I’m sure a lot of us have had to deal with a situation where a co-worker, family member, or friend shared something with us on Google that we weren’t able to access due to sharing permissions. You’re greeted with a message which lets you “Request for access” to send an email to the other person so that they can share it with you. It can be frustrating trying to figure out who needs to share what with who, and dealing with the fact that not all of us are online and able to change settings like that at any given moment.
When dealing with situations like this, sometimes we may opt to take the “easy way out” and make the document public to anyone with the link. It’s easier than dealing with inevitable emails you receive when people need to request access, and it’s just a more streamlined process all around because the other people aren’t waiting on you to grant that access. I want to highlight some of the options we have when it comes to sharing files, and why sharing files with sensitive information “via link” is a bad idea.
When you hit the “Share” button for the first time from a Google doc, this is what you will see:
From here you can see that the only person with access to this document is me, Christopher Lange, and that nobody else can access this document. When I click on the drop-down button under “General access”, where it currently says “Restricted”, I get this new window:
This is where we are able to turn on “link-sharing”, which means you can send the link to someone and they will be able to open the document without you having to explicitly add them to the document. This can be super convenient, if done correctly! You can see that there are four options listed. Let’s go into details for each one:
- This means that only users that are explicitly added to the document/folder have access
- Evanston-Skokie School District 65
- This means that anyone with the link who is signed into a District 65 email can access the document/folder. This would include students.
- District 65 Staff Only
- This means that only staff members who are signed into their District 65 email can access the document/folder. This would not include students.
- Anyone with the link
- This means that anyone, anywhere in the world, with or without a Google account, can access this document if they have the link.
Now that we know exactly what those link-sharing permissions mean, let’s discuss why the 4th option, “Anyone with the link” is a bad idea. You may be thinking “I trust my staff/coworkers and they would never send the link to someone else that shouldn’t have it.” That may be true, however that doesn’t stop your link from escaping and being captured by someone else.
There are two main methods that are used to capture links like this, and they are being used all of the time.
The first method is an unavoidable part of using the internet: your browser headers. When you go to a website, your browser communicates a bunch of information to that website so that the page loads properly. Unavoidably, the website also has the ability to capture a lot of data about you and your browsing habits. One of those things is the referral link - which tells the website how you got to that website. If you follow a link within a Google doc, that website will have a record of where you came from previously, which would expose your private Google doc link. Most of the time, this is completely harmless and won’t result in anything happening. But when we are working with sensitive data about our students and staff, things working well “most of the time” is not really an acceptable solution.
The second main method that can result in your link getting exposed is called web crawling, where people write scripts or “bots” to try to go to random pages and hope to find anything at all. It’s like throwing darts while blindfolded, most of the time you miss the target and the dart clatters to the floor, but every once in a while you get a hit. When someone eventually lands on your Google doc through web crawling (and there are a LOT of people doing it, so it’s not a if but when), they will grab all data from it, and later review it to see if there is anything they can exploit.
We’ve discussed the 4th sharing option, “Anyone with the link”, but let’s briefly discuss the other options. For the most part, the 2nd and 3rd options (limit to District 65 in general or staff) are sufficiently safe, but they still pose some risk. If you have a document with personal information/notes of a student on it, you surely wouldn’t want other students to be able to view that information. In that case, sharing it with D65 Staff could be appropriate, but if it’s truly sensitive information then, without a doubt, you should only use explicit sharing, and only add people that need to have access to that information.
In general, it is best practice to only share files/information with those who actually need to access it. The fewer people we give access to sensitive information, the less likely it is to get exposed. So by limiting sharing to specific individuals or within our domain, we are all being good stewards of our students’ information.