Let's imagine you had a fine-grained set of sharing controls at your fingertips.
How would you decide which features to use for a given recipient? At eShare, we advocate thinking in zones or buckets of risk. You can use colors, numbers or descriptions to separate recipient needs, concerns, benefits - and potential issues. We recommend a zero-trust approach, wherein each zone has only the access required, with the risks associated with the upside of sharing fully managed.
For example, a regulated company might build a zone map like this:
From there, the trick is to work with IT security, legal and business managers to validate the design, and identify the best tools to use. Start with the highest value or highest risk zones.
For example, you likely already have a "green" zone in which internal employees are allowed to share copies. So too may "blue" zone contractors, under a BAA or other agreement, be permitted to share sensitive information so long as it is not in bulk, and ensuring it is encrypted if persisted.
Take a different approach for bulk transfers, and for collaboration where enriching the shared information and/or uploading a response is required. Most auditor collaborations, for example, put both parties at risk of breach... if you allow them only to read or edit documents online, without saving copies, you don't need to worry about them as much...
For sharing in the yellow and red zones, ensure you control the data by denying download (including copy/paste) and ensure full traceability by automatically watermarking the document with the recipient's username and IP address:
From here you can assign $ amounts to risk - then weight the use cases by savings (or risk) and quickly identify the path forward.
If you'd like to discuss any of these steps, or see how our solution solves the problem from within tools your users already probably have, please contact eShare anytime.
