January 2, 2025 Enterprise enterprise filesystem security
Blast Office allows enterprise administrators to control which files and directories the AI can access for each user and team.
Why Control Filesystem Access?
In enterprise environments, it’s important to ensure that the AI only accesses files that users are authorized to work with. Filesystem access controls help:
- Prevent accidental exposure of sensitive documents
- Comply with data classification policies
- Enforce separation of duties between teams
Configuring Access
Organization-Wide Defaults
- Navigate to Organization Settings > Policies > Filesystem
- Set the default filesystem access policy (enabled or disabled)
- Define allowed and blocked directories
Team-Specific Policies
- Navigate to Teams > [Team Name] > Policies
- Override organization defaults for specific teams
- Define directory allowlists and blocklists
User-Specific Overrides
For cases where individual users need different access:
- Navigate to Users > [Username] > Policies
- Set user-specific filesystem access rules
- User policies override team and organization policies
Best Practices
- Start with filesystem access disabled and grant access to specific directories as needed
- Use team-level policies to grant access to shared project directories
- Review filesystem policies regularly as projects and team structures change
- Use the strict enforcement mode for sensitive environments