Asset settings

Asset settings give an organization control over how its employees share its assets outside the organization. The System administrator can select a restrictive setting that limits employees from using specific sharing features within Creative Cloud and Document Cloud. Asset settings are used along with other third-party organizational policy enforcement systems to ensure that assets are only shared with appropriate external entities.

You have three sharing restrictions policies to choose from:
  • You can keep this default setting whereby users are allowed to share public links and collaborate on shared folders with anyone inside or outside the organization.
  • Recommended for enterprises who trust their employees to have freedom, control, and access to every Creative Cloud and Document Cloud feature.
  • You can restrict public link sharing and any other public publish option (For example, Publish to Behance, Facebook).
  • Recommended for enterprises who want to prevent public sharing outside the organization but still want access to some collaboration features.
  • You can restrict invitation-based sharing to recipients in your org, claimed domainstrusted domains, and authorized domains. After you set this policy, the users are prevented from sharing organization-owned assets with external users who are not members of the org or in the list of allowed domains.
  • Recommended for enterprises who need tight control over which external domains exactly can access organization assets.

The time taken to restrict sharing through Asset Settings is proportional to the number of users in the organization and the sharing relationships between them. For some Adobe products and services, it also involves invalidating cached entries in CDNs and removing preview images from slack. It can take up to 24 hours for the Asset Settings to fully take effect.

You also have two access request policies to choose from:

You can use this default setting to allow users with no permissions to a folder or document to request access to it.

For added privacy, you can use this setting to prevent users from requesting access to a document that has not been shared with them.

Notă:

Asset Settings are not a digital rights management system (DRM) or a complete asset protection system. Employees with access to certain assets can still copy them and share with others outside the organization using third-party systems.

Deployment Considerations

Before you turn on sharing restrictions, consider the impact it has on your end users. In addition to reduced functionality in certain applications, end-users experience error messages when using this functionality. Also, users must be on the latest version of InDesign, XD, and Acrobat to encounter informative error messages when they attempt to use the reduced functionality. Otherwise, the users see inaccurate error messages.

After you choose a setting, you cannot stop or reverse the consequent deletion process. If you choose No public link sharing, all existing public links are removed and users with these links can no longer access the linked content. If you choose Sharing Limited to Org Members and Trusted Users, any current external collaborators who are not part of the org or claimed, trusted or authorized domains lose access to content previously shared with them.

Below are the Creative Cloud and Document Cloud publishing functionalities that are impacted when you select No public link sharing or Sharing Limited to Org Members and Trusted Users. The exception is that collaboration on shared folders and documents cannot be disabled for users in your org, claimed domainstrusted domains, and authorized domains.

For example:

  • If you choose No restrictions or No public link sharing, collaborative features (such as send private invites in Adobe XD) are not impacted.
  • If you choose Sharing Limited to Org Members and Trusted Users, users can collaborate only with others in the org or in the list of allowed domains.
Application Impacted features
Creative Cloud Assets Collaborate, Share to Slack, Send Link
Creative Cloud Libraries Collaborate, Share to Slack, Send Link
Adobe XD Publish Services, Invitation Services
InDesign Publish Online
Spark Publish
Adobe Color Publish theme
Capture Share, Collaborate
Creative Cloud mobile app Create link, Collaborate
Behance Create project
Portfolio Access to Portfolio site, create drafts, and publish

Application

Impacted features

Acrobat and Reader desktop apps

Share

Web services (cloud.acrobat.com)

Share

Adobe Document Cloud for Microsoft Outlook

Share

Mobile apps (including Adobe Scan and Acrobat)

Share Link, Share Document Cloud Link

Choose Sharing Options

To choose a restrictive Asset Setting for your organization, do the following:

  1. In the Admin Console, navigate to Settings > Asset Settings.

    Sharing Restriction Policy

  2. Choose a Sharing Restrictions Policy.

    You can choose from three levels of restrictions. Once you choose a more restrictive setting, you cannot stop or undo the loss of existing public links or shared folder or document collaborations.

    If you select Sharing Limited to Org Members and Trusted Users, ensure that you define your authorized domains. Any current external collaborators who are not part of the org or claimed, trusted or authorized domains will lose access to content previously shared with them.

    Notă:

    To use the option Sharing Limited to Org Members and Trusted Users with Document Cloud, you must add your claimed and trusted domains to the Authorized Domains.

    Sharing Options

    Restrictions

    Impact on existing links and collaborations

    No restrictions

    Users are allowed to create public links and collaborate on shared folders and documents with anyone.

    No impact.

    No public link sharing

    Prevents users from creating public links.

    Deletes all existing public links. Once this process starts, you cannot stop or undo it.

    Sharing limited to org members and trusted users

    Prevents users from creating public links and restricts collaboration on shared documents and folders only to users in your org, trusted, claimed, or authorized domains.

    Deletes all existing public links and deletes all existing collaborations on shared documents and folders with users who are not in the org or an allowed domain. Once this process starts, you cannot stop or undo it.

  3. Click Confirm.

    If you want your users to continue sharing organization-owned assets with specific external organizations or individuals, do the following:

    • For an external organization, such as an agency: Add its domain to the authorized list of domains under Asset Settings in the Adobe Admin Console.
    • For a freelancer: Issue the individual an Enterprise ID, or Federated ID from your organization.
  4. Choose an Access Request Policy and click Confirm.

    By default, access requests are allowed.

    So, a user with the link to a shared resource, but without the permission to view it, can request access. Users with sharing permissions on the document receive notifications for each access request and can decide whether to grant or deny access.

    The requester receives a notification when the access is granted or denied.

    Access Request Policy

    Notă:

    If you have a sharing limited to org members and trusted users policy selected, that restriction is applied when users attempt to grant an access request made by someone outside the organization. 

Authorized domains

Authorized Domains are the domains that are safe to collaborate with. If you have selected Sharing Limited to Org Members and Trusted Users, you can add domains to the Authorized Domains.

Add authorized domains

  1. In the Admin Console, navigate to Settings Asset Settings > Authorized domains.

  2. Click Add Domains.

  3. Enter the domains in the Add Domains dialog. You can add multiple domains separated by commas. Click Add.

    Notă:

    You cannot authorize subdomains. For example, west.example.com and east.example.com are subdomains of the example.com domain.

    Notă:

    To use the option Sharing Limited to Org Members and Trusted Users with Document Cloud, you must add your claimed and trusted domains to the Authorized Domains.

Remove authorized domains

To remove domains from the list, select the check box to the left of the domain names, and click Remove Domains. Then, click Remove to confirm.

The domain name is removed from the Authorized Domains. If the sharing option is Sharing Limited to Org Members and Trusted Users, any shares to the removed domain are revoked.

Remove an authorized domain

Atenție:

Removing domains from the authorized list deletes all existing collaborations on shared documents and folders between users in that domain and the users in your organization. Once this process starts, you cannot stop or undo it.

Implications for users in multiple organizations

Although Adobe strongly recommends that each user must be a member in only one organization, it is possible for users to be members of multiple organizations. For users in multiple organizations, there can be an ambiguity around which sharing options apply. This ambiguity can be avoided by ensuring each user is a member of a claimed domain associated with one of the organizations.

Sigla Adobe

Conectați-vă la cont