Many companies have a shared drive set aside for "temporary" use. When used properly, this can be an efficient way to share short-term documents across the organization and to minimize email bloat. Users post their document to this shared folder and provide a link to the document rather than sending dozens of copies of attachments around and bogging down your email system. When the short-term need is complete, users are supposed to go back to the shared folder and delete the documents they posted.
Too often, documents posted to these "temporary" folders are hardly temporary. And, while shared, they are rarely shared properly. Users post documents and forget to delete them or fail to consider that others (who may not have a need-to-know the contents) will be able to see the documents. IT departments know that these folders have to be extremely flexible in order to work well. They rarely implement access controls or other restrictions on the use of the folder. Doing so would defeat much of the purpose of the shared folder.
- If you have a shared "temporary" folder on your network, you need to know about it. Don't let these documents fly under the radar screen.
- Consider implementing controls on the folder. Controls can include:
- Limit access to employees only. Lock out contractors, vendors and others who don't need to see the contents of the folder.
- Set up the folder to automatically purge all contents older than some set (and short) period. A week or two is all that you can reasonably call "temporary".
- Never allow the posting of unprotected confidential information to a shared folder.
- Many electronic content management systems (ECM) can make the need for these temp folders obsolete. If you haven't already invested in an ECM system, ask your technology team to look into it. If you have an ECM application, make sure that your staff are taking full advantage of it and not still using the old, uncontrolled shared folders.