Prevent files with Social Security Numbers from being shared?
Is there no built-in way to prevent Smartsheet from allowing users from sharing data outside of Smartsheet automatically, if the data includes a Social Security number? (Enterprise Version)
The only information I've found about this topic is
Screen Shot of the paragraph:
So they imply we must find our own solution. Is that correct? We are part of a Government Organization (But not Gov Smartsheet) with thousands of users.
We want to block Social Security Numbers, NAMES, phone numbers, Sexual Orientation, and Race information.
Can anyone please suggest an elegant and automatic solution? Thank you :)
-Neil
Best Answer
-
What if you captured the sensitive data in a different sheet outside of the workspace and capture also the key data to link to from the primary sheet?
You can pull data to separate reports, dashboards,DV, Workapp, etc for only those people who should see it and give those people Editor -View only access.
And I would add a header on all dash, reports noting that the asset contains sensitive data and do not share…
Fyi, we are in healthcare, and have similar requirements so we purposely do not include any patient data in SS, even though SS is HIPAA compliant. That requirement came from our cybersecurity team. You might want to research your cybersecurity team as well.
Answers
-
The only way I could think of is using Dynamic View. This premium app that allows the editor/ viewer to see data that are design for them to view and does not need to share the underlying sheet.
-
I see what you're saying but I'm talking about something automatic that warns the user that they cannot share a sheet or report etc because it contains sensitive data. I'm so surprised nothing like this exists.
-
@NeilKY I'm guessing because Smartsheet wasn't originally intended to be a repository for sensitive information that hasn't been added in. But, it would be nice to have this since Smartsheet has morphed into many uses outside of project plans :)
The manual way would be to have a workspace with super controlled access…. but that may or may not be realistic depending on the architecture.
Since you are on Enterprise, do you have Bridge? I'm just thinking if when you create a sheet that has sensitive data in it…. you could probably use Bridge to remove users shared outside of a specific list of users, but I'd have to think about how quickly the automation would respond. Meaning, it's possible there would be a small window of time where if an unauthorized user were shared, then they could gain access for a short time.
Darren Mullen, join the Smartsheet Guru Elite
Get my 7 Smartsheet tips here
Author of: Smartsheet Architecture Solutions
-
We do have bridge but any process we implement will have to be in the background or the users won't follow it :) I'm looking for an automatic solution that just scans the sheet and warns the user it has sensitive data. It's probably thinking too deep for smartsheet at this stage. It's growing so fast it lacks many other more important features that need to be implemented first, like Workspace organization.
-
What if you captured the sensitive data in a different sheet outside of the workspace and capture also the key data to link to from the primary sheet?
You can pull data to separate reports, dashboards,DV, Workapp, etc for only those people who should see it and give those people Editor -View only access.
And I would add a header on all dash, reports noting that the asset contains sensitive data and do not share…
Fyi, we are in healthcare, and have similar requirements so we purposely do not include any patient data in SS, even though SS is HIPAA compliant. That requirement came from our cybersecurity team. You might want to research your cybersecurity team as well.
-
Cathy, that's a great idea. thanks for your insights!
Categories
- All Categories
- 14 Welcome to the Community
- Customer Resources
- 64.9K Get Help
- 441 Global Discussions
- 139 Industry Talk
- 472 Announcements
- 4.9K Ideas & Feature Requests
- 129 Brandfolder
- 148 Just for fun
- 68 Community Job Board
- 496 Show & Tell
- 33 Member Spotlight
- 2 SmartStories
- 300 Events
- 36 Webinars
- 7.3K Forum Archives
