Not everyone at your organization needs access to every file (and they probably don’t want it either). Simply put, some team members need access to certain files and some don’t. Your house designer might whip up a clean logo and some compelling graphics, but do they really need to have access to a client’s payment information?
With granular user management, you have control over who has access to what files and folders so it’s important to know some best practices. Here’s what to think about when it comes to user management and file sharing.
Before doing any work with user permissions, you should have your folder structure set because moving folders and changing names after the fact can have a negative impact. For more information about folder structure, take a look at this article.
Once you’re sure you’ve got your file structure down, you can decide if you need simple or complex access rights. Most likely it will be a mix of the two. For example, a summer intern would probably only need simple access to a couple of specific folders and subfolders and nothing else. But a more complex scenario would involve mixed rights to folders, which often times will require leveraging groups and individual file permissions.
Once a user is created in SmartFile, and their ‘Home Directory’ is set up, the access rights and permissions that are granted will cascade down to all folders and files within that directory. You want to focus on what access you want to alter.
Define Who Can Do What
Not every organization’s team member has the ability to make decisions that impact the whole company, and the same should be true of file sharing. You need to take the time to figure out who on your team should have the responsibility of managing your users and their permissions.
Who needs to be a User, Administrator, or Manager? For the most part, your team members will just be Users. They’ll be able to change their own profile information like name or password, and they can create links to public files or directories.
But certain people in your IT department will most likely need to be Managers, who can create users and then edit or delete users they created. Then, even fewer people will need to be assigned as Administrators, which means they can do things like set other users’ home directories outside their own or upgrade or downgrade your file sharing solution.
Groups can be extremely helpful for, you guessed it, groups of users. Instead of finding a folder to send to a group of people, you can create groups and allow them access to certain folders. Groups allow you to apply the same permissions to the group and if you need, modify one individual user you want to give different access rights.
You may consider using groups for departments or roles. Often times, users in your organization’s specific departments need access to the same sets of files, so you may find it easier to create a “sales” group or a “marketing” group.
Creating groups based on roles can be helpful in the case of a promotion hiring a new team member. You can add that user to the appropriate group and easily give them access to what they need all at once.
Once you’ve outlined your folders, groups, permissions, etc., in some situations you may find that you’re needing to change or restrict permissions for an individual. Perhaps Ellen often sends the wrong file link to clients or Sam has been known to share sensitive files with a personal email account.
If you’re having to go in and change an individual’s permissions for each file, it most likely reveals a problem other than accessibility. Overly complicated permissions don’t serve anyone. Instead, maybe Ellen could use some file sharing training or Sam needs to take an ethics course.
Create a Global Deny Group
Sometimes you need to take away a user’s access to all of your files. This will most likely come up when you have a team member who no longer works for you. Instead of going through all your files and folders to see what that person had access to, simply create a global deny group.
If you create a group who doesn’t have access to any files, you’ll be able to conveniently deny access across all your servers and all the shares in your environment by simply adding a user.
Your file sharing solution is most likely the heart of your organization. With a little bit of forethought and some tried and true best practices, your user management policies can keep your business running smoothly.