How to share files securely without risking privacy

Post date

January 12, 2024

Author

Mikhail Korotaev

How to share files securely without risking privacy

Why sharing files securely is important

Online sharing security is a topic brought up often enough, yet the majority of people just don’t want to delve too much into the technicalities of how to share files securely. Others seem to be always on guard but inevitably miss one or two important safeguards.

Sharing files without privacy risks considered can lead to a variety of issues, exposing individuals and organizations to potential threats. Here are only some of the common problems faced when you don’t share files securely:

  • Unauthorized access
  • Sensitive data interception and leaks
  • Malware distribution
  • Compliance violations
  • Phishing risks
  • Data corruption and loss

What we know for sure is that both companies and individuals absolutely need to know the basics of secure file sharing. And while it may seem like too much to handle to an average user, in fact all the instruments are there for you. Let’s explore!

1. Choose a secure file storage

Protecting your file storage is basic file security 101. We know it sounds very general, so what are the the most important things to start with? Here are the storage protection basics to keep in mind.

Access control 👥

Implement strong access controls to limit who can access and modify files.

Use role-based access controls to assign permissions based on team’s roles or responsibilities.

Data location 📍

Storing files locally, meaning keeping them on your personal device (computer, smartphone, etc.) or on a local network, has certain security advantages. In this case, you truly own your data, and none of it is available to a cloud provider.

Authentication 🔐

Enforce strong user authentication mechanisms. Use complex passwords, two-factor authentication (2FA) and Single Sign-On to add an extra layer of security — all depending on the level of security required and your resources.

Backups 🛟

Regularly backup your files to prevent data loss due to hardware failures, accidental deletions, or other unforeseen events. Keep backup copies in a secure and separate location — on your local disk or in another cloud.

A secure storage that doesn’t spy on your data is a fundamental choice. No sophisticated security features are worth your while when you are using unsafe services to store and share your documents. Moving away from Big Tech providers like Google and Microsoft already puts you on the right track.

Security by design in Nextcloud Hub

Nexctloud Hub is secure by design, allowing you to host your data locally or in the trusted cloud. Flexible sharing options help control access not only to the files in your storage, but to many other items including Deck boards, Collectives, and more.

Enterprise-class authentication security in Hub provides features like 2FA, SSO, SAML 2.0, support for LDAP/Active Directory, and reliable backup options including peer-to-peer backup for private users with Nextcloud Backup app.

Nextcloud Hub 6 clients

2. Use temporary links

Temporary links are a magic tool that helps you get a better file security without much effort. Not only they limit access time for the target user when there’s no other way to revoke access, they also help minimize the opportunity window for others. This is particularly useful in scenarios where you need to share a file temporarily for a specific purpose or event.

Be mindful of the link’s expiration date, and choose a secure and reputable file-sharing service. It still needs to employ additional security measures. For example, encryption in transit and at rest to ensure comprehensive protection of shared files.

Sharing a file via link

External link sharing in Nextcloud

In Nextcloud, you can share file and folder links securely with optional expiration dates. If your link starts going around, you can rest assured it is not for long. There’s also no need to worry about mitigating forgotten shares. Instead of relying on individuals to revoke access after a certain point, the link automatically becomes inactive.

3. Restrict file reusing

Sometimes you need to share content in full but want to make sure it is not reused inappropriately: downloaded, printed, copied, etc. There are additional measures that help prevent these actions.

Apply watermarks

Whatermarks help protect document content when users have full access to the file. When printed, for example, such documents will contain additional info about the author to protect your rights. A watermark can be customized and typically includes author’s name, creation date and other essential information. Most office suites support watermarking.

Nextcloud Office watermark

Restrict downloads

Some sharing options may include download restriction – the users can access your file online but cannot download it to their device to reuse, send to other users via unauthorized channels or upload somewhere on the web.

File restrictions in Nextcloud

In Nextcloud Hub, you can use watermarks and hide the download option from other users. Besides, you can add extra permission levels that forbid certain actions like editing and deleting. External link sharing is managed centrally in the link settings, and can be evoked any time you wish.

Nextcloud file sharing sidebar menu

4. Share files via safe channels

Secure storage and file protection are vital, but sharing your file passwords via private messages brings it all into jeopardy. Channels we mostly use for sharing our files or links are messengers and email apps which are not always secure. How to pick the right one?

Make sure service provides encryption

If sharing files via email, consider using secure email services like ProtonMail or Tutanota. Those offer end-to-end encryption for emails and attachments. Use messaging apps that offer end-to-end encryption, such as Signal or WhatsApp. These apps ensure that only the intended recipient can decrypt and access the shared files. Nextcloud Hub integrates both online mail client and Talk chat, providing an all-in-one secure communication platform that works naturally with your file exchange.

Use VPN

If sharing files over a network, use a VPN to encrypt the connection and protect the data from potential eavesdropping. When you connect to a public Wi-Fi network, your data is vulnerable to interception by malicious actors on the same network. A VPN encrypts your data, making it significantly more challenging for hackers to eavesdrop on your chat conversations or any other sensitive information.

Move to a secure collaboration platform

Use secure collaboration platforms that provide end-to-end encryption and other security features. All-in-one platforms like Nextclud Hub incorporate a whole ecosystem of tools including mail and messaging. Moreover, sharing your files within the same perimeter is the most secure you can get. Even better — you host locally and fully own your data.

5. Share sensitive files securely with passwords

Password protection is available in most of the modern office suites, both online and offline. Some storage apps have password protection functionality too. While not entirely convenient, this feature is very safe and therefore suitable when you need ultimate security.

What happens when you protect a document with a password? The content of the document is encrypted using a cryptographic algorithm. This means that the actual text, images, and other data within the document are scrambled or transformed into a format that is not readable without the correct decryption key. This lets you share files securely even via common channels.

Password-protected documents are usually universally accessible across apps. A file with a password set in one software can be opened in another app that supports work with passwords. Some apps even allow protecting certain actions like editing or commenting with password while document’s content remains generally available.

Password protection in Nextcloud Office

Nextcloud Office also allows you to protect links with passwords to make sure only the authorized users have access to the shared file even if the file link becomes available to the public. This is also a way to protect individual files when you are sharing the folder publicly. Link protection is more convenient than file encryption: there’s no risk of forgetting your own password since you don’t need it.

Nextcloud Files - data under your control

File passwords are also supported in Office, in case you need to work with more sensitive data. Those files can be opened in other software that supports password protection, making files easy to share with anyone outside of Hub.

6. Use end-to-end encryption to share confidential files securely

In simple words, end-to-end encryption is when the data is encrypted on one device and then decrypted on another, with those devices being the two “ends”. Files encrypted end-to-end are stored and transferred in a secure, encrypted form before a user with authorized access needs to open a file to work on it. It often involves encrypting a file with a password, but sometimes the entire storage or some of its folders can be encrypted for ultimate protection.

Encrypted file sharing in Nextcloud

Share files securely with File Drop

The Nextcloud desktop client offers client-side end-to-end encryption as a folder-level feature. This option enhances the security of highly sensitive data, ensuring its complete protection even in the event of a server breach.

File Drop: secure enterprise file exchange

Nextcloud File Drop open source platform to share files securely

The File Drop functionality in Nextcloud allows customers, patients, clients, or partners to securely upload files to a designated cloud folder that you have shared with them via a hyperlink. Data remains, at all times, on-premise, under full authority of IT. File Drop also features temporary link creation, encryption at rest and in transit, and file password protection.

Secure file sharing with Nextcloud Hub

Nextcloud Hub is one of the most safe collaboration platforms thanks to our dedication to privacy. And it’s not only about file sharing. Every app we build and add to our ecosystem has privacy in mind — Mail, Talk, Calendar, Notes, Files, and more — working together in ultimate synergy to deliver first-class collaboration for individuals and enterprises.

And most importantly, Nextcloud Hub is free and limitless for both private users and companies. Opt for the Enterprise version to get 24/7 dedicated support and stable performance guarantee when you maintain a mission-critical deployment.

File synchronization and sharing with Nextcloud is available on mobile platforms and in desktop environments, delivering even higher privacy level and ultimate comfort.

Get Nextcloud Hub

A new generation of online collaboration
that puts you in control.

Get Nextcloud Hub

Start the discussion at the
Nextcloud forums

Go to Forums