In what circumstances do I own group-shared data?
Premeditation
Suppose a member of your group is leaving the institution and the data the member shared with you is in their possession.
It is important to avoid this scenario and setup group rules
that enforce action when someone is leaving the group.
Principle
Group role is a powerful solution to control data access for the current group members.
When you delete a group, members lose access to all shared files
unless you specifically shared the files
with them using the share
button in the top panel.
The group file system is also destroyed upon deletion.
Only the group owner
can delete the group; the managers
and members
can only leave it.
Group-shared data
that is sensitive should be added to an encrypted drive and backed up in tiCrypt.- When a user shares a group file with you, it lands in the folder
Shared with Me
. - If the user deletes the group, you can still access the previously shared group file.
Practice
To transfer group ownership navigate to tab in the section in the top right panel.
- Click on the
group name
in the top right. - From the member's list, select the manager or member you want to promote to the group owner.
- Click in the top right.
- Follow the instructions from the transfer group ownership section.
The member leaving the organization may as well transfer their group files
to an encrypted drive
, allowing the group leader to access it via VM configurations.
To add group data to a drive you can use the following workflow:
- Create an Encrypted Drive in read-only mode.
- Create a VM Configuration connected to the encrypted drive.
- Start and Connect to the VM Configuration.
- Share the VM Configuration with the group members.
- Group members transfer the data from their Vault to the Group VM.