Best Practices - Security

Ariel Cascallares
Ariel Cascallares
  • Updated

What’s in this article?

This document aims to give our clients/customers a self-help guide with both tips, and guidelines on 2 different levels so they can distribute to the users, and the other account admins, to standardize processes.

Part 1: Best Security Practices For Users

Bear in mind that even within your organization, you should protect any content that might display an end user’s private information or sensitive content related to your role that can’t be shared internally.

This can be done in several ways:

Step 1

Review your company’s security and compliance rules to ensure compliance.

Step 2

After creating an item (screenshot, video, GIF), make sure that you use the annotation tool to blur any private information.


Screen Recording 2023-08-07 at PM.gif

        Here’s additional information about blurring.

Step 3

Set sensitive content to expire automatically in tandem with, or instead of, blurring. This will add another layer of security as the recipient will not have access after a period determined by you or your team. You can do that individually (see GIF below) or from the template menu if you want to set up default security settings.

Screen Recording 2023-08-07 at PM.gif

Step 4

You can also determine several security levels:

Screen Recording 2023-08-07 at PM.gif

       a. Anyone with the link can view

       b. Anyone with the link and passcode can view

       c. Anyone can view in your organization

       d. Anyone can edit in your organization

       e. Anyone as long they give their email address can view

       f. Only emailed people can view

Step 5

Check regularly for updates in the Desktop App. Here’s how to do it.


Part 2: Security Tools For Admins*

*Please confirm your Zight plan as some of these features are exclusively available to our Enterprise plan.

Regulatory Corporate Security Requirements

Zight software complies with SOC2 and has the most used security tools in the market:

Security Best Practices For Everyday Use And Productivity Enhancement

There are several good practices for your periodical due diligence, and for time-saving:

  1. Creating templates with different security settings according to the groups who use Zight. If you, as an Admin, set up the security settings using a template, you can help your teams save time and prevent them from accidentally disclosing private information. Here’s a video on how to do it.
  2. Verify periodically that tools like SSO function properly after updates from any party
  3. Deprovision Zight Admins as soon as they are no longer with the company. Consult with your SCIM service provider for further info on how to provision and de-provision.
  4. Inform Zight of any Admin and, Account Owner changes as soon as they are relieved from their roles via Zight support at

Accessing your Admin Security Settings

Here’s a quick overview of where to find which security setting in your Zight Admin Settings panel:

Members: Domain Lockdown, Auto Join

Authentication: SSO, SCIM

Files: Global file-sharing settings

Customize: Viewer configuration (enabling/disabling downloadable content, comments & reactions)

Related to

Was this article helpful?

1 out of 1 found this helpful

Have more questions? Submit a request



Please sign in to leave a comment.