Manage File Sharing Permissions: Different User Types

Published on 08 Oct 2019 - Updated on 01 Apr 2021

File sharing permissions are the first line of defense to ensure data security when you have multiple users accessing your account. Utilizing different user types is one way to ensure that the right access is granted. It’s important to assign the proper user roles for the job, from admin to upload only.

Colorful tokens representing multiple users with different permissions.

What are Users?

Users are additional logins created so another person can access your account. Some file transfer types don’t require a person to be logged in — for example, allowing others to upload files directly to your account through a secure form on your website, or sharing a direct link to a document stored in your account. However, it is useful to set up users for most of the individuals who will be accessing the account. 

If your business uses FTP for file transfer with ExaVault, you’ll want to create users to give someone access via FTP or SFTP.

Multiple users set up with their own log in credentials allows you to track individual user activity. Also, assign permissions appropriate for the user’s role in your organization. For example, not everyone in the company needs access to financial documents.

How you set up and assign user roles provides the basis for managing business file transfers effectively and securely. With different user types 

Different User Types

Three common user types.

1. Master User

The master user is the person who set up the account and is the account owner. There can only be one master user, and they have complete access to all areas of the account. The master user can perform all file transfer-related activities – from uploading & deleting to making global account changes as well as update other users’ permissions. Master users are usually responsible for managing the account settings like upgrading the plan if needed. 

Some of these duties may be tasked to an admin user.

2. Admin User

The role of an admin user comes with responsibility. An admin user has all the same rights as the master user, including add and delete rights on all folders in the account. Like the account owner, admin users have access to the client area, which is where administrative activities such as billing information and change of address updates happen.

Admin users are helpful because often the master is the owner of a company or in a position not responsible for the day to day file transfer activities. The owner often relies on their admin users to track activity, create new users when additional employees are hired, and provide status updates regarding specific file uploads or downloads.

3. Upload-Only User

The upload-only user plays a specific role in an account. 

First, you would want an upload-only user in a situation where you need multiple clients to send you files using a single login. Restricted file sharing permissions for upload only allows the user to upload files without seeing any other files in the account. The upload-only user type is useful for clients connecting and uploading files via FTP or SFTP. (Receive folders are an alternative option for web-based file uploads.)

4. Download-Only User

Finally, the download-only user restricts the allowed actions of the user to download files only. Creating download-only users can be ideal if your business has files that clients need to download and print or read. An example would be in education where students need access to class materials. As a download-only user, the student can access the account and download the files they need, but can not modify, delete, or perform any other activity.

The upload-only and download-only users are created by reducing permissions when setting up the user. These are just two extreme examples of users with adjusted file sharing permissions.

Upload and download user activity shown in logs.

User File Sharing Permissions

When creating users, you can choose full access or select permissions. The admin user discussed above would have full access permissions. ExaVault has ten different permissions you can enable or disable for users, as well as the ability to select a home folder for each user that restricts their access to certain files and folders.

  • Upload files and folders
  • Download files and folders
  • Delete files and folders
  • Modify – includes the ability to create a new folder, rename, move, and copy
  • See files and folders
  • Create notifications
  • Share and send files
  • Change their own password
  • View form data
  • Delete form data

By default, all permissions are set to ON and enabled when creating a new user. For an upload-only user, toggle off all permissions options except “upload files and folders.”

From the available list of file sharing permissions, you can easily set up a user that meets the exact needs of their role in your company. Many companies turn off delete files & folders and view/delete form data for new employees. 

Permissions can be updated at any time by the master or an admin user. The ability to update permissions provides flexibility as people grow with your company, change positions, or need temporary access to rename folders to complete their project.

Limit File Access by Setting a Home Folder

In addition to these permissions, also select a home folder for each user. The home folder or “user’s home directory” is their starting point when they log into the account. The user will not see any files or folders located outside of their home folder.

Selecting user home folder for file sharing permission.

Say you choose the “best-folder” as a user’s home folder. They would be able to do the activities based on their enabled permissions in their home folder and within the subfolders. The user would not see the entire folder tree – only files in “best-folder” and any subfolders such as “Photos in Review.”

Once you have selected a home folder, set permissions, and created a new user, you will have options in the account to modify the user and monitor their activity.

Filtering Logs by User

Activity logs let you monitor events that occur in your account. View connect and disconnect events, uploads, downloads, and other operations. ExaVault activity logs can be filtered by:

  • Date & Time
  • Username
  • Type
  • IP Address
  • Path/File

Once your users are set up with the proper file sharing permissions, you are able to check the activity logs and filter to see what a specific user has done in the account. Monitoring session logs for users can be helpful for training, troubleshooting, and managing projects.

Users are a vital part of any business file transfer account. From setting user file sharing permissions to monitoring activity, we want you to have all the tools and the ability to create the users you need.

Ready to take control of your user workflow? Try ExaVault today!

Recent Related Blogs

Share via:
  • Facebook
  • Twitter
  • LinkedIn

© 2022 ExaVault LLC. All Rights Reserved. ExaVault is a registered trademark of ExaVault LLC.