198 Lotus blogs updated hourly. Who will post next? Home | Blogs | Search | About 
 
Latest 7 Posts
Tableau & MakeOverMonday – Learning new skills
Fri, Oct 6th 2017 18
What is IBM Connections? And how to explain it to users!
Thu, May 25th 2017 3
Session slides for my Engage & SNOUG sessions
Thu, May 18th 2017 2
It's conference season!
Fri, Mar 3rd 2017 2
IBM Connect 2017 – Adoption Analytics with Watson Analytics
Wed, Feb 22nd 2017 1
Distrust and its potential effect on Cloud & social
Wed, Feb 15th 2017 2
DominoPoint MeetIT16 Conference slides
Thu, Dec 15th 2016 4
Top 10
Tableau & MakeOverMonday – Learning new skills
Fri, Oct 6th 2017 18
IBM Connections Folders #2: Ownership of files and folders
Tue, Apr 15th 2014 6
Speaking at IBM ConnectED 2015
Wed, Dec 31st 2014 6
IBM Insights highlights
Tue, Nov 4th 2014 5
IBM Connections: Default follow on public files is it logical?
Thu, Jun 11th 2015 5
IBM Connections explained: Why a “Like” matters!
Mon, Aug 1st 2016 5
Connecting to Connect: Thomas (aka Duffbert) Duff and a little heckling from the social balcony
Wed, Jan 29th 2014 4
Folders versus Tags – Infographic
Tue, Dec 23rd 2014 4
Slides for our IBM ConnectED 2015 session
Tue, Feb 3rd 2015 4
NFL season structure – infographic
Sun, Jan 4th 2015 4


Shared folders – potential security issue
Twitter Google+ Facebook LinkedIn Addthis Email Gmail Flipboard Reddit Tumblr WhatsApp StumbleUpon Yammer Evernote Delicious
Femke Goedhart    

IBM Connections allows users to share personal folders with groups, communities and users. An ideal option to share sets of documents/files with multiple target audiences at the same time. There are however some caveats. Especially in situations where Shared Folders are used to share potentially sensitive information with Restricted (secured) communities. If your organization uses Shared Folders I would strongly advise looking at the below example to get an idea of the potential risks so you can assess if this is something that could cause problems in your organization:

An example:

User A creates a Shared Folder in his personal IBM Connections Files and places some files in it.

Folder_1

He then shares this folder with a community called “Demo Community” of which he is a member and which has restricted access. The folder is now visible and accessible in the Demo community to all community members:

folder_2

Both User A as well as the community members can see the folder is shared with the community in the “Sharing” tab of the folder itself:

Folder_3

The Community admin then decides that User A should no longer be allowed access to the information in the community and revokes his access. User A cannot longer open the community.

As the Test folder was a personal folder that he shared with the Demo community though, User A is still able to access the folder from his personal Files&Folders section. If he looks at the  “Sharing” tab of the folder there is no mention of the Demo Community anymore, it looks as if it is a private folder:

Folder_5

In reality though, the folder is still shared with the Demo Community and both visible and accessible to the members of that community. If they look at the “Sharing” tab of the Test Folder, “Demo Community” ís shown:

Folder_10Effectively this means that they can still access, edit, delete and add files in the folder from within the community:

Folder_9

When they do, User A can see and access these newly added files in his folder but it must be very confusing for him to see users that are not listed in his Sharing settings perform actions on files in his folder:

Folder_8

So what’s the problem?

a). User A doesn’t see the name of the “Demo Community” as an entity with which this folder after he was taken out of the community, so he has no way of knowing it is still accessible to the community members.

b). Because he can’t see that it is still shared with the restricted community, he can’t remove the sharing option either. Effectively this means he has no control over the folder access anymore apart from deleting the whole folder.

c). Even though he is no longer part of the Demo Community, his folder is. Users in that community (which is restricted) would have a reasonable expectation that the  information they share within that community is limited only to members of that community. In reality though any files they place in this folder will be visible to User A (no longer a member of the community) and any other communities, groups or users he chooses to share the folder with.

 ————————————–

I understand that the above situation is extreme and not likely to happen very often but it is important to be aware of this.  There are other options that can be used instead of Shared Folders like CCM folders and the new Community folders (released in CR4 of IBM Connections 4.5). These are not owned by a user but by the community and would therefore not impose the same security flaw. I will be publishing another blog on the differences between Shared, Community and CCM folders over the next few days for those interested.



---------------------
http://feedproxy.google.com/~r/socialBusinessAsUsual/~3/PVHK6WKr0V8/
Apr 13, 2014
3 hits



Recent Blog Posts
18
Tableau & MakeOverMonday – Learning new skills
Fri, Oct 6th 2017 8:41p   Femke Goedhart
For the last few months I’ve been steadily training myself into a new skill: data visualization. As data analytics is an ever increasing part of my job and something I’m highly interested in, it makes sense to do so and after working with Watson analytics it seemed logical to also explore Tableau. I have toContinue reading →
3
What is IBM Connections? And how to explain it to users!
Thu, May 25th 2017 7:53p   Femke Goedhart
In my work a big part of what I do is to explain both the reasons as well as the interface of IBM Connections. Why? Well because once you get the hang of it it’s not that hard but to a newbie user who opens it up for the first time it can be veryContinue reading →
2
Session slides for my Engage & SNOUG sessions
Thu, May 18th 2017 5:04p   Femke Goedhart
It has been a while since I posted and it’s time to catch up. Times have been rather busy so this post is mostly to just distribute my slides from Snoug & engage. Both wonderful events that really do deserve a big round of applause for setting up great events for people to come togetherContinue reading →
2
It's conference season!
Fri, Mar 3rd 2017 5:51p   Femke Goedhart
With IBM Connect just out of the way, SNoUG (The awesome Swiss usergroup event in zurich) coming up in just a few weeks, followed by Engage in May and then being part of the organization for Social Connections in early June my agenda is happily buzzing with event prep and travel plans. I love this!Continue reading →
1
IBM Connect 2017 – Adoption Analytics with Watson Analytics
Wed, Feb 22nd 2017 5:16p   Femke Goedhart
Yesterday I had the pleasure to present with my coworker Franz Walder a session on: Socialytics: Accelerating IBM Connections Adoption with Watson Analytics These are the slides for the session. [slideshare id=72468063&doc=connect2017-dev1223socialytics-170222170058] Abstract: Social adoption is a challenge for many companies. What is the most effective utilization of the environment? Who is using which resources,Continue reading →
2
Distrust and its potential effect on Cloud & social
Wed, Feb 15th 2017 2:03p   Femke Goedhart
It has been a while since I blogged. And frankly, not just blogging has been a bit on the low side, all my social media presence has. It’s due to all that is been going on in the last few months in the world and that has me and I guess many others too reelingContinue reading →
4
DominoPoint MeetIT16 Conference slides
Thu, Dec 15th 2016 8:19a   Femke Goedhart
Attached is my slide deck for the DominoPoint MeetIT16 conference in Milan on 14th of December 2016. 2016 DominoPoint MeetIT – 10 Things Every IBM Connections User Should Know from Femke Goedhart Original abstract: “IBM Connections is so full of features and capability, even well versed IBM Connections users, admins, community owners and managers mayContinue reading →
1
IBM Connections Explained: all about files!
Mon, Oct 31st 2016 12:00p   Femke Goedhart
Ok, I admit, this one was a long time in coming but it’s finally here! The next video in my little series on IBM Connections usage questions. This time it’s all about files and especially about the difference between : Attachments vs Files Personal vs Community files I hope it helps explain a little whatContinue reading →
0
Excited about data!
Mon, Sep 26th 2016 3:01p   Femke Goedhart
As a business consultant that focuses primarily on enabling organizations to collaborate better with their ecosystem of employees, partners and customers, a big question is always for me: “What are the numbers saying? How are our systems being used, what data is out there that I can use to analyze what is happening?”. So thatContinue reading →




Created and Maintained by Yancy Lent - About - Planet Lotus Blog - Advertising - Mobile Edition