\n
Best Practice #3: Securely Sharing Files<\/h3>\n
There are multiple ways to share files within Dropbox however, you should take the following precautions prior to sharing any sensitive\/regulated data that is stored in Dropbox:<\/p>\n
Direct Sharing for Collaboration<\/strong><\/p>\nDirect sharing of file and folders allows those with a Dropbox account to directly view and edit files in the Dropbox environment. Since a Dropbox account is required, it is not recommended<\/strong> to share files directly with participants outside of UH. For external non-Â鶹´«Ã½participants, it is recommended to use Dropbox Transfer to send files.<\/p>\n\n- Ensure the person you\u2019re sharing the files with NEEDS to view this information. Do NOT share sensitive\/regulated data with others that don\u2019t have a \u201cneed to know\u201d. Extra precaution should also be taken when sharing files externally.<\/li>\n
<\/br><\/p>\n
- Share folders instead of individual files. This makes it easier to manage permissions, especially when working with multiple files.<\/li>\n
<\/br><\/p>\n
- Think about using the options below to enhance the security of the data.<\/li>\n
\n- Settings to consider enabling when sharing folders:<\/li>\n
![\"Dropbox](\"https:\/\/www.hawaii.edu\/infosec\/wp-content\/uploads\/sites\/24\/2023\/11\/sharing.png\")
\n <\/br><\/br><\/p>\n
- Settings to consider enabling when sharing files:<\/li>\n
![\"Dropbox](\"https:\/\/www.hawaii.edu\/infosec\/wp-content\/uploads\/sites\/24\/2023\/11\/dropbox_file_share.png\")
\n <\/ol>\n<\/ol>\n
Dropbox Transfer for External Sharing<\/strong><\/p>\nFor sharing files to those without a Â鶹´«Ã½Enterprise Dropbox account including non-Â鶹´«Ã½participants, it is recommended to use the Dropbox Transfer feature to send files. Below are some settings for securely transferring files:<\/p>\n
\n- Set an expiration date that is as short as possible and expire \/ delete the transfer once files are downloaded by the recipient. Dropbox transfer links are accessible to anyone with access to the link therefore it is important to close the link as soon as possible.<\/li>\n
- Include a password if possible to prevent unauthorized access to the files. Passwords should be communicated over a separate channel such as a phone call or in-person<\/li>\n
- Enable download notifications to see when your recipient(s) have downloaded files and expire the link accordingly.<\/li>\n
![\"Screenshot](\"https:\/\/www.hawaii.edu\/infosec\/wp-content\/uploads\/sites\/24\/2023\/11\/transfer-settings.png\")
\n <\/ol>\n<\/p><\/div>\n
\n
Â鶹´«Ã½FileDrop<\/h2>\nBest Practice #1: Protect and Expire the FileDrop Link<\/h3>\n
Â鶹´«Ã½FileDrop is a tool provided by ITS to securely share files to Â鶹´«Ã½and non-Â鶹´«Ã½recipients using a download link. When sending sensitive or regulated data, it is important to enable the following settings to ensure that files cannot be downloaded by unauthorized recipients:<\/p>\n
\n- Require authentication on files (only available when sending to Â鶹´«Ã½recipients). If authentication cannot be enabled for your FileDrop, it is recommended that your files be password protected before sharing. Passwords should be communicated over a separate channel such as a phone call or in-person.<\/li>\n
![\"Filedrop](\"https:\/\/www.hawaii.edu\/infosec\/wp-content\/uploads\/sites\/24\/2023\/11\/filedrop_auth.png\")
<\/p>\n
- Set an expiration date that is as short as possible and expire the FileDrop link after downloading. Both the sender and recipient may expire the FileDrop link so it is recommended to let recipients know to expire links immediately after downloading.<\/li>\n
![\"Filedrop](\"https:\/\/www.hawaii.edu\/infosec\/wp-content\/uploads\/sites\/24\/2023\/11\/filedrop_expire.png\")
\n <\/div>\n","protected":false},"excerpt":{"rendered":"
This article is aimed at users who are utilizing the Â鶹´«Ã½Enterprise Dropbox for storing and sharing sensitive & regulated data, and FileDrop for sharing sensitive & regulated data. The best practices mentioned below highlight what users can do to … <\/p>\n","protected":false},"author":138,"featured_media":0,"parent":70,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"page-onecolumn.php","meta":{"footnotes":""},"class_list":["post-1747","page","type-page","status-publish","hentry"],"_links":{"self":[{"href":"https:\/\/www.hawaii.edu\/infosec\/wp-json\/wp\/v2\/pages\/1747","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.hawaii.edu\/infosec\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.hawaii.edu\/infosec\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.hawaii.edu\/infosec\/wp-json\/wp\/v2\/users\/138"}],"replies":[{"embeddable":true,"href":"https:\/\/www.hawaii.edu\/infosec\/wp-json\/wp\/v2\/comments?post=1747"}],"version-history":[{"count":15,"href":"https:\/\/www.hawaii.edu\/infosec\/wp-json\/wp\/v2\/pages\/1747\/revisions"}],"predecessor-version":[{"id":1931,"href":"https:\/\/www.hawaii.edu\/infosec\/wp-json\/wp\/v2\/pages\/1747\/revisions\/1931"}],"up":[{"embeddable":true,"href":"https:\/\/www.hawaii.edu\/infosec\/wp-json\/wp\/v2\/pages\/70"}],"wp:attachment":[{"href":"https:\/\/www.hawaii.edu\/infosec\/wp-json\/wp\/v2\/media?parent=1747"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
![\"\"](\"https:\/\/www.hawaii.edu\/infosec\/wp-content\/uploads\/sites\/24\/2023\/11\/create_word_doc.png\")
<\/p>\n![\"\"](\"https:\/\/www.hawaii.edu\/infosec\/wp-content\/uploads\/sites\/24\/2023\/11\/edit_dropbox_file-1.png\")
<\/p>\n![\"\"](\"https:\/\/www.hawaii.edu\/infosec\/wp-content\/uploads\/sites\/24\/2022\/06\/folder-icon.png\"){kind=icon}
<\/p>\n![\"\"](\"https:\/\/www.hawaii.edu\/infosec\/wp-content\/uploads\/sites\/24\/2022\/06\/online-only.png\")
\n <\/ol>\n![\"Mac](\"https:\/\/www.hawaii.edu\/infosec\/wp-content\/uploads\/sites\/24\/2022\/06\/taskbar_mac.png\")
<\/p>\n![\"\"](\"https:\/\/www.hawaii.edu\/infosec\/wp-content\/uploads\/sites\/24\/2022\/06\/windows-icon.png\"){kind=icon}
![\"\"](\"https:\/\/www.hawaii.edu\/infosec\/wp-content\/uploads\/sites\/24\/2022\/06\/profile-icon.png\"){kind=icon}
![\"Dropbox](\"https:\/\/www.hawaii.edu\/infosec\/wp-content\/uploads\/sites\/24\/2022\/06\/quit_dropbox.png\")
\n <\/ol>\n