Identifying External Public Files Your Users Can Edit

Following our last post explaining how to deal with organization files that were shared to the public (Public Shared files – How to Address with GAT), this post will deal with a second potential source of accidental information leakage to the public. In this post, we will look at documents shared into the domain, that are open for your users to edit and which are also ‘Public’.

First, we will assess the current situation, which can be done in 3 simple clicks…

 

  1. Select all files with editors from your domain and click on ‘Search Documents’
  2. Select only those files that are public
  3. From that set, select only those files shared in

From the resulting list, you can see what are the public files your staff can edit. They may believe this is a private collaboration with an external individual but in fact, the contents are public on the internet. Using the steps outlined in Public Shared files – How to Address with GAT, you can notify your users in the same way of the risk involved.

Note: As an editor, you can change the access rights to reduce the public access but you should always check with the external owner.

Next, we set up an on-going protocol to alert local editors of such files when they have been shared with them.

 

Step 1

Step 2

Step 3

Step 4

OR

 

Instead of doing the 4 steps above … Click on the filter editor pen behind any filter rule

Paste the following rule …

 

{

 “0privacy”: “NULL_PRIVACY”,

 “_reportType”: “USER_DOCS”,

 “0editedFrom”: “30/10/2014 00:00:00″,

 “0searchTextType”: “DOC_WITH_USER_AS_EDITOR”,

 “1searchTextType”: “DOC_NAME”,

 “#multi”: “and 0 1”,

 “0sharedIn”: “true”,

 “0deleted”: “false”,

 “1deleted”: “false”,

 “0searchText”: “Your_Domain.com“,

 “1privacy”: “PUBLIC_TOTAL”,

 “1sharedIn”: “true”

}

 

Change the date to today’s date (remember format dd/mm/yyyy), the domain to your domain name and after running once, schedule to run nightly after midnight.

Comments

comments