Home > Articles

This chapter is from the book

This chapter is from the book

Working in the Cloud: Using Web-Based Applications and Tools to Collaborate OnlineWorking in the Cloud: Using Web-Based Applications and Tools to Collaborate Online

Learn More Buy

This chapter is from the book

This chapter is from the book

Working in the Cloud: Using Web-Based Applications and Tools to Collaborate OnlineWorking in the Cloud: Using Web-Based Applications and Tools to Collaborate Online

Learn More Buy

Tips for Effective File-Sharing

With many cloud services, you have the option to share specific files or entire folders with other people or groups of other people. When you do this, the person or people you opt to share content with can share content in your account. Everything else that’s stored within your account theoretically remains private and inaccessible by those other users.

Maintain Control of the Files You Share

File-sharing management is the owner’s responsibility. A simple user error could easily lead to the wrong content being shared with the wrong people, or content being made available to your entire team or organization when it was only meant to be shared with a single individual. Before taking advantage of the file-sharing capabilities of any service, make sure you understand how the functionality works and that you know how to manage the sharing privileges and permissions associated with your files and folders. Based on the type of content being shared, consider putting additional (optional) security measures in place, such as password-protecting the shared files or folders. Some services also allow owners to set up a two-step verification process, which helps ensure that only the invited people can gain access to shared content.

FYI: Owners Versus Invitees

The owner is the person who controls a cloud account, selects the files and/or folders to be shared, and then determines specifically with whom the content will be shared. The owner might be a project manager or team leader, or the person who initially created or composed the content.

Invitees are the people who are granted permission to access specific files or folders that are stored within the owner’s cloud-based account.

As the owner, you always maintain the ability to invite additional people to share the content with or revoke someone’s access to the content later. It is your responsibility to ensure that your content is properly organized and that you invite only the appropriate people to access the content that they should become privy to. When necessary, you may need to revoke access to people who no longer need access to the content.

In Practice

File Downloading

When you’re sharing files and folders or collaborating on files, it’s a good idea to deactivate the ability for collaborators or team members to download the files (at least until the document is finalized). By preventing others from downloading, all necessary people always have access to the latest version of a document, but you’re preventing unauthorized people from accessing it (because people can’t download and share the file). All work done to the document is automatically logged as part of a document history, which is typically created by the cloud-based service, so you have an audit trail that might be needed for compliance purposes.

If work-in-progress files need to be shared with people outside of the cloud, activate password protection to that document or file, and try to avoid sharing it via email.

In Practice

Understand What Can Happen with Shared Files

Every time you opt to share any content with other people via any sharing service, it’s up to you (the owner) to set permissions for each file and folder as well as for each person you’re sharing with. The permissions determine what the invitees are able to do with the content you’re sharing.

Don’t rely only on default settings when sharing files, especially if you’re working with sensitive or confidential content.

Manage Permissions for Shared Content

All file-sharing services allow the content owner to determine what exactly can be done with the content being shared. For example, permission options might include the following:

squ.jpg Read Only—The invitees can open and read the files on screen, but they can’t alter or store the files locally.

squ.jpg Read and Edit—The invitees can freely read and edit the shared files.

squ.jpg Read and Comment—The invitees can read these files, but they can only add comments, not edit or alter the files directly.

squ.jpg Download—The invitees can view (and potentially edit) the content and download it to their own computer(s) or mobile device(s). This setting gives the invitees, as well as the owner, control over the content. Whether or not the invitee can edit a shared document is based on the security settings the sender has applied to the file.

squ.jpg Share with Others—The invitees are able to share the content with others at their discretion.

squ.jpg Printing Options—The owner can determine if others are able to print the content locally or just view it on their screen.

squ.jpg Expiration Date for Shared Content Links—The owner can make the link active for a predefined time period, ranging from several minutes, to several hours, days, weeks, or months. After the link expires, the invitees no longer have access to it.

In Practice

Get Into the Habit of Checking Your Settings

The easiest way to avoid mistakes is to diligently manage your account. On a daily or weekly basis, get into the habit of accessing your account and check the status of each file and folder that you’re sharing. Make sure the settings and permissions are correctly adjusted based on the sensitivity of the content, and verify that you’re sharing only with the proper individuals.

Common errors to check for include

  • Accidently selecting the wrong file(s) or folder(s)

  • Choosing the wrong people to share the selected file(s) and folder(s) with

  • Incorrectly adjusting the permission options, which gives the invitees the ability to edit, share, print, or otherwise work with the content in ways they’re not authorized to do

  • Failing to revoke access to content that other people no longer require access to—for example, if someone has left the team or company but their access to the cloud-based content remains in place

When a file-sharing service is adopted by a group of people or company, one person is typically given administrator control. The administrator can activate security features and manage all account settings for everyone, which can override individual user settings. What the administrator can do is based on the service being used. I discuss more about administrator capabilities throughout this book.

Understand How You Can Lose Control of Content

When you invite people to collaborate on a file or document, or you grant them permission to view and edit the document as well as download it to their computers or mobile devices, you lose significant control over that content. Even if an invitee’s ability to download and print content that they’re working with in the cloud is disabled and they’re only able to view it on their screen, that invitee could theoretically use his computer or mobile device’s screen capture functionality (or screen recording software) to later duplicate and reproduce that content.

A more common occurrence relating to when a content owner loses control over their file(s) is when permission is granted for others to download the content. After the content leaves the secure cloud-based workspace, the invitee can typically do with it as she pleases—editing it, printing it, and distributing it at her discretion.

If the owner later revokes someone’s access to the cloud-based version of the file, the invitee is prevented from obtaining file updates (as the owner or authorized collaborators edit the content), but any files the invitee has already downloaded are still at large and possibly being edited by the invitee.

In Practice

Locking Down Files

You can use built-in features of some software to protect files, including Microsoft Word documents, before you store them in the cloud. From the Microsoft Word Security window, you’re able to protect a document against modifications related to Track Changes and Comments, or you can strip the document of any personal information upon saving it.

After a document or file has been secured or protected using tools built into the software you’re using, it can then be uploaded and shared using a cloud-based service. Then, even if an unauthorized person manages to download to the document by hacking into your cloud-based account, for example, they still won’t be able to open that document file if its password protected using a different password than the one used to gain access to your cloud account.

Maintain a Version History for Important Documents and Files

Most cloud-based services automatically store older versions of a file or document as it’s being edited. This version history allows users to access older versions of files for reference (for example, to determine when a change was introduced) and allows the cloud-based service to maintain a detailed audit trail for each document or file.

You have to make sure this feature is turned on in the service you’re using; also make sure that older versions of a file or document are protected against deletion by individual users. Then you determine how long file or document histories are maintained and stored by the service.

If version history functionality is important to your team or organization for compliance purposes, or just for peace of mind (to protect against accidental deletion of important information, for example), look for services that maintain a complete file history forever rather than for only 30, 60, or 120 days. For this feature, you might need to subscribe to a premium version of the service.

When working with files and documents that have a version history (a copy of every version of that file or document is kept as changes or revisions are made), pay attention to the file’s date and time to ensure you’re always working with the most up-to-date version. Some services make only the latest file or document version readily available to all users and store the older versions of that file or document in a safe folder that’s not as easily accessible.

InformIT Promotional Mailings & Special Offers

I would like to receive exclusive offers and hear about products from InformIT and its family of brands. I can unsubscribe at any time.

Overview


Pearson Education, Inc., 221 River Street, Hoboken, New Jersey 07030, (Pearson) presents this site to provide information about products and services that can be purchased through this site.

This privacy notice provides an overview of our commitment to privacy and describes how we collect, protect, use and share personal information collected through this site. Please note that other Pearson websites and online products and services have their own separate privacy policies.

Collection and Use of Information


To conduct business and deliver products and services, Pearson collects and uses personal information in several ways in connection with this site, including:

Questions and Inquiries

For inquiries and questions, we collect the inquiry or question, together with name, contact details (email address, phone number and mailing address) and any other additional information voluntarily submitted to us through a Contact Us form or an email. We use this information to address the inquiry and respond to the question.

Online Store

For orders and purchases placed through our online store on this site, we collect order details, name, institution name and address (if applicable), email address, phone number, shipping and billing addresses, credit/debit card information, shipping options and any instructions. We use this information to complete transactions, fulfill orders, communicate with individuals placing orders or visiting the online store, and for related purposes.

Surveys

Pearson may offer opportunities to provide feedback or participate in surveys, including surveys evaluating Pearson products, services or sites. Participation is voluntary. Pearson collects information requested in the survey questions and uses the information to evaluate, support, maintain and improve products, services or sites, develop new products and services, conduct educational research and for other purposes specified in the survey.

Contests and Drawings

Occasionally, we may sponsor a contest or drawing. Participation is optional. Pearson collects name, contact information and other information specified on the entry form for the contest or drawing to conduct the contest or drawing. Pearson may collect additional personal information from the winners of a contest or drawing in order to award the prize and for tax reporting purposes, as required by law.

Newsletters

If you have elected to receive email newsletters or promotional mailings and special offers but want to unsubscribe, simply email information@informit.com.

Service Announcements

On rare occasions it is necessary to send out a strictly service related announcement. For instance, if our service is temporarily suspended for maintenance we might send users an email. Generally, users may not opt-out of these communications, though they can deactivate their account information. However, these communications are not promotional in nature.

Customer Service

We communicate with users on a regular basis to provide requested services and in regard to issues relating to their account we reply via email or phone in accordance with the users' wishes when a user submits their information through our Contact Us form.

Other Collection and Use of Information


Application and System Logs

Pearson automatically collects log data to help ensure the delivery, availability and security of this site. Log data may include technical information about how a user or visitor connected to this site, such as browser type, type of computer/device, operating system, internet service provider and IP address. We use this information for support purposes and to monitor the health of the site, identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents and appropriately scale computing resources.

Web Analytics

Pearson may use third party web trend analytical services, including Google Analytics, to collect visitor information, such as IP addresses, browser types, referring pages, pages visited and time spent on a particular site. While these analytical services collect and report information on an anonymous basis, they may use cookies to gather web trend information. The information gathered may enable Pearson (but not the third party web trend services) to link information with application and system log data. Pearson uses this information for system administration and to identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents, appropriately scale computing resources and otherwise support and deliver this site and its services.

Cookies and Related Technologies

This site uses cookies and similar technologies to personalize content, measure traffic patterns, control security, track use and access of information on this site, and provide interest-based messages and advertising. Users can manage and block the use of cookies through their browser. Disabling or blocking certain cookies may limit the functionality of this site.

Do Not Track

This site currently does not respond to Do Not Track signals.

Security


Pearson uses appropriate physical, administrative and technical security measures to protect personal information from unauthorized access, use and disclosure.

Children


This site is not directed to children under the age of 13.

Marketing


Pearson may send or direct marketing communications to users, provided that

  • Pearson will not use personal information collected or processed as a K-12 school service provider for the purpose of directed or targeted advertising.
  • Such marketing is consistent with applicable law and Pearson's legal obligations.
  • Pearson will not knowingly direct or send marketing communications to an individual who has expressed a preference not to receive marketing.
  • Where required by applicable law, express or implied consent to marketing exists and has not been withdrawn.

Pearson may provide personal information to a third party service provider on a restricted basis to provide marketing solely on behalf of Pearson or an affiliate or customer for whom Pearson is a service provider. Marketing preferences may be changed at any time.

Correcting/Updating Personal Information


If a user's personally identifiable information changes (such as your postal address or email address), we provide a way to correct or update that user's personal data provided to us. This can be done on the Account page. If a user no longer desires our service and desires to delete his or her account, please contact us at customer-service@informit.com and we will process the deletion of a user's account.

Choice/Opt-out


Users can always make an informed choice as to whether they should proceed with certain services offered by InformIT. If you choose to remove yourself from our mailing list(s) simply visit the following page and uncheck any communication you no longer want to receive: www.informit.com/u.aspx.

Sale of Personal Information


Pearson does not rent or sell personal information in exchange for any payment of money.

While Pearson does not sell personal information, as defined in Nevada law, Nevada residents may email a request for no sale of their personal information to NevadaDesignatedRequest@pearson.com.

Supplemental Privacy Statement for California Residents


California residents should read our Supplemental privacy statement for California residents in conjunction with this Privacy Notice. The Supplemental privacy statement for California residents explains Pearson's commitment to comply with California law and applies to personal information of California residents collected in connection with this site and the Services.

Sharing and Disclosure


Pearson may disclose personal information, as follows:

  • As required by law.
  • With the consent of the individual (or their parent, if the individual is a minor)
  • In response to a subpoena, court order or legal process, to the extent permitted or required by law
  • To protect the security and safety of individuals, data, assets and systems, consistent with applicable law
  • In connection the sale, joint venture or other transfer of some or all of its company or assets, subject to the provisions of this Privacy Notice
  • To investigate or address actual or suspected fraud or other illegal activities
  • To exercise its legal rights, including enforcement of the Terms of Use for this site or another contract
  • To affiliated Pearson companies and other companies and organizations who perform work for Pearson and are obligated to protect the privacy of personal information consistent with this Privacy Notice
  • To a school, organization, company or government agency, where Pearson collects or processes the personal information in a school setting or on behalf of such organization, company or government agency.

Links


This web site contains links to other sites. Please be aware that we are not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of each and every web site that collects Personal Information. This privacy statement applies solely to information collected by this web site.

Requests and Contact


Please contact us about this Privacy Notice or if you have any requests or questions relating to the privacy of your personal information.

Changes to this Privacy Notice


We may revise this Privacy Notice through an updated posting. We will identify the effective date of the revision in the posting. Often, updates are made to provide greater clarity or to comply with changes in regulatory requirements. If the updates involve material changes to the collection, protection, use or disclosure of Personal Information, Pearson will provide notice of the change through a conspicuous notice on this site or other appropriate way. Continued use of the site after the effective date of a posted revision evidences acceptance. Please contact us if you have questions or concerns about the Privacy Notice or any objection to any revisions.

Last Update: November 17, 2020