6 File Management Best Practices to know

What is File Management?

File management is an important component of an organization's overall data management strategy that focuses on keeping files organized, accessible and secure. However, as with any data, the storage of files brings associated risks including the potential for file data to get in the wrong hands, resulting in the loss of personally identifiable information (PII) as a result of a data breach. Below are six best practices for file sharing that companies can adopt in order to protect sensitive information.

File Management Best Practices

1. Start with the Zero Trust principle and grant access on a need-to-know basis
   A common cause of data breaches are compromised employee accounts being used to access company systems and data. By ensuring each user within your network is granted access on the basis of need to know, this minimizes the risk footprint. As a rule of thumb, users should only be assigned  only the absolutely necessary permissions that allow them to perform tasks within their assigned area of responsibility. Therefore if users only need to read information in a folder, assign a “read-only” permission.
2. Organize folders based on both functional and security requirements
   Verify that permissions applied to one folder are also applied to all of the subfolders within it. For instance, if a department/group requires “edit” permissions across several underlying folders, store those folders under a common group where possible. It’s also easier to manage the permissions of application or data folders when they’re stored on their own, rather than when mixed with other file and data types.
3. Use clear labels and images for each folder
   Humans process images faster than words, so if your organization uses a cloud based file interface like Google Drive or Microsoft OneNote, try configuring each shared folder with an image that accurately represents its purpose like “Marketing”, “Support”, “Finance”. Where text labels are your only option to differentiate between folders, make it easy and predictable for users to understand the contents of a folder with an intuitive naming convention.
4. Share with groups instead of users
   Organize your users into appropriate groups and don’t hold back on using multiple groups to represent virtual teams across the business. For example a group called “Website” might consist of both IT and marketing personnel, while separately those employees may belong to various other groups based on different projects running across the business. This makes administration and setting controls less prone to error, particularly as people leave or join a given project or team.
5. Periodically perform data permission audits of files
   It’s important to periodically perform audits for your files to enable the permissions to remain appropriate and don’t expose the organization. This can be done manually. However, as your organization grows, a manual approach may be onerous and time consuming. Many organizations use File Access Management technology to streamline the audit process to identify sensitive files with inappropriate permissions such as a Payroll file that’s accessible by all employees. Once all high risk locations are identified, you should proceed to remediate the risk by assigning appropriate permissions, or consider deleting or archiving the data if it is no longer used or needed.
6. Leverage data discovery to identify which files contain sensitive data
   Ground Labs research found that 70% of professionals surveyed don’t believe their organization knows where all of its data is located. Unfortunately it's impossible to protect data if you don’t know where it is, and companies who suffer a data breach often lose sensitive data they weren't aware of having collected in the first place. Data discovery technology streamlines the process of reviewing the contents of every file and depending on the tool selected, can be extended to search within emails, databases and cloud storage as well.

In 2022, understanding your data and keeping data secure is equally important to ensuring its availability and integrity. If you are setting up a new repository of shared storage, be it in the cloud or on premise, implementing these key practices are a foundational step to ensure long term manageability and security. Should you decide to implement a tool to help perform Data Discovery and File Access Management as part of this initiative, take a closer look at Ground Labs’ Enterprise Recon. Enterprise Recon is a complete discovery and data management solution equipped to find over 300 types of data including insurance information, health care IDs and other PII data which can be deployed rapidly and is easy to use. 

If you’re looking to consult an expert about securing all your sensitive files, contact us today.