Public file sharing

Public file sharing is the act of making a SaaS-hosted file or folder accessible to anyone who holds the link, bypassing the platform’s authentication and access-control system. In Google Drive it is the “Anyone with the link” toggle; in SharePoint, “Anyone with the link can view”; in Dropbox, a public share link; in Notion, “Share to web.” The setting is one click away from “restricted” and is often the default for an internal collaboration that the user never bothers to lock back down.

Public links solve a real friction problem — they let people share with reviewers, suppliers, or candidates who don’t have a workspace seat — but they also turn the file into a piece of public infrastructure indexed (sometimes) by search engines and forwardable indefinitely. Defining properties:

• No authentication, no audit trail per viewer. You only know the link was followed somewhere; you don’t know by whom.
• Indexable. Public links pasted in tickets, forums, or LinkedIn DMs eventually get crawled. The Census of public Google Docs in 2023 found millions of indexed files containing PII.
• Survives off-boarding. A public link created by a long-gone employee keeps serving the file until someone explicitly removes it.
• Defaults vary by tenant. Admins can disable public sharing globally; many don’t, because it would break legitimate workflows.
• The single most common DLP and audit finding. “We thought it was internal” is the recurring root cause in incident reports.

Most enterprises already have a DLP or CASB policy that could block public shares — and many don’t enable it, because blanket blocking breaks too many legitimate flows. The behavior-centered alternative is to let the action happen, see it in the audit log within seconds, and nudge the user — that’s what SaaS behavior monitoring does.