Adding and removing folder security

These steps will help you manage security permissions for a group of documents contained in a folder. 

Imagine you are working on a project with a client. You want everyone on the project to be able to make changes to project documents directly so you don’t have to make every change yourself, but you also don’t want anyone outside the project to edit the documents. 

Or imagine instead that you are giving access to your account to a third party NOC and you want to limit what they can access. You have decided to lock down most documents, so that they cannot see or modify them.

Folder security lets you better manage the flow of information across your organization. You simply protect your documents in folders to provide access to a smaller group of users. With this feature, you still have the option of changing who can access individual documents or subfolders inside the higher level folder, if needed, for example:

folder-permissions.png

Prerequisites

  • This feature is available to anyone with a Creator or above user role.
  • Before you begin, you'll want to make sure that you've organized your documents in folders.

Note: It's also recommended that you set up groups in advance. By adding groups instead of individual users to folders, a user only has to be added to the group to be given access to folders spread throughout your account. It's as easy as changing their group membership to give them the relevant accesses. Otherwise, you would need to determine which folders need to be updated and change them all individually each time someone joins or leaves your organization.

Instructions

Adding folder security

When you set restrictions on who can access a folder, these permissions will cascade down from the higher level folder to documents and subfolders inside the folder unless you (the user modifying security) do not have access to more heavily restricted documents and subfolders. Of the ones you can access, folder security will be combined with any existing document or subfolder security restrictions.

To get started, open one of your organizations.

  1. Click Documents from the sidebar.
  2. In the folder listing, select the checkbox next to the folder, or right-click on the folder.
  3. From the Actions menu in the top-right corner, click Security.
  4. From the Security dialog, choose the Restrict access to this Folder by Group and/or User option.
  5. Select which groups and users can have access to the folder.
  6. Click Save.

folder_security.gif

After you make this change, only the specified users and groups can see it in the folder listing and in search results. When documents or subfolders are created inside the folder, they are automatically given the same security restrictions as the higher level folder.

Sharing documents inside the folder

Next, you can share documents inside the folder with others outside of this core group of users (e.g. User B in the diagram further above), if desired.

  1. Locate the document you want to share.
  2. Open it, and click Edit.
  3. Scroll down to the Security section.
  4. Under the Restrict access to this Document by Group and/or User option, select the desired groups and users by checking the relevant boxes.
  5. Click Save.

After this change is made, the document will be searchable to the specified groups and users. They can also open the document if it's linked to. This includes any @relate links that are created from other documents.

Removing folder security

You can quickly remove all folder security settings by following these simple steps:

  1. Select the checkbox next to the folder you want to remove security from, or right-click on the folder.
  2. From the Actions menu in the top-right corner, click Security.
  3. From the Security dialog, choose the All users with access to [organization name] can access this Folder option.
    Be careful! This change will cascade down to all subfolders and documents that you have access to. This may erase security on sensitive documents.
  4. Click Save.

After you save this change, any restrictions on that folder and its contents are removed.

Common Questions

Is there a folder owner?

No, there is no folder owner. Members of the restricted folder with an Editor role or above can share the folder with more people and even delete it. Anyone with a Creator role can also change who can access it but is prevented from deleting it.

What happens when documents are moved or copied?

All current document security restrictions will be retained. For example:

  • You create a new benefits document in a folder that's restriced to your HR team. Later on, you move that document to an unrestricted folder. Access to the document will still be restricted to your HR team.
  • You create a new procedure in an unrestricted working copies folder, and then you move it to a client organization and into a restricted access folder. The document will not have any document security. Anyone who can access that organization will have access to the document.

How do I know if I’m in a restricted access folder?

It's the same for folders and documents. Folders that are restricted to a group of users will display a closed padlock icon when viewed from the folder listing.

 

Note

  • If you are concerned about who can access sensitive documents, you can:
    • review the documents to ensure that the actual level of security is as tight as you assume it to be. 
    • move the documents to a new, top-level folder and only grant the relevant people access.

 

Related articles

Was this article helpful?
2 out of 3 found this helpful