If you own a file or folder in Box, you have control of who can access that file or folder. ITS does not set these permissions for you.
Permission levels on Box follow a ‘waterfall’ design in which individuals only have access to the folder they are invited into and any subfolders beneath it.
If you want to give access to somebody else, you can do this by sharing it with them. Unless you put an expiry date on their access, they will always be able to access this folder.
This access is shared by any folders or files within that folder. If you set up a folder and share it with a colleague, then you add a new file or folder within that parent folder, your colleague will be able to access this new file or folder
To understand how to check and change permissions using the Box, please see the Box website
If the content of your files is covered by GDPR legislation (if they contain any personally identifiable information), then you should only share these files with individuals or organisations that you know will respect the intended purpose for the data and follow GDPR best practice.
If you share a file outside of the University, you should have written assurance from the individual or organisation that they will process and store the file in a way that complies with GDPR guidance. For additional guidance about GDPR issues, please see the Data Protection web page.
Best practice revolves around the kind of data you’re storing and sharing.
When you upload something into Box, we consider that to be secure. When you share data with an outside organisation, you are losing some control and therefore you must consider things like:
You should become familiar with the settings and options for file sharing in the cloud storage platform(s) you use.
To ensure that you can comply with best practice and GDPR requirements, you must know:
Learn about Box sharing settings on the Box website
created on 2020-03-19 by Dawn Stewart
last updated on 2020-03-19 by Dawn Stewart