File Permissions
System settings that determine who can access specified files and what they can do with those files.
When you place files on a web server, you can assign the files various levels of permission for your users. Likewise, companies often use permissions to limit access to their intranet resources. Permission levels vary by program, but in general you will see the following types of permission:
- Owner – The person who created the files.
- Administrator – The person responsible for managing and updating files, as well as setting permission levels.
- Group Access – This allows you to designate specific groups of users and provide unique settings specific to them.
- Global (sometimes called Anyone or Public) – Provides access to all users.
- Individual User – Many programs allow you to create a specific level of access at the individual user level.
Like user levels, the type of access users can be permitted varies, but most programs allow the following access levels:
- Read – Users with this level of permission can view files and copy them, but they cannot make changes to the file or create new files.
- Write – Users with this level of permission can edit, rename, and move files. In most cases, they can also create new files.
- Execute – Users with this level of permission can run a specific program or type of program file. Many businesses use this to restrict access to company programs or limit their employees’ ability to run potentially dangerous executable files on company machines.
Frequently Asked Questions
Can I set custom permission levels?
Depending on the program you are using, you will likely be able to set your own levels of access. Some users may be permitted to read and execute files. Others may be able to write only certain types of files. If your program allows you to create custom groups, you can create highly customized permission plans, restricting access to only the files that each user or user group absolutely needs. Doing so is an excellent way to improve your data security.
Can I assign permissions based on a file’s location?
Most programs will allow you to set specific permissions at a file and/or folder level. This allows you to specify sections of your storage that only specific groups can access, as well as sections that are open to all users. Companies often use this to enable team-specific folders on their shared storage. Website administrators can use this to specify who has access to certain sections of a site, such as member-only pages.
Can I assign permission based on a user’s geographic location?
If your company utilizes an extranet, you may also be able to set permissions based on geographical location. This is an excellent way to ensure your most secure data is not available to employees accessing your network off-site, where you are unable to supervise their activities. Web-based services that cater to corporate clients often permit access based on IP address, since everyone working in the same office should share an IP address.