Simplified sharing security: what organization administrators should know
This article explains the security considerations for enabling "Share via link" in your Inspector Online Organization settings
Share via link allows authorized users in your organization to create links that let external recipients view an Inspector Online inspection without signing in to Inspector Online. This can be useful when you need to share inspection results with people outside your organization, such as asset owners, contractors, auditors, or other stakeholders.
Inspector Online also supports sharing inspections with named users who create an Inspector Online account. If Share via link is disabled, users can still share inspections through account-based access, where the recipient signs in before viewing the inspection.
A shared link works like an access key. Anyone who receives or obtains a valid link can open the shared inspection while the link is active. This means that links should be handled carefully. A link could be exposed unintentionally if it is forwarded, pasted into a broadly accessible chat or ticket, included in an email thread, saved in a shared document, visible in a screenshot or screen recording, or retained in browser history.
Before enabling Share via link
Share via link is disabled by default. An organization administrator must explicitly enable it for the organization before users can create shared links.
Before enabling this feature, consider whether link-based access is appropriate for the inspection data your organization stores in Inspector Online. In particular, consider whether your organization is comfortable allowing authorized link creators to share inspection access with recipients who do not need to sign in.
Enabling Share via link does not mean that every user in the organization can create links. Link creation and link management depend on user roles. However, once the feature is enabled, several non-administrator roles may be able to create links, so organization administrators may want to give link creators guidance that fits their organization’s requirements.
Who can create and manage shared links
When Share via link is enabled for the organization, the following roles can create and manage shared links:
Organization Administrator
Yes
Yes
Organization Manager
Yes
Yes
Organization Editor
Yes
Yes, for shared links that they created
Organization Viewer
No
No
Asset Manager
Yes, for assigned assets
Yes, for assigned assets
Asset Editor
Yes, for assigned assets
Yes, for assigned assets, and shared links that they created
Asset Viewer
No
No
Organization-level roles apply across the organization. Asset-level roles apply only to the assets where the user has been granted that role.
Before enabling Share via link, review which users have roles that allow link creation. Depending on your organization’s needs, you may want to define expectations for when links may be created, which expiration periods are appropriate, whether maximum-open limits should be used, and when links should be revoked.
What a recipient can access with a shared link
A recipient does not need an Inspector Online account to use a valid shared link.
A shared link gives read-only access to the specific inspection for which the link was created. Depending on the inspection data, the recipient may be able to view:
The parent organization and asset name, for context
The shared inspection and its details
Flights within the shared inspection
Snapshots, points of interest, measurements, and maps
Videos, images, LiDAR data, meshes, colorized point clouds, and other inspection files
Read-only access may still allow a recipient to download inspection files. Consider this when deciding whether Share via link is appropriate for your organization and when deciding which inspections should be shared this way.
What a recipient cannot do with a shared link
A shared link does not give the recipient a normal Inspector Online user account and does not give administrator access.
A recipient using a shared link cannot:
Edit or delete inspection data
Access other inspections or assets
Access comparison over time
See user information or organization settings
Create or manage shared links
Manage users, roles, billing, or organization settings
Shared-link access is scoped to the inspection that was shared.
Controls available for shared links
Share via link includes controls that help link creators and managers limit and monitor link use.
Expiration
Shared links may have an expiration date. After the expiration date, the link no longer provides access to the inspection. By default the expiration date is set to 90 days after the link creation.
Shorter expiration periods reduce the time during which a copied, forwarded, or unintentionally exposed link can be used. Link creators should choose an expiration period that fits the purpose of the share.
Revocation
A shared link can be revoked at any time, whether or not an expiration date was set. Revocation is useful when a link is no longer needed, when an external review is complete, or when there is a concern that the link may have been shared more widely than intended.
Revoked links remain visible in the shared-link list for traceability, together with their status and usage information.
Maximum-open limit
A link creator can set a maximum number of times a link may be opened. By default, this limit is not set.
Setting a maximum-open limit can act as an automatic circuit breaker if a link is used more widely than expected. For example, a creator sharing with a small number of known recipients may choose to set a limit that reflects the expected number of opens.
A maximum-open limit is a practical safeguard, but it should not be treated as the only protection for sensitive inspection data. The most important control is still deciding where, how, and with whom the link is shared.
Access statistics
Link creators and managers can see usage information for shared links, such as how many times a link has been accessed and when it was last accessed.
This can help identify whether a link is still in use or whether it may have been used more often than expected.
Audit trail
Inspector Online records shared-link activity for audit purposes. This includes link creation, link access, and link revocation events.
Access records may include operational metadata such as the time of access, IP address, and browser information. This information can help with review and investigation if a link is suspected to have been shared unintentionally.
Points to consider for your organization
Each organization has different requirements for sharing inspection data. Before enabling Share via link, you may want to consider what guidance is appropriate for your users.
When to use shared links
Which types of inspections are appropriate for link-based sharing without recipient sign-in?
Who creates links
Which users have roles that allow link creation, and are they expected to assess inspection sensitivity before sharing?
Expiration
Should link creators set expiration dates? For sensitive or time-limited reviews, should they choose shorter expirations?
Maximum-open limit
Should link creators set a maximum-open limit when sharing with a known small group of recipients?
Sharing channels
Which email, messaging, ticketing, or document-sharing channels are appropriate for the sensitivity of the inspection?
Review and cleanup
When should links be revoked after the external recipient has finished reviewing the inspection?
Suspected leakage
Who should link creators contact if they think a link was sent to the wrong person or shared more widely than intended?
Disabling Share via link
Organization administrators can disable Share via link later from organization settings.
When Share via link is disabled, users can no longer create anonymous shared links. Existing anonymous shared links are revoked and deactivated. Users can still share inspections using account-based access, where the recipient creates or uses an Inspector Online account before viewing the inspection.
Last updated
Was this helpful?