Sharing Policy Options

Option	Description	Notes
View Online	File can be viewed in Microsoft online or various online viewers depending on the file type (.pdf, .jpg, .png, .mp4, .csv, etc.).	Viewing with office online is limited to file types supported by Office Online Viewing with eShare secure viewer is available for most common file types
Edit Online	Online editing of file is provided via eShare’s integration with Office online and supports co-authoring files.	If Edit is selected, then View is auto selected Editing is limited to File types supported by Microsoft
Delete	Allows recipient to delete files/folder within a Trusted Share.	The deletion right applies to all files, not just the ones the recipient uploads.
Download	2 Options are available: Files can be downloaded. Files can be download but must request approval from the owner before being allowed to download.	If watermarking is enabled, the file is download with the watermark
User Watermark	Viewed and/or downloaded files are watermarked with the email address and IP Address of the recipient.	Users will be able to edit files if Watermark and Edit are enabled Watermarking discourages screen capture, cell phone pictures, etc.
Brand Watermark	Viewed and/or downloaded files are watermarked with a selected logo/brand image uploaded by the organization.	Users will be able to edit files if Watermark and Edit are enabled Watermarking discourages screen capture, cell phone pictures, etc.
Allow Files to be Uploaded to Shared Directories	Allows recipient to upload files into the trusted share.	Uploading can be limited to root folder, any subfolders, or specific subfolders
Allow Folders to be created to Shared Directories	Allows recipients to create new folders or upload folders into the trusted share.	If Folder creation is enabled then the ability to upload files is auto selected
Control Upload File Types	File uploads by recipients can be allowed or blocked by different file type categories.	While certain file types are not available In the pre-defined categories, can create a custom list of extensions to allow or block
Max Upload File Size Allowed	A Maximum upload file size is specified in KB or MB.	The Default max file size is whatever the customer Cloud Provider supports (ex. M365 is 250GB per file) Recipients can upload files up to the specified maximum size to the shared folders
Allow/Deny List Switch	Controls domains to which trusted shares may be sent to.	“Allow” permits users to send shares only to the permitted list of domains “Deny” blocks the ability to send shares to listed domains
Filtering Recipient Email Domains	This is an exception list of domains/email addresses that will be applied against the Allow or Deny List.	Multiple Domains or Email addresses may be added to the list if they are affected by the block or allow
Allow recipients to reply securely	Enables the “Secure Conversation” feature for the Trusted Share. The conversation can be set in 3 different styles: All Collaborators compose/reply, Owners compose only, Private Reply to owner and co-owner(s) only.	Allows recipients to message Trusted Share owner and other Recipients via the eShare Application.
Allow SMS notifications in conversations	Enables SMS notifications feature for the Trusted Share.	Allows recipients to send an SMS Notification, similar to email notifications, when they @ mention someone within Secure Conversations.
Allow export of secure conversation	Enables the ability for users to export the Secure conversation.	Supported export formats are PDF and Excel.
Allow email notifications: Activities	Sends Email Notifications on Trusted Shares' activities, as uploading, downloading, accessing a Trusted Share and more.	This option overrides the tenant default for this notification type, however personal email notification preferences will take precendence over the Share specific setting.
Allow email notifications: Requests and Actions	Sends Email Notifications requiring action from Trusted Share owners/co-owners.	This option overrides the tenant default for this notification type, however personal email notification preferences will take precendence over the Share specific setting.
Allow email notifications: Messages	Sends Email New messages and replies from Secure Conversations within your Trusted Shares.	This option overrides the tenant default for this notification type, however personal email notification preferences will take precendence over the Share specific setting.
Make all internal recipients’ co-owners	Sets all internal organization recipients as co-owners on the share by default.	When enabled, all internal members of a share will automatically promoted as a co-owner when added to the share.
Include SharePoint members/owners	Automatically adds all owners/members of the SharePoint site as co-owners on the share. This can be set to only add Owners, or add Owners+Members.	The creator does not need explicitly add owners/members, they will be identified and added upon TS creation.
Recipients can invite others	Allows Recipients to invite others to collaborate on the Shared File/Folder.	All Invitation attempts by recipients are logged and triggers a notification to Share Owner.
Auto Approve recipient invitations	Sets auto approval criteria for recipients who invite other collaborators. Auto approval options are: None, Same organization as inviter, or All.	In cases where the Share owner must approve, invitee would get access to the share only after it is approved.
Recipients can View recipients list	Allows recipients to see who else is a member within the trusted share.	Owners and co-owners will still be able to view the recipients list if this is disabled.
Hide Sensitivity Labels and Tags from External Recipients	Hides the column displaying the Sensitivity Label or DLP tag within the Trusted Share.	When enabled, the column which displays the name of the Label or Tag within the Trusted Share will not be visible to recipients external to your organization.
Allow recipient to request access to shares & files that this policy's sensitivity label would otherwise block	Enables recipients of a Trusted Share to request access to view files with Sensitivity Labels.	This option enables Recipients of a Trusted Share to send an access request to the owner of the Share. If approved, the recipient will be able to interact with files protected by Sensitivity Labels.
Require one-time password	Requires recipient to request one-time passcode to access the share, new passcode is required for each access.	Passcode must be used within 5 min. After 5 invalid attempts, the share is locked. Can be unlocked by share creator or is auto unlocked after 30 min.
Require login	Requires the recipients to login to eShare via OpenID or using a created eShare account.	Most secure authentication option.
Enforce OpenID	OpenID allows recipient to authenticate using their existing provider like Google, Microsoft, and Yahoo email accounts.	This option is only applicable when Require login is enabled. If recipient does not have an OpenID supported email address, they will create an eShare account.
Require terms of use	Recipients must accept an organization defined Terms of Use before proceeding in accessing the shared data. Terms of use can applied on Share access and/or on File Access. The ToU can be showed with different frequencies like: Once, Once a browser session, and Everytime.	An organization can create unique Terms of Use for different Sharing Policies. If the recipient rejects the Terms of Use, they will be denied Access.
Default expiration for Shares	Sets a default expiration period for all recipient links, the setting allows for expiration after: One Day, One Week, or any other specified time period.	Attempted access after expiration triggers a web-based workflow to request and approve an access extension. Extension request goes to the Owner/Co-owners.
Convert native Microsoft links to Trusted Share links	Allows users to send native Microsoft links via email which the Secure Collaboration Gateway will convert to an eShare Link. Users can also upload or paste links into a Secure Conversation to add them within a Trusted Share.	At this time only Microsoft link conversion is supported.
Secure Message Body	Messages delivered by Secure Collaboration Gateway are stripped of its content when delivered to the Recipients and is only available for viewing within the created Trusted Share	When enabled, all the content of the email body will be removed.
Use Policy for Secure Mail Gateway	Allows Organization Administrators to define triggers that will direct Emails to the Secure Collaboration Gateway. Available options are: When in list/Not in List, specify a domain list that will trigger emails being sent out to SCG. When Keyword is present, when a specific keyword is inserted in the message subject, body, header to trigger SCG. Keyword, defines the keyword that will trigger SCG to process the message.	The Primary purpose of this is for organization to define which headers and keywords will trigger Secure Collaboration Gateway to protect attachments and emails.
Handle Secure messages for internals the same way as external	When a secure email is sent, this setting defines whether internal users receive only the internal un-secured email, or if they also receive the secured email the external recipients are sent.	If enabled, internal recipients will receive 2 copies of the email, one normal email and the eShare secured email.