Skip to content

Spaces: Granular Data Access and Control

Overview

The Spaces: Granular Data Access and Control feature enables users to create isolated, segmented environments within their UnoLock Safe, called "Spaces," where different data sets can be stored and managed separately. Spaces primarily provide compartmentalization inside one Safe, where different access keys can be granted different permissions. For collaboration between separate Safes, UnoLock uses Shared Spaces, which are a distinct model.

How It Works

  • Creating Spaces: Users can create multiple Spaces within one Safe, each designed to hold a separate set of files, documents, or data. These Spaces act as distinct compartments with their own access controls and permissions.
  • Granular Access Control: For each Space, users can define which access keys inside the same Safe have access and what permissions they have (e.g., read-only, read-write, or admin).
  • Permission Management: Users can modify Space permissions over time by adding or removing same-Safe access-key access as needed.
  • Role-Based Access: Permissions within Spaces can be assigned based on roles, ensuring that only authorized access keys can modify sensitive data or perform administrative tasks.
  • Separate Cross-Safe Model: If the goal is collaboration between separate Safes, the correct feature is Shared Spaces, not same-Safe key assignment.

Security Implications

  • Data Isolation: Each Space is isolated from the others, ensuring that access to one Space does not grant access to another. This compartmentalization minimizes the risk of unauthorized access to unrelated data.
  • Controlled Same-Safe Access: Multiple access keys can use the same Safe while still being restricted to only the Spaces intended for them.
  • Controlled Cross-Safe Collaboration: Shared Spaces allow collaboration between separate Safes without exposing the rest of either Safe.
  • Granular Permissions: The ability to assign different permissions (e.g., read-only, full access) provides additional security by limiting what users can do within each Space, reducing the risk of accidental modifications or data leaks.

Use Cases

  • Team Segmentation in One Safe: Organizations working on different projects or departments can create separate Spaces for each project and assign same-Safe access keys to only the relevant Spaces.
  • Personal Data Segmentation: Users who manage different types of personal data, such as financial records, legal documents, or medical information, can organize these datasets into different Spaces, each with its own level of security and access control.
  • Shared Family or Business Safe: Families or businesses using one Safe can use Spaces to separate private data from shared information. Each family member or employee can have access only to the Spaces assigned to their access key.

Why It Matters

In environments where sensitive data is being managed, fine-tuned control over access is essential for security. Spaces offer a powerful way to compartmentalize data and limit which access keys can view or edit information inside one Safe, reducing the risk of unauthorized access or accidental sharing. When the goal is collaboration without sharing an entire Safe, Shared Spaces extend that model across separate Safes.

FAQs

Can I assign different permissions to different users within the same Space?

Yes. Different access keys in the same Safe can be given different permission levels (read-only, read-write, or admin) for a Space.

Can someone with access to one Space see other Spaces in my Safe?

No. Each Space is isolated. Access keys granted access to one Space cannot see or access other Spaces unless specifically authorized.

Can I change the access permissions for a Space after it’s created?

Yes. You can update permissions at any time, allowing you to add or remove same-Safe access-key access or change roles within the Space as needed.

Compliance & Privacy Regulations

  • GDPR & HIPAA Compliance: Spaces allow for strict control over who has access to personal or sensitive data, supporting compliance with data privacy regulations such as GDPR and HIPAA by ensuring that only authorized individuals can view or modify protected data.

Integration with Other Features

  • Advanced Key Management: Spaces work alongside UnoLock’s advanced key management, ensuring that each Space is protected by its own encryption keys and that only authorized users can access the data.
  • Safeword-PIN Protection for Sensitive Spaces: Spaces can be marked as sensitive so safeword-PIN features can hide or delete them, depending on the tier.