• Home
• For Western Community
• Protect It.
• My Data
• Secure File Sharing

Secure File Sharing

Secure file sharing is crucial for protecting sensitive personal and business data, ensuring compliance with regulations, and preventing data breaches. It maintains data integrity and privacy, controls unauthorized access, and supports safe remote work. Additionally, it boosts productivity with features like encryption and access control, builds trust with clients and partners, and mitigates risks associated with cyber threats, demonstrating a commitment to data security and confidentiality.

NOTE: Only Western hosted OneDrives are approved for storing sensitive or confidential data. Such data should never be stored in non-UWO OneDrives. Your personal OneDrive associated to your @uwo.ca email is approved.

One-Time Shares

Sharing Files Online - When sharing data from an online storage service (such as OneDrive), avoid using the "anyone with the link" share option. Instead, grant access specifically to the intended user by entering their email address. If you are not using an online storage service, use SFTP for secure file transfer.

Sharing Files Physically - When transferring files physically, if you are using a physical storage device, such as a USB drive, the device must be encrypted (see HERE for encryption details). If you are sending data by mail or courier, you must ensure that you have sign-off at the receiving end. Ensure that the data is kept in secured storage at home or work and do not leave accessible, such as in your car. Once the data is no longer needed in physical form, ensure that the data is deleted from the storage device. If the data is on paper, ensure that it is shredded and properly disposed of.

Continuous Shares

When you need to have a continuous connection for sharing files or are implementing file shares as part of an application, use one of the methods below.

SFTP/SSH Transfers

This is the preferred solution that is highly recommended by SOC.

For secure file transfers and connections between two specific hosts, create an SSH key. Each unique connection should use a distinct SSH key to enhance security. This practice ensures that access is controlled and compartmentalized, reducing the risk of unauthorized access if one key is compromised. Ensure that your SSH keys are stored securely (i.e. using a password manager) as well as reviewing and rotating your SSH keys on a yearly basis.

Always follow best practices for managing and protecting your SSH keys, such as using strong passphrases and regularly rotating your keys at least once a year.

Username and Password

When the previous options are not possible and only a username and password can be used to secure the file transfers, the passwords should be strong and meet the following requirements:

- 15 or more characters
- Contain lower and upper case letters
- Contain one or more numbers
- Contain one or more special characters

When an application is using a username and password, the username and password should never be stored within the application themselves, rather the application should use variables that are pulled from another secure location. Passwords should be reviewed and rotated at least once a year.

---

Published on  and maintained in Cascade.