Collaboration Policy
  • 3 Minutes to read
  • Dark
  • PDF

Collaboration Policy

  • Dark
  • PDF

Article Summary

You can implement a corporate data sharing policy for collaboration with external users. You can define a policy to restrict external collaboration by specific users or groups and define the sanctioned collaboration domains.


Actions performed on data shared with users outside of your corporate domain are logged in the access log and visible to the content owner, collaborators, and portal administrators.

Collaboration policy rules control:

  • Which portal members can enable which external users to collaborate on data stored on the portal.
  • What minimum type of authentication external users need if portal users share data with them.
  • The highest level of access permission the external users are allowed by the specified portal members.

Optionally, each policy rule can apply to a subset of your portal members, allowing different collaboration rules for different portal users.


Any external user email address which is not specifically denied by any collaboration policy rule will be allowed to collaborate.
The policy is not applicable to files and folders shared via public links or collaboration with internal users. Collaboration limits for internal users can be set via the Collaboration Permissions page.

To add a collaboration policy rule:

  1. Select Settings in the navigation pane.
    The Control Panel page is displayed.
  2. Select Collaboration Policy under CLOUD DRIVE in the Control Panel page.
    The Collaboration Policy window is displayed.
  3. Click New to define a policy.
    1. In the From column select to whom the policy applies.
    2. Unless the user is All Users, select the type of user or group.
    3. In the Quick Search field, enter a string that exists anywhere in the name of the user.
      A list of users and groups matching the search string is displayed.
    4. Select the user or group and click SAVE.
  4. In the To Email column, specify which external recipient email addresses the policy will apply to. You can enter an email address or you can specify an entire domain, by using wildcards. For example, to specify all gmail addresses, enter * or
  5. In the Action column select Allow or Deny to allow or deny the specified user or user group to collaborate on files and folders with external users at the specified email addresses.
  6. In the Authentication column, set which authentication methods the external users will have to use in order to access the shared files or folders:
    Let User Choose – The end user chooses which authentication method to use to authenticate the external user for access to the shared file or folder.
    SMS – The invitation recipient receives a time limited authenticated link to the file or folder. On every access, a new 6 digit passcode text message is sent to the recipient which must be entered to access the file or folder.
    Email – The invitation recipient receives a time limited authenticated link to the file or folder. On every access, a new 6 digit passcode challenge is sent to the recipient by email which must be entered to access the file or folder.
  7. In the Max permission column, set the highest permission level that the user can grant the external collaborator on any shared files:
    • Read/Write
    • Read Only
    • Preview Only

    Preview Only share recipients are able to view the file which is protected with a watermark that includes the recipient’s email or IP address. Users with Preview Only permission are unable to download or copy the file. The file can also not be printed as a file. In addition, content shared in Preview Only mode cannot be synchronized for offline access by CTERA Devices, for example, CTERA Edge Filers or CTERA Mobile.

  8. You can move rules up and down the list on the policy page. When a user invites an external user to collaborate, the first rule on the list, from the top downwards, that matches the external users' email address applies.
  9. Click SAVE.

Was this article helpful?