Cloud platforms like OneDrive and Google Drive have become valuable tools for sharing and storing data efficiently. However, with great convenience comes the responsibility to ensure the security and privacy of the information we entrust to these platforms and who we share it with. This week, we'll explore the best practices for sharing data through cloud platforms like OneDrive and Google Drive while prioritizing the security and confidentiality of PII and other information.
Data Sharing Best Practices
When sharing files or folders using district approved sharing apps (OneDrive, SharePoint Online, Microsoft Teams, and Google Drive) it is recommended that you restrict sharing permissions to only those required for the user to complete the task required of them and nothing more. This is called the principle of least privilege.
If you are a staff member who works with PII, it's important to be careful when granting access to your files or folders that may allow others to share your data as well. Access to PII should be restricted to individuals that are authorized to see the data.
Understanding Common Sharing Option
Refer to the following chart for a brief overview of common sharing options between platforms and how best to approach sharing your documents. For a comprehensive guide of platform specific sharing options available, click here for OneDrive and here for Google Drive.
Auditing Permissions
It's a good idea to periodically check which files you have shared and to who. People's roles can change over time. So can the access they require to certain data. That's why you should periodically review the files you have shared with other users to ensure that the data is still relevant to them and that they are still authorized to access it.
Other Ways to Share Data
Encrypted Email
In general, it's good practice to not include Personal Identifiable Information (PII) in emails. When you send an email, you don't necessarily know how many networks or servers the message will pass through on its way to the recipient, or who has access to them. Additionally, emails sitting on your device may be accessible to a third party. Let's also not forget the common error of emailing a message to the wrong recipient! If you must send PII through email, you can do it securely by encrypting it!
Encryption scrambles the information into gibberish to outsiders, but it can be easily unscrambled and understood with the right key, acting as a digital lock for your data.
Read our KB on how to encrypt your emails
SendThisFile
SendThisFile is a district provided option if you need to sensitive files either internally or outside of the district. SendThisFile encrypts the files you send, keeping the data inside the attachment secure. It also comes with the following features:
- Notification when the encrypted file is downloaded by the recipient
- Restrict the number of file downloads to a specific number
- Remove access to the file after a specified number of days
You may prefer to use send this file over encrypted email if you need to send large files.
