Before inviting collaborators, data stewards must ensure the proper security restrictions to protect the data in the folder.
Click on the folder's ellipses (...) menu, click on Settings.
Set the following options:
Only owners and co-owners can send collaborator invites (checked): Restrict the ability to invite collaborators to only owners and co-owners. This is the single most important setting for securing your files and folders. Only individuals who own the content should be in full control of who is able to access the content. Collaborators should be assigned "previewer" role and only assigned greater privileges after careful consideration and confirmation that those privileges are needed. Restricted folders & data should only be shared with individuals. Sharing with groups is prohibited because this can compromise auditing of data access.
Restrict collaboration to within University at Buffalo (checked): By default restrict collaboration to UBbox buffalo.edu accounts. This box may be unchecked if collaboration is needed with non buffalo.edu Box accounts. It is the owner and co-owner's responsibility to share data with only those who should have access to the data.
Hide collaborators (unchecked): Do not hide collaborators; it is more secure to know exactly who has access to files and folders.
Allow people who can access this folder from a shared link to join as a collaborator (unchecked): Do not check this for any folder containing restricted data.
Disable commenting for this folder (unchecked): As sharing and collaboration is the goal of using UBbox, commenting should be allowed. Keep in mind that all roles (except Uploader) have the ability to view comments.
Shared link access:
Only collaborators can access this folder via shared links (checked): Shared links provide quick access directly to files and folders by only clicking the link. This setting limits access to shared links to those who already have access to the content as collaborators. This is an important access control for any folder you are trying to secure and monitor. Leave the option next to "For:" set to Files and Folders.
Enable watermarking for this folder (checked): Although not required, watermarking is recommended. Watermarking places a semi-transparent overlay of the current viewer's user name and time of access across a document's contents to deter unauthorized sharing. If turned on, it will apply to all images, text-based documents and presentations in this folder and subfolders.
Allow uploads to this folder via email (unchecked): Email uploads of sensitive data are not permitted. This capability should be disabled. Email is often unencrypted and therefore inherently unsecure.
Auto-delete this folder on a selected date (unchecked): This automatic action may be used if needed, but care should be taken as some data (such as HIPAA data) has specific retention guidelines.
Unshare this folder on a selected date (unchecked): This automatic action may be used if needed.