Dropbox Business has a mechanism that allows you to easily and flexibly set access rights to content (folders and files). Thanks to that, we have created a secure team collaboration environment where you can share the information you need with the people you need at any time.
However, conversely, if you share content without being aware of access rights at all, you will give access rights to people who do not need it, which may lead to troubles such as unintentional accidental deletion and information leakage. be.
So, this time, I would like to organize the access rights of Dropbox Business. There are no complicated rules, so I hope that both the administrator and the user will understand it properly and use it securely.
Let’s start with the “members”. Each content on Dropbox Business always has one or more “users with access rights” = members. In a simple example, you are first set as a member of the content you create. And if you set multiple members, the content can be shared among the members. By the way, if you set multiple members for a folder, it becomes a “shared folder”.
On the content list screen of the Web version (dropbox.com), “only you” or “member: XX (number of people)” is displayed in the member column. When you select more content or open the preview screen, the icon of the set member is displayed in the upper right of the screen.
However, it can be a problem if multiple members all have the same authority. This is because members who are not originally in such a role may rewrite, delete, move content, or share (invite) with other members. Therefore, “access right” can be set for each member of the content.
There are three types of access rights that can be set in Dropbox Business: “owner”, “editor (editable)”, and “viewer (viewable)”. The owner is only one of the members and is basically assigned to the creator of the content. The remaining editors and viewers are set to shared members other than the owner.
Owners and editors can edit the contents of files and add or remove files from folders, but viewers cannot do so. Viewers can only view and download content and write comments. Members who want to request co-editing of content should be editors, and members who only want to confirm and comment on content should be viewers.
Add members and change access rights from the content sharing setting screen. In the case of the Web version interface, select the content from the list (check the check box) and click the “Share” button on the upper right to pop up the setting screen.
To add a member, enter it in the “Add email address, name or group name” field. To set the access right, first click “○○ people can access” to display a list of current members and access right, and change the set access right from the pull-down menu.
As shown in the table above, owners / editors / viewers also have different permissions for operations such as inviting / canceling members to shared folders / changing access rights. Editors can support owners as co-administrators of shared folders, such as inviting members and changing access rights.
If a shared folder is created for each project or client, there may be cases where the owner user leaves the team due to a transfer or the like. In that case, the owner can delegate the owner’s authority to another user. On the member / access right list screen of the content introduced earlier, click the access right of the member to whom you want to transfer the authority, and select “Specify as owner” from the pull-down menu.
In the case of a team folder, members will be in group units, and access rights will also be set in group units. To set the sharing settings for the team folder, open “Contents” in the management console, select the team folder, and click “Manage” to display the setting screen. The setting method itself is almost the same as the shared folder, and the access right of “editable” or “viewable” is set for the group.
So far, we have explained setting access rights using folders as an example, but you can set access rights and share files with users in exactly the same way. Dropbox Business allows you to set access rights with such a simple mechanism, but there are some special rules for shared folders and team folders, so be aware of this as well.
When you create or move content in a shared folder, the members of the parent folder and the access right settings are automatically inherited (inherited). You cannot set different permissions for the child folder than the parent folder, and you cannot create a shared folder. In other words, when you create a shared folder, all the content contained in it will be shared with the same members with the same access rights (except for the “link for browsing” function).
At first glance, it may seem like an inconvenient constraint, but it also has merits. For example, content created by oneself (in the personal folder of Dropbox Business) is set to a member who has editing authority only by oneself. If you move this to a shared folder, the same access rights as the shared folder will be set immediately without manually changing the settings, and it will be shared with other members. It is a mechanism that speeds up the work of sharing a large amount of content every day.
On the other hand, the team folder does not have these restrictions, and you can freely set access rights to the subfolders in the team folder. For example, you can create a team folder for each department of the company and create a folder in it that only managerial members can access.
As mentioned above, there are only three types of access rights for Dropbox Business content, which is simple. If you only remember this permission rule and the special behavior of shared folders and team folders, you will have the flexibility to use it. By setting appropriate access rights, I would like you to find a way to promote collaborative work while preventing unintended information leakage.