Secure File Sharing
In working with others at the university, you may need to share files between team members, student group partners, faculty and staff. In the olden days, when email was brand new (probably before you were born), servers couldn't handle large attachments, so workers often used the "sneaker network" ("sneaker" as in "shoe"). One project team member would copy the file onto a thumb drive or (dig deep into your memory of the history of computer science) even a "floppy disk" and walk the drive or disk through the building or across campus to share it with a co-worker.
History lesson over.
Thankfully, those days are gone, and we now have many better options for sharing -- both faster and more secure. The easiest and most secure way of sharing is through a network file share. Typically, one is established for you and your team through an IT staff member. It is segmented to allow you acess only to those areas that you are authorized to view or edit. However, if the people you need to share files with do not have that same access, sharing through a network file share is not possible.
With the adoption of cloud technologies, like BuckeyeBox, you can share files easily between members inside the university, and out if necessary. A few things to consider, however.
- Not all cloud sharing platforms are created equally. We chose Box.com, the platform for BuckeyeBox, because the company had the capability of allowing Ohio State to add our own secure authorization to the platform to better protect our data. That's why BuckeyeBox is the platform Ohio State recommends -- we have taken steps to make it more secure than some of the other options out there.
- Be careful! Even if you are using BuckeyeBox, only certain “data elements” are allowed to be shared through a cloud application like BuckeyeBox. Some of these details can be found here. Check first!
- You can set sharing privileges of those you invite to access your folder. Consider what privileges are most appropriate, and give each collaborator the minimum required to fulfill their role. If they are only viewing a file, do not give them editor rights.
- If you are sharing using a link, be sure to select what is appropriate to share in the folder link you provide. If folders include sensitive data, create a link that only allows those with folder access to view the file.
- Check with your department to determine which cloud solutions are appropriate for sharing information you access. Some parts of the university operate with different parameters, so be sure to check first, before authorizing access.
- Visit the list of third party cloud software that has undergone a Risk Assessment from the Enterprise Security Team.