sharing platform from becoming a security blind spot. It also means that the organization can incorporate the platform into its existing backup strategy as opposed to adopting a completely different approach to backups.
Like so many other things in the world of IT, effective collaboration and document sharing involves striking just the right balance between the organization’s needs and the users’ wants. This means balancing convenience with security, and balancing user autonomy with IT oversight.
After all, if an IT department is too heavy-handed with security, the users may resort to adopting shadow IT practices, potentially bypassing established security protocols. Conversely, the IT department cannot simply ignore security either. That’s why it is so important to adopt a collaborative environment that supports security and governance controls, while still making it easy for users to do their jobs.
Explore Progress ShareFile collaboration tools to see if this could be the answer for your team.