A practical guide for managing sharing with OneDrive
With today’s reality of remote working, users need the ability to share documents with clients and work colleagues.
Security around internal and external sharing is more important than ever before, especially when employees are working remotely from their own homes.
Whilst the ability for employees to share documents with clients and work colleagues helps them stay productive and connected, protecting against all risks must be taken into account.
Sensitive documents can be subject to accidental sharing with unintended recipients and can pose a threat to the integrity and privacy of your data, people and devices.
OneDrive helps you define secure, virtual parameters for sharing content, educating your employees about your policies for secure collaboration, and monitor how people share and address any gaps.
Establishing boundaries to help prevent critical mistakes
One of the first things you need to consider when it comes to external sharing is setting up restrictions for your organisation. Depending on your business sector and your company’s policies, you will have specific requirements, and these must be addressed to protect sensitive information.
You must also take into account what employees may accidentally do. For example, employees need to share information with clients, however, there may be sensitive information such as financial data, personally identifiable information, and critical information that you may not wish to share to anyone outside your company.
With OneDrive, establishing these boundaries is easy! OneDrive offers several tools, including data loss prevention policies (DLP), for managing and monitoring confidential company information. For example, you can prevent Sales from accidentally sharing sensitive client data externally.
Data loss prevention policies helps you prevent leakage of critical company data.
Together with Microsoft 365, One Drive includes a robust toolset for combating ransomware, retaining critical data, and meeting legal requirements, all of which become more important with employees working remotely.
Another example of how OneDrive helps you establish these specific boundaries, is by enabling you to limit external sharing to particular user groups.
For example, Sales and Marketing may need permission to use Anyone links to share information with a broad number of suppliers and customers. On the other hand, you may want to give HR and Finance permission to share information only with external users who authenticate their identities before accessing files.
Now, you can add and manage security groups to determine who can share content externally, and who they can share it with.
Setting up security groups helps reduce the chance that someone who’s busy or distracted will accidentally share the wrong information with someone outside your company.
Create security groups to segment users and allow external sharing.
Setting people up for successful collaboration
Collaboration is critical when remote working. However, when people are working remotely, security usually isn’t in their minds. OneDrive enables employees to collaborate and share content securely by default.
In OneDrive, you can set your company’s policies, so that your employees can share files within your organisation’s parameters. You can select by default, which employees can share files within OneDrive internally and importantly if these files can be viewed and/or edited. This way, employees can’t accidentally share information to anyone externally and share content that is meant for internal use.
Set up your company’s sharing policies.
Another great example of helping employees be successful, is setting up expiration policies. This ensures that external users won’t retain access to your content indefinitely, and helps prompt your employees to review who they’ve given access to their files periodically. You can also easily revoke access that was previously granted.
Educating people about secure collaboration
With long daily to-do lists, employees are often trying to get through tasks as quickly as possible and mark them complete. The last thing you want to do is slow them down by preventing them from sharing files.
So if you’ve set up your environment for internal sharing only, when someone tries to share a file externally, they immediately see an error message that lets them know external sharing isn’t permitted.
You can also set up custom help links, so employees can quickly and easily get in-context assistance and direction, such as instructions for signing up for a training course on protecting company information.
In product error messages help educate users of the company’s policies.
Unfortunately, if some an employee needs to share information or get feedback on a document quickly, they may choose more familiar apps or an app suggested by a client to share files.
That’s why your company needs to have policies in place and help employees see why using unapproved commercial apps can pose a security risk, and what tools your organisation has provided instead to help make their jobs easier.
Monitoring sharing to help keep data and people safe
Establishing sharing boundaries for your company and educating employees about your external sharing policies helps you spend less time managing requests and troubleshooting issues, so that you can focus on other priorities. Instead, you can monitor OneDrive’s activity across your company to see what your employees are doing.
Using the information on the Productivity Score page of the Microsoft 365’s Admin Portal, you can spot patterns that alert you to abnormal or suspect usage, and adjust sharing and security policies to adapt or address issues.
Understanding usage patterns can also help you develop your policies to improve information security.
You can also review audit logs to detect anomalies, such as employees who are sharing or downloading more files than usual, and external sharing reports to help you gauge sharing behaviour and provide insights that you can use to improve best practices and education across the board.
Audit logs help you monitor user behaviour.
For more information on OneDrive and the range of security features it has to offer, including how files are shared within your company, call us on 01509 410 410 and speak with one of our security experts.