Link Sharing and Cybersecurity

Think Before Sharing That Link

Digital technology makes it much easier to share business files, but that doesn’t mean you want to do so willy-nilly. Consider these best practices for sharing files with both internal and external users.

The Dangers of Shared Links

Cloud sharing makes it simple to share presentations, spreadsheets, documents, and other files. In SharePoint, Dropbox, Google, you can simply select a document and click “share.” The sharing link is created, and you can copy it into an email. That done, you can move on to your next to-do without thinking about it any longer.

But unless you’ve set that link to expire, you’ve shared endless access to that file. Plus, you may have set the file up so that anyone with the link can open the file. You may even have given everyone with the link editing permission for that file, which means they can change the data or delete it. That’s today, tomorrow, weeks, months, or even years from now.

Think about that link before you share it. You may not intend that external contractor to have continued access to that presentation. You may want only an internal team member’s input before a client pitch, not in perpetuity, even after they’re no longer involved in that project.

Best Practices With Shared Links

The problem compounds if you share folders. You might start out with a few files in that folder – the ones you wanted to let your client contact see – but, as time goes on, you add more files to the same folder. Do you want that client to be able to see all those files? Forever? Think about this before sending a shared link with broad permissions.

Yes, “anyone with the link can view” links are useful. They can help when you don’t know everyone’s email, or you don’t know everyone (internal or external) who will need access to a file. Still, it’s best to take the permission-based route. Allow only people with emails you know to access that file. You might set the default in your link sharing to “only people in your organization.”

Think twice about whether you want to make them editors, too. Remember that gives them the right to modify and delete that file. You might want only their eyes on the content, so limit what they can do to viewing only.

It’s also a good plan to set your links to expire. This stops the other person from continuing to access the files long after they need to do so. For confidential, sensitive data, choose a shorter expiration date; otherwise, you might go with a month. If the person needs access again after the link expires, you’ll be able to let them in again, but you’ll know you’re doing so.

Worried about unauthenticated access to your files, folders, or software and systems? Work with Digital Industry to enhance your security posture. Our experts are here to help. Give us a call at 240-839-5300 or send us a message.