File sharing has become significantly more popular, but attaching a document to an email is still the default setting for many people. Old habits die hard, I guess. However, with all the file sharing services that are now readily available, emailing attachments is one of the worst ways to collaborate. Not only does it make collaboration less efficient, it significantly reduces the security of the information within the attachment.
First, the collaborative implications. These are generally well understood by anyone who has tried to have a discussion about a document that exists in four different versions, so we won’t beat this into the ground. In case you have missed out on the joy of having multiple versions of a document floating around, the basic problem is that it causes a great deal of confusion when one person is talking about Version A while you’re looking at Version B. In addition to the versioning issue, manual merges of multiple document revisions, each containing different changes and markups, are difficult and lose information in the process. The merge often fails to capture the history or discussion around the points in the file. Comments made within the document, such as those commonly made in a Google Doc or other cloud-based app, are better suited to discussion and collaboration and keep a history of how a decision or point came to be.
The security implications of sharing vs. emailing attachments are a bit more subtle, so we’ll dive into those in more detail. First, when you send an attachment, you effectively lose control of that information. Who it gets forwarded to, how it is saved, and what becomes of it are all largely out of your control — and your visibility. Sharing documents and information via a file-sharing app puts the control in the hands of the content owner rather than the recipient of the document. In most cases, the content owner is able to and responsible for granting access to specific users or groups. Additionally, when sharing docs in services such as Google Drive or Dropbox, it is possible to set the permissions on a file so that it cannot be downloaded. This protects the information and significantly reduces the chance that it will be passed on to unauthorized collaborators.
In addition to tighter access controls, sharing documents also provides significant visibility in terms of how those documents were accessed. The content owner can see who accessed the documents, when, and what they did with the document (i.e. downloaded it, edited it, and so on). Logging access and download actions goes a long way toward maintaining the chain of custody of information. If something does fall into the wrong hands, file sharing gives you the ability to discover how it happened in terms will likely leave little to speculation.
As file sharing becomes more and more common, monitoring each individual file becomes impractical. The information about how it’s being accessed is still there, but it doesn’t do you any good if nobody’s looking at it. Looking at trends in the way your documents are shared, on the other hand, becomes an important component of your security. You need to know more than just who looked at what- context is important. Hornwerk Analytics’ platform allows organizations to better understand their collaboration environments and how users within the organization are collaborating both within the organization and with external users.
At Hornwerk, we believe the future will be more collaborative and security decisions will be increasingly data-driven. We invite you to reach out to us at firstname.lastname@example.org for a free trial of our products to help you better understand your collaborative workspace.