As an Enterprise customer, you need to take extra precautions when it comes to file and data security. To help, MURAL offers a few options for restricting file exchange permissions. In MURAL, you can:

  • Restrict uploads by file type.

  • Restrict downloads for guests, visitors, or collaborators with external email addresses.

  • Prevent your own members from uploading files to other companies’ workspaces.

Keep in mind that anyone with an email domain other than what is associated with your MURAL account is not a member of your MURAL workspace. Those with non-company emails may be referred to as guests, visitors, or collaborators with external email addresses in this article.

Your company admins can customize these settings on the file restrictions page to best suit your needs.

Note: Company admins are determined at the start of an Enterprise relationship with MURAL. If you are having issues with admin permissions, contact support@mural.co for assistance.


Index


Restrict uploads by file type

From the file restrictions page, you can set a blocklist or allowlist of file types that can be uploaded to a mural. This is helpful if you know your collaborators only need to upload a certain file type. By only allowing that file type to be uploaded, you avoid becoming susceptible to cyberattacks that use other file types. Similarly, if you know of a certain file type that another party might use to target your data, you can block that file type specifically.

Note: MURAL uses a form of MIME detection that covers most file types. If you find you're unable to restrict a certain file type, reach out to support@mural.co for assistance.

To restrict uploads by file type:

  1. Click your name in the bottom left corner of the dashboard. A list of options opens.

  2. Select Company dashboard from the list of options. The company dashboard opens.

  3. Select the File restrictions tab from the left sidebar. The file restrictions page opens.

  4. From the file restrictions page, check the Restrict uploads of specific file types box.

  5. Select either Block only these MIME types or Allow only these MIME types, depending on your preference.

  6. Enter the MIME types you want to either block or allow.

  7. Click Save Changes.

Here's a tip: If you only want to block one or two file types, it's easier to create a blocklist. If you only want to allow one or two file types, it's easier to create an allowlist. The end result can be the same, so choose whichever works best for you.

Note: MURAL can't always detect a file's MIME type. So, you’ll see the option to allow collaborators to upload unrecognized file types. Enable this with caution as doing so can lead to security vulnerabilities.

Now, when a collaborator tries to upload a file type you don’t want them to, they’ll see an error letting them know that file type is not permitted by the company administrator.


Restrict downloads for collaborators with external email addresses

Part of what makes MURAL great is that you can collaborate with people outside your organization. And we encourage you to embrace that external collaboration! With that said, we know working outside of your company also brings its own set of security concerns. That’s why we give you the option of restricting downloads in your workspace for collaborators with external email addresses. So, if you only want members of your organization to have the ability to download your files, you can do that.

To restrict downloads for collaborators with external email addresses:

  1. Click your name in the bottom left corner of the dashboard. A list of options opens.

  2. Select Company dashboard from the list of options. The company dashboard opens.

  3. Select the File restrictions tab from the left sidebar. The file restrictions page opens.

  4. From the file restrictions page, check Restrict downloads by file extensions.

  5. From the Restriction options dropdown, select one of the following:

    1. Block all file downloads to restrict non-company members from downloading any files.

    2. Block only these file types to create a blocklist of file types you don't want non-company members to have access to.

    3. Allow only these file types to create an allowlist of file types you do want non-company members to have access to.

  6. Enter blocked or allowed file type extensions, if applicable.

  7. Click Save Changes.

Now, if a non-company user attempts to download a file they don’t have access to, they will see a message letting them know their access is restricted. These restrictions also apply to deleting files. If a non-company user attempts to delete a file they don’t have access to, they will see a similar message letting them know of this restriction.


Restrict uploads to other companies’ MURAL workspaces

Just as you might invite external collaborators to your workspace, members of your own organizations might also be invited to collaborate with other companies. To prevent your members from sharing any confidential files, MURAL lets you restrict your members’ ability to upload files when working in external workspaces.

To restrict your members from uploading files to external workspaces:

  1. Click your name in the bottom left corner of the dashboard. A list of options opens.

  2. Select Company dashboard from the list of options. The company dashboard opens.

  3. Select the File restrictions tab from the left sidebar. The File restrictions page opens.

  4. From the file restrictions page, check the Block uploads to other companies’ MURAL workspaces box.

  5. Click Save Changes.

Now, if one of your members attempts to upload a file to another company’s workspace, they’ll see a message letting them know they are not permitted to upload files to that workspace.

Note: When updating the above admin settings, changes will not go into effect until your collaborators refresh whatever page they’re on or navigate to a new page in the workspace.

Did this answer your question?