File Explorer & Security Labels
The File Explorer is your workspace for managing company documents. This section explains how files are organized, what the security labels mean, and how sharing works.
Getting Around the File Explorer
The explorer screen has three main sections to help you work:
Use the sidebar to jump between your main files, folders shared with you, recently opened files, starred favorites, and the trash bin. It also shows your current storage space.
Lists your folders and files. You can click column headers to sort by name, size, or date, use the search bar, or select multiple files at once.
When you select a file, a details panel opens on the side. It shows who owns the file, who it is shared with, its security level, and if it is locked for editing.
Understanding Security Labels
To enforce structural data isolation, all folders and files are bound to one of four security clearance classifications:
Open / General
Open public tier. Applied to templates, manuals, and general corporate guides. Available to all authenticated system accounts.
Restricted
Restricted internal level. Applied to internal policies, departmental announcements, and team wikis. Exposure outside the company domain is blocked.
Confidential
Confidential clearance rating. Contains sensitive budgets, project plans, and planning records. Direct sharing of SULIT files requires the recipient to have Director clearance or custom group override.
Secret
Secret Board level. Reserved for strategic board agendas, corporate acquisitions, and key configurations. Read access is strictly validated against user clearance levels.
Sharing Files & Access Roles
You can share folders and files with colleagues by typing their email addresses. When sharing, you must choose one of three access roles:
Granted read-only access. Authorized to preview and download assets. Blocked from renaming, uploading new versions, deleting items, or sharing.
Granted read-write privileges. Authorized to upload new file versions, modify names, create subfolders, and lock/unlock files. Cannot downgrade classification ratings or revoke the owner.
Full control. Inherits complete administration rights, including permanent deletion authority, classification upgrades/downgrades, and sharing management.
Dynamic Storage Quotas
User storage limits are allocated dynamically via database quota parameters. By default, accounts are configured with a 5 GB limit (governed by the system default storage quota setting). Administrators can adjust limits individually via the storage tab in the admin console.
Deletions & Recovery
Deleting an asset executes a soft-delete operation, recording a timestamp in the deleted_at column and hiding the row from active directory queries. Users can restore items to their original folders, restoring sharing configurations. Permanent hard deletion is audited.