Skip to content

Managing Files in SaaS: Part 4 of Compliance Essentials in the SaaS Era

Natalie Robb

September 24, 2020

3 minute read

EraOfComplience Part4 FeatureImage

This is the last blog post in our month-long series on compliance essentials. So far, we’ve looked at content scanning, audit logs, and SaaS app access privileges. Now, let’s talk about managing files in your SaaS environment.

Specifically, we’ll explore best practices around managing files to control risk and comply with your data privacy and security program. And, of course, we’ll discuss how BetterCloud helps IT and SaaSOps teams comply with your documented security policy.

Why file management matters to compliance

Compliance is about making sure:

  1. you document processes and policies that control or limit risks, and
  2. your company follows those documented processes.

Sounds simple, right? If your security policies and processes do not allow unlimited file sharing, then it’s necessary to set controls for file sharing across your SaaS stack. You can do this by monitoring for potentially risky or suspicious activity. Depending on the situation or context, IT may need to take appropriate action to enforce security policies, like changing access levels and revoking public sharing links to limit risk.

So what should IT and SaaSOps teams do to enforce their file management security policy?

Best practices for managing files in your SaaS environment

This handy checklist lays out the critical tasks that help your IT and SaaSOps teams with managing files and settings. Manage and secure files by monitoring for:

  • Sensitive files being publicly or externally shared
  • Sensitive folder paths, like accounting or finance, being publicly or externally shared
  • Sensitive file forwarding to a personal email account (e.g., Gmail, Yahoo)
  • Sensitive data exposure from executives (e.g., CEO, CFO)
  • Specific file types being publicly or externally shared (e.g., spreadsheets and PDFs are more likely to contain sensitive information)
  • Users who should no longer have access to specific files, folders, calendars, etc. (e.g., consultants, interns, employees who’ve switched teams)
  • Users who should no longer belong to specific groups/distribution lists (e.g., contractors, employees who’ve switched teams)
  • External domains to which files are shared
  • External people with whom files are shared

By looking at this list, the challenge is obvious: Without full visibility of your SaaS environment, securely managing your organization’s files to stay compliant is nearly impossible. Fortunately, the solution to this challenge is just as obvious.

Embedding security best practices for managing files in SaaS

Some of the world’s largest companies turn to BetterCloud for full visibility of their SaaS environments. You can view all the files and folder contents across your domain’s connected apps, audit details about particular items, filter and search files, and take actions against items you select.


As you can see in the screenshot above, the Files section shows all existing files across your domain’s integrations in one centralized place. The platform gives you file details in the following columns:

  • “Name” – The name of the file
  • “Integration” – The application where the file is stored
  • “Permission” – Exposure settings for the file
  • “Shared With” – Lists the number of entities that the file has been shared with
  • “Owner” – Lists the item’s owner by username
  • “File Type” – Shows the type of file, if it is a commonly recognized extension
  • “Last Updated Date” – Shows the date and timestamp of the file’s last update

From here, you can take action to remediate violations to enforce the security policies to remain in compliance. You can choose from a variety of actions available, depending on the context.

For example, let’s say there’s a serious violation of security policy regarding externally shared files. You can take immediate action to revoke sharing links or remove external file or folder collaborators.

By using BetterCloud, you’ll find that managing files in your SaaS environment has never been easier. This level of visibility makes it much easier for people across your organization to follow your security policy and stay compliant.