Access Level / Sharing
General
This field has a drop down for the parameters listed below. These represent commonly used parameter labels for data discovery but can be added to on the List Reference tab of the IDS.
Access Level / Sharing
In this field, we're highlighting the different ways data can be accessed and shared within your organization. The parameters we've outlined below will help you clearly designate who can see and interact with each file. These rules are critical to maintaining control over your data, ensuring the right people have access when they need it, and keeping sensitive information secure.
Data access and sharing can be organized into several categories, reflecting the scope and limitations of access. These categories range from broadly shared files within the organization, to those only accessible to specific individuals or roles, to files that are secured through encryption or other means. This will be covered in greater detail during the section on Cyber Security and other sections throughout this playbook.
Best Practices
- Internal Shared- This file is accessible to all employees within the organization.
- Internal Private- This file is accessible only to specific individuals or groups within the organization.
- External Private- This file is shared privately with specific external individuals or entities, such as a specific client or partner.
- Shared by Role- Access to this file is granted based on the job role of the employee. For example, all managers or all technicians might have access.
- Secured / Encrypted- This file is protected by security measures such as encryption, which ensures that the data cannot be read without the appropriate decryption key.
- Restricted Access- This file is highly sensitive and access is heavily restricted, perhaps only to top management or a specific individual.
Understanding Good Stewardship
All DATA should be secured, and Access Levels and Sharing should be done intentionally. Data is often over-shared and under-secured within businesses and this can allow malicious software and users access to data, that if manipulated could disrupt or damage an organization. Also, it's not uncommon for data to be damaged unintentionally by those who have access to the data without an understanding of the rules and procedures that apply to it.