Notebook sharing currently supports sharing with a password. However, here is a realistic corporate scenario:
- A staff member receives a link to a notebook, with a password
- The staff member leaves the organisation. The link and password are still active
- Data is then available to someone to whom it should not be
- In larger organisations, resetting passwords on shared notebooks will be an onerous task.
This can be addressed more simply:
- Admins can set a corporate security standard that all notebook sharing must have security; either password or system user based (perhaps even Aha role based)
- When set and a notebook is shared, if system user based, when the user visits a link they will first have to enter their Aha username and password to view the page.
- If the user leaves the organisation, their Aha account is deleted and they will be unable to access the link anymore - meanwhile other valid users who access the link will still have access.