Where are my files, and who can access them?
These are the two key questions in Digital Asset Management (DAM) and they boil down to the issues of information management and information security.
In most systems there are two options for tackling these questions — “folder-based” or “asset-based” systems.
Essentially, the difference between the two is whether the system considers permissions at a container (folder) level or at an individual asset level. Each have pros and cons of but there’s definitely no silver bullet that you can apply across all scenarios.
Let’s examine them both…
Folder-based systems ('Folders')
One of the simplest information management systems (if you can call it that!) is using a folder structure within Windows or your operating system of choice. With folder structures you can quickly divide your assets into different areas, improving your ability to find them.
Search functionality in basic systems is often limited, and sharing files rapidly becomes a chore as your email client tells you that your attachment is too large, but it is sometimes a workable solution — these are the “network drives” that many companies use in one form or other.
Folder-based information security
This leads on to the question of information security: network drives and digital asset management systems can quickly become very complex to set up, meaning you can struggle to achieve the correct results. Certain functionality — such as restricting folder visibility based on users — is not a simple option within basic systems such as Windows. By using a DAM package, you will have greater flexibility over the permissions each user has with specific folders — ranging from not being able to see if the folder exists all the way through to being able to add/remove files without any form of approval.
Visualising a folder-based system
A simple and visual way of thinking about a folder-based system is to consider a farm: the various animals can be split into different containers (e.g. cattle or poultry) but each individual animal has an equivalent level of restriction. People are split into groups depending on their position — some can only view the animals, others can interact with them directly. By adding further levels of containment (e.g. cattle -> bulls) it is possible to change the restrictions on the assets (which is a good thing as you don’t want the general public interacting directly with territorial bulls!).
In practice, subfolders are often used in order to aid navigation or to change the permissions level — such as a “Restricted” subfolder that stores more sensitive assets only visible to certain users.
Public and Staff have different levels of access to all assets in the Poultry folder
Asset-based systems ('Access Levels and Categories')
When using a folder-based system, the key detail regarding permissions is that they are held at folder level. This means that all assets within a single folder will be treated the same when considering a specific user.
The alternative system of asset-based permissions is not standard functionality within many systems and not easily available in basic alternatives such as a Windows network drive. Most of the time this level of granularity is not necessary but it can be a powerful option where necessary. By using an asset-based system for your information management you are able to link user permissions directly to each individual asset, rather than these being inherited from a folder structure. The advantage of this is that you can easily group your files together in a logical structure without impacting on the security restrictions that you want to implement.
Asset-based information security
By assigning permissions at asset level rather than folder level you have more control over who can see, download or edit each individual asset. Each file can have unique permissions that you can tie to a specific user or group of users. Often the majority of assets are grouped together using fairly ‘open’ permissions such as a ‘universally accessible’ tag that you apply by default and remove where not suitable.
A good example could be a manufacturing company that has large amounts of documentation about each specific product that they make. It makes sense to group all of the assets about a specific product in the same place, but the individual assets will need different access restrictions based on the file. Draft documentation or formal contracts may only be visible to the sales team, whereas technical documentation may only be editable by a dedicated expert and so on.
Visualising an asset-based system
Going back to my animal-oriented example, if you were considering a zoo then you might have a category of ‘felines’ but it would be very important to ensure each individual animal has individual permissions — it would be a bad idea to mix up the access levels for a baby tiger compared to an adult tiger! This requirement for individualised permissions (even within the same category) is a good reason why this system would be more suitable than a folder-based alternative.
Public and Staff have different levels of access for each individual asset
Which system is better?
In our experience, we generally find that users understand folder-based systems more easily. That being said, in some scenarios a folder-based system simply isn’t suitable, which means it is important that the tool you are using to store your assets gives you the full range of options. This may be because of the type of assets you hold, the structure of your organisation or simply the way you want to maintain your information security.
Here are some examples where the two options could be used:
Which system? | Folder-based | Folder-based | Asset-based |
What is the context? | Business with defined departments | A global company | Company with detailed information about each product |
Why this option? | Different departments such as ‘Finance’ and ‘Marketing’ can interact with all of their individual assets, but only view assets from other departments | Each country has access to their own assets including the use of ‘restricted’ sub-folders for sensitive files. Can request files from other country’s folders but need authorisation | Large amounts of information held about each product which needs to be contained together but some of which is commercially sensitive or should only be visible to certain teams |
How does this work in Asset Bank?
Asset Bank has full functionality for both of these storage structures — we call the two options “Folders” and “Access Levels and Categories”. The default setting for a newly installed Asset Bank is folder-based as we generally find this to be more intuitive and user-friendly.
Folder-based storage within Asset Bank
By using a range of folders and sub-folders it is easy to divide your assets throughout the system to make files easy-to-find. Even at this very basic level there are a range of advantages when using Asset Bank compared to a network drive: the search functionality is much more powerful and by using metadata (such as ‘title’, ‘description’, or ‘keywords’) you are much more likely to find a specific file that you’re looking for. The browsing experience is also massively improved as you can choose to display thumbnails for folders to browse in a much more visual way, you can hide empty folders to save accessing dead-end folder structures, and you can also customise which folders are accessible to which users.
In our experience, users understand the concept of Folders without difficulty — hence it being the Asset Bank default. When browsing your Asset Bank you will see Folders that contain your assets, and where necessary you can have sub-folders in order to ease navigation and separate files. When searching for specific files, you can choose to include any number of folders in your search in order to narrow down your query — and as all assets need at least one folder, you will find it quick and easy to track down the asset you are looking for.
As mentioned above, each Folder has specific permissions; the key thing to remember is that all assets within the same folder are treated equally to a single group of users. If you have multiple groups (of users) then they may be able to interact with the Folder differently; some may have view-only access, some may be able to download (with or without approval), and some users may not be able to see or access it at all.
Asset-based storage within Asset Bank
Within Asset Bank there is the option to use ‘Asset levels and Categories’ as an alternative to a folder-based structure. In this system you can use Access levels that are set on an asset-by-asset basis to govern permissions for groups of users, and Categories as a hierarchical way of storing your assets, with the same easy-to-use appearance to a folder-based system.
For anyone that has been using Asset Bank for multiple years, you may have seen older versions of the software where this setting was the default - the setting is still available by enabling Categories and renaming 'Folders' to 'Access Levels', but we only recommend this in specific cases where the default option of Folders is not appropriate.
The single main difference is that in this system the permissions are set to each individual asset using Asset levels, rather than being set to a folder.
Figured it out?
Now that you’ve read about different ways of storing files in your DAM system, it may make it easier for you to choose which package is best for you and your company. Remember that our consultants are always on hand to advise you further.
Comments
1 comment
Chris, this was an excellent article and really clarifies how the two different setups work. Thank you so much!
Please sign in to leave a comment.