Email Attachments Are Not Secure File Sharing
Sending sensitive documents as email attachments is still the default for most Australian SMEs. It is also one of the least secure methods of file sharing. Attachments sit unencrypted in inboxes, get forwarded to unintended recipients, remain accessible long after they should, and create multiple uncontrolled copies of sensitive documents.
For businesses handling client data, financial records, or confidential commercial information, secure file sharing is a compliance requirement â not a nice-to-have.
What Secure File Sharing Looks Like
A secure file sharing solution provides encryption in transit and at rest, access controls that limit who can view, edit, or download, expiry dates that automatically revoke access, audit trails showing who accessed what and when, and password protection for external shares.
SharePoint and OneDrive
If your business uses Microsoft 365, you already have enterprise-grade file sharing. OneDrive for individual files and personal work storage. SharePoint for team document libraries and structured collaboration. Share links with specific permissions â view only, edit, or download. Set expiry dates on shared links. Require sign-in or password for external recipients. Block downloading while still allowing viewing.
For most SMEs, SharePoint and OneDrive cover 90 per cent of file sharing needs without any additional cost or tools.
Sharing With External Parties
Sharing files with clients, suppliers, and partners requires additional care. Configure external sharing policies in your Microsoft 365 admin centre â decide whether external users can access shared files anonymously, with a one-time passcode, or only with a Microsoft account.
For law firms sharing sensitive documents with clients, use password-protected links with expiry dates. For construction businesses sharing plans with subcontractors, create a dedicated SharePoint site for the project with controlled membership.
Large File Transfer
Email attachment limits (typically 25 MB) force staff to find workarounds for large files. OneDrive and SharePoint handle files up to 250 GB, eliminating the need for USB drives or consumer file transfer services.
If your business regularly transfers very large files (video, CAD drawings, medical imaging), consider dedicated transfer solutions with faster upload speeds and progress tracking.
Industry-Specific Requirements
Legal practices: Client documents are subject to legal professional privilege. File sharing must maintain confidentiality, provide audit trails, and comply with data sovereignty requirements. SharePoint with sensitivity labels and Information Rights Management provides the necessary controls.
Construction: Project plans, SWMS documents, and compliance records are shared with multiple subcontractors. A project-specific SharePoint site with controlled membership ensures the right people have access to current documents â and only current documents.
Mining and resources: Geological data, safety reports, and operational documents may contain commercially sensitive information. Ensure file sharing platforms store data in Australian data centres and provide role-based access controls.
What to Avoid
Consumer file sharing services (personal Dropbox, Google Drive with personal accounts, WeTransfer) should not be used for business documents. They lack the security controls, audit trails, and administrative oversight that business use requires. Staff often turn to these services when business tools are unavailable or inconvenient â the solution is to make your approved platform easy to use, not to ban alternatives without providing one.
Data Loss Prevention
Microsoft 365 Data Loss Prevention (DLP) policies can automatically detect and protect sensitive information being shared. DLP can block sharing of documents containing credit card numbers, tax file numbers, or other sensitive data, warn users before they share externally, and alert administrators to potential data leaks. Configure DLP policies to match your business’s data handling requirements.
Set Up Secure Sharing
Review how your business currently shares files. If staff are using email attachments, USB drives, or consumer tools, migrate to SharePoint and OneDrive with proper policies. Contact TechAssist to configure secure file sharing for your business.
