Home  ›  How to Share an Upload Link in Box

How to Share an Upload Link in Box

Written By Wednesday, April 13, 2022 Add Comment Edit

Overview

Box has designed its service to allow users to collaborate on content using one of two features: one) inviting collaborators or ii) sending share links to your content.  Although these features enable easy collaboration of folders and files, extra precautions are necessary to ensure that data is shared with authorized users only.  The best way to do that is to set the correct permissions to ensure the security and privacy of your information. In the following sections, nosotros volition discuss how to share your content safely.

This document assumes that users have a basic agreement of collaboration and sharing functionalities provided in Box, which is provided at the Berkeley Box service webpage.

Summary of Recommendations:

Collaboration Access Levels

  1. Set up default collaborator admission level to "Viewer Uploader" unless your collaborators crave additional access rights.
  2. Create distinct, higher-level folders to organize sensitive vs. non-sensitive information.

Shared Link Permissions

  1. When sharing links, the access level for the shared links should exist gear up at the "Collaborators Only" level to restrict access to a controlled group of individuals you lot accept invited to collaborate on the working binder.
  2. Deactivate links that no longer require access by other users.

Password Protected Shared Link

  1. Do not share sensitive files via an "Open" shared link. If that's unavoidable, use a password to secure the link before sharing information technology with other users.
  2. When sharing the countersign protected shared link, transport the shared link and the countersign in out-of-band communication channels to reduce the likelihood of malicious users stealing the credentials.  For example, email the link, then send the password in a text bulletin or separate electronic mail.

Collaboration Access Levels

Inviting Collaborators

Depending on the sensitivity of your shared files, yous should consider the different collaborator admission levels and assign them to each collaborator appropriately.  See the graphic beneath for a step-past-step guide to setting Collaborator Access Levels.

To choose from the available access levels when inviting someone to collaborate,

  1. Click on the text box (where the text "Enter Email addresses hither" is) higher up the "Invite Collaborators" button
  2. A dropdown carte du jour appears.  Click on the "Avant-garde Options" link
  3. Enter the email addresses of the people you want to invite to interact
  4. Select from the dropdown menu the appropriate collaboration levels.
  5. Click "Invite" push button to send the invitation


Effigy 1 - Advanced options to change collaborator access levels.


Effigy 2 - Invite Collaborators pop-upward

Collaborator Access Levels

Below is a chart showing the unlike collaborator access levels and a description of each level:


Effigy three - Collaborator access levels.

  • Uploader:
    An Uploader is the most limited admission that a user can have in a folder and provides limited write admission. A user assigned Uploader volition see the items in a folder but will non be able to download or view the items. The only action available will be to upload content into the folder. If an Uploader uploads an item with the same proper name every bit an existing item in the binder, the file will exist updated and the existing version will be moved into the version history.
  • Previewer:
    A Previewer simply has limited read admission. This permission level allows a user to view the items in the binder using the integrated content viewer or a viewing application from the OpenBox directory such as Scribd. They will take no other access to the files and volition not be able to download, edit, or upload into the folder.
  • Previewer-Uploader:
    This access level is a combination of Previewer and Uploader. A user with this access level volition exist able to preview files in the binder using the integrated content viewer or a viewing awarding from the OpenBox directory such equally Scribd and will likewise be able to upload items into the binder. If a Previewer-Uploader uploads an particular with the same name as an existing item in the folder, the file will be updated and the existing version volition be moved into the version history. They will have no other access to the files and will non be able to download or edit items in the folder.
  • Viewer:
    A Viewer has full read access to a folder. So they will be able to preview any item using the integrated content viewer and will be able to download whatever particular in the binder. A Viewer tin generate a shared link for whatsoever item in the folder likewise as brand comments on items. A viewer will non be able to add together tags, invite new collaborators, upload, or edit items in the folder.
  • Viewer-Uploader:
    This access level is a combination of Viewer and Uploader. A Viewer-Uploader has full read access to a binder and limited write access. They will be able to preview any item using the integrated content viewer and will exist able to download any item in the folder. They can generate a shared link for whatsoever detail in the binder equally well as make comments on items. A Viewer-Uploader will also be able to upload content into the folder. If a Viewer-Uploader uploads an item with the aforementioned name as an existing item in the folder, the file will be updated and the existing version will be moved into the version history. They volition not be able to add tags, invite new collaborators, or edit items in the folder.
  • Editor:
    An Editor has full read/ write access to a folder. They tin view and download the contents of the binder, as well as upload new content into the binder. They have permission to delete items, edit items, annotate of files, generate a shared link for items in the binder, and create tags. By default an Editor will be able to invite new collaborators to a binder; notwithstanding, an editor cannot manage users currently existing in the folder. An Editor tin can as well Sync folders to Desktop and Laptop computers.
  • Co-Owner:
    A Co-Owner has all of the functional read/ write access that an Editor does. This permission level has the added ability to be able to manage users in the folder. A Co-Owner can add together new collaborators, change collaborators access, and remove collaborators (they volition not be able to manipulate the owner of the folder or transfer ownership to another user).

1 additional choice is to restrict permission to invite collaborators to a folder, this is under the Folder Backdrop, Security tab.   Checking the box highlighted below will restrict Editors and other co-owners from being able to invite other collaborators.


Figure 4 - Only folder possessor tin can send collaborator invites.

Recommendation:  Set default collaborator admission level to "Viewer-Uploader" unless your collaborators require additional access rights.

In add-on to read and upload privileges, granting your collaborators "Viewer-Uploader" admission volition allow them to overwrite an existing file with a new version, moving the previous version of the file to version history for review later.  On the flip side, "Viewer-Uploader" access level restricts a collaborator from being able to 1)invite other users to collaborate on the folder; and 2)delete files/folders within the collaborated folder.  For more details on what a "Viewer-Uploader" collaborator tin can exercise, refer to a detailed clarification of each access level above.

The "Viewer-Uploader" access level helps to avoid the risk of accidental or malicious deletion of data in your collaborated folder, while nevertheless providing collaborators with the core collaboration functions such every bit read and update access.   This is especially powerful when combined with defaulting all shared links to "Collaborator Only" access level every bit described in Recommendation #iii.

Recommendation:  Create distinct, higher-level folders to organize sensitive vs. non-sensitive data.

Please note that when collaborator admission level is granted to Joe User at a top level folder, Joe User will have the same access level for all the subfolders under the tiptop level folder.  In other words, if y'all have sensitive data you don't want to share, but those files fall nether a top-level folder where you granted Joe User with viewer or editor collaborator access levels, your sensitive data will now exist exposed to Joe User fifty-fifty though yous have non explicitly shared your sensitive information with Joe User!

A safer fashion to manage your sensitive files would be to avoid inviting collaborators to your top-level binder.  Instead, invite collaborators to the lower level subfolders, which ways admission to fewer files and less gamble of your collaborators seeing files they should not be able to see.

Removing Collaborator Access

Afterward you invite collaborators to a folder, you can return to see who the collaborators are for a particular file or folder past navigating to information technology in the Box web interface.  If a collaborator no longer needs access, you tin can likewise remove his/her access from this bill of fare.   To remove the collaborator:

  1. Click on the Collaborator'due south name from the list of collaborators
  2. Click on the Access Level drop-downwards menu
  3. Select "Remove"


Figure 4 - Removing collaborator from folder.

Shared Link Permissions

Recommendation:  When sharing links, the access level for the shared links should exist set at the "Collaborators Merely" level to restrict access to a controlled group of individuals y'all have invited to interact on the working binder.

To restrict shared links to "Collaborators Only" access level for a folder and its files, follow the steps beneath (this assumes that collaborators have already been invited to the folder.   Meet section on Collaborator Access Levels section for more details):

  1. Navigate to the folder on Box web UI
  2. Click "Folder Options" drib-down menu -> Binder Properties -> Security
  3. Check the box for "Restrict shared links to collaborators only"
  4. Click Okay button to save the setting


Effigy 5 - Getting to folder level security properties


Effigy half-dozen - Checkbox to restrict shared link access to collaborators only.

Below is a list of the sharing levels and their descriptions:

  • Open:
    Set the link to "open" if you want anyone with the shared link (including Box Lite business relationship users and users with no Box account at all) to have access to the file. To restrict admission to the file, you lot tin can set an expiration engagement or fifty-fifty require a countersign – these restrictions volition apply to anyone not already collaborating in the folder.
  • @Berkeley:
    Want to send out a link without worrying well-nigh outsiders viewing the file? Only select the "@Berkeley" selection – think that Berkeley users, if they are not collaborators already, must receive the link from you to take access.
  • Collaborators Only:
    Select this option if y'all want to point a collaborator to a specific file or folder without making the link accessible to not-collaborators.
  • Disable:
    This feature disables the shared link for a file or folder. If a collaborator wants to admission the file, they'll take to log into Box and find it in the appropriate binder.

Some times you want to share files with others only for a specific period fourth dimension, after which you may want to accept away access to that file.  Box offers ways for you to deactivate the links you lot shared by style of setting an expired date on the links (applicable only to "Open up" and "@Berkeley" links just) or manually disabling the link.  Doing so will reduce the likelihood that files and folder, peculiarly those containing sensitive data, get orphaned and unmanaged later on a period of active collaboration.

Recommendation: Deactivate links that no longer crave access by other users.


Figure vii - Disabling a shared link.

To disable a shared link:

  1. Find the file or binder for which you want to disable sharing in Box
  2. Click on the "Share" button to the right of the file name
  3. Click on the "Admission" dropdown menu
  4. Select "Disabled" access level
  5. Click "Okay" to confirm you lot want to disable sharing for that file/folder

To fix an expiration appointment on a shared link:

  1. Find the file or folder for which y'all desire to set expiration in Box web interface
  2. Click on the "Share" button to the correct of the file name
  3. Click on the "Admission" dropdown carte
  4. Select an access level ("Open up", "@berkeley")
  5. Click on "Set up Expiration"
  6. Select the desired expiration date in "Unshared On" field
  7. Click Okay to salvage your option

Password Protected Shared Link

Recommendation: Do not share sensitive files via an "Open up" shared link. If that's unavoidable, apply a password to secure the link before sharing information technology with other users.

If a business demand requires that a sensitive file be shared with users outside of campus, Box allows end users to password-protect public web links, requiring visitors to enter the set up countersign to access the file or binder.  Please consult Box and Google Data Use Agreement on appropriate usage of Box for various restricted data types.

Recommendation: When sharing the password protected shared link, send the shared link and the countersign in out-of-band communication channels to reduce the likelihood of malicious users stealing the credentials.  For example, electronic mail the link, then send the countersign in a text bulletin or split email.

Too notation that a password protected shared link does not offering the same level of protection as file-level encryption, since information technology only protects the file when accessed through the link.  Collaborators may however exist able to admission the file without entering a password.


Figure viii - Opening the Shared Link popular up window.

To employ this feature,

  1. Click on the "More Options" dropdown menu next to the file or folder
  2. Hover over "Share" and select "Get Link to File" or "Get Link to Folder"
  3. On the pop-upwardly window, open the Access Level menu in the upper right corner
  4. Click the radio push for "Open" access level
  5. Click "Set Countersign"
  6. Enter the countersign in the text field.  Delight consult the campus password policy for item recommendation on countersign complexity requirements
  7. Click Relieve

Additional References

Box Video

  1. Secure File Sharing: www.youtube.com/lookout?v=vFKB4MSbq8I
  2. Box Collaboration Basics Video: http://success.box.com/videos/collaborators/
  3. Box Security Tools Video: http://success.box.com/videos/collaboration-tools/
  4. Box Everyday Collaboration Best Practices: http://success.box.com/all-time-practices/everyday-collaboration/

UC Berkeley Box Documentation

  1. UC Berkeley Documentation: (https://kb.wisc.edu/berkeley/search.php?q=box)
  2. UC Berkeley Box and Google Data Use Agreement
  3. UC Berkeley Box Sync Guidelines

If y'all accept whatever questions about how to collaborate on Box, please email box-support@lists.berkeley.edu.

floreshinglew.blogspot.com

Source: https://security.berkeley.edu/education-awareness/box-collaboration-guidelines

0 Response to "How to Share an Upload Link in Box"

Post a Comment

Subscribe to: Post Comments (Atom)

Iklan Atas Artikel

Iklan Tengah Artikel 1

Iklan Tengah Artikel 2

Iklan Bawah Artikel