Using Sensitivity to selectively "hide" folders in Beehive

Beehive can hide folders within workspaces to allow a secure area to be accessed bu named individuals with selected privileges. The previous documents approach - using the Deny All approach to the individuals is not a sustainable model for a dynaminc Workspace. Recent changes in the way the system can protect folders from accesss in a more supportable fashion make the use of this approach to protecting information within a single workspace - the alternative would be to have a separate workspace which can be unwieldy to manage. This uses the Sensitivity settings of the folder content to protect the information instead of the Access rights to the folder.

The relatively bad news is that the ability to manage the Sensitivity at a folder level is only available via the Windows based plug-ins, Oracle Beehive Extensions for Outlook (OBEO) and Oracle Beehive Extensions for Explorer (OBEE). However, it is posible and most of us have access to a windows system somehow and it is completely supported on Beehiveonline for internal and external users.

One caveat before explaining the process - the Workspace Owner/Coordinator can over-ride the ACLs - you cannot hide folders from the Workspace creator/Coordinator.

So if you are going to try this make sure you are the owner of the workspace and the only coordinator or trust the other users with privileged roles not to change it in error.

Setting up the Sensitivity settings

The esssence of the process is to protect the information in a folder from users/groups that have not been given explicit access - the change in approach means that this can be done "en-masse" and new members will be excluded from the content.

Once you have created your workspace and added your users - navigate to the Documents area and create the folder structure you need. Once this is done you can start the process of selectively hiding the folders. In this example, I have created folders called APAC, NA and EMEA.

N.B. If you are changing the protections/sensitivity of existing folders then you will have to copy out the content, change the folder sensitivity settings and then copy the files back into the newly protected folder - the change will not propagate without this step.

To set the properties you have to navigate to the system/folder area you want to change and then select the folder and right click to get access to the Properties info.

We are going to explicity give access to the NA folder, leave the EMEA folder at the defult settings and protect the APAC folder from all users not explicity given access - remember a workspace coordinator/owner can see everything so this approach has loopholes that have to be accommodated.

The APAC properties is to be set to exclude all users - bar those with coordinator access so all we need to do is to set the Sensitivity setting to a non-Public value.

For the EMEA properties we are leaving them as the default.

The NA folder is going to be protected and Fred is going to be given explicit access.

Note: we have set the access to allow Fred to see private items and the fiolder has the same settings.

The Access rights available allow a more fine tuned access - you may just want the accessor to be able to view content but not change it or have partial or full control of the items in the folder. The permissions are Author, Reviewer, Manage and Discover (Discover only has the Discover privilege allowed- this allows them to search for the content)

If Fred now logs in to the normal Teamcollab client he will see the NA and EMEA folders but not the APAC one.

The protection will remove the entries from the recent activity streams and make then unavailable to be searched so fully protecting them against unauthorized acces.