Of course we have suggestions! Keep in mind that there is no perfect scheme because so much depends on individual circumstance. But here are some general principles and a few of the more commonly used layouts we have seen.
General Principles
Always use the principle of least privilege. If someone needs to read data from a folder but you don’t want them changing anything then only give them read access – even if that means an extra step to add a new permission for the folder.
Try to keep permission changes near the top of your volume and let them be inherited down from there. It’s very easy to forget about a permission change to a folder that is five layers deep.
Use groups for permissions as much as possible – as opposed to permissions for individual people. This is much easier to manage and we are happy to create new groups for you as needed. The exception to this rule is when there is no chance you will ever want to add the same permission for someone else.
Common layouts – mix and match as appropriate for your needs.
A folder for each person where that person has read/write permissions in their folder but not elsewhere. Often, the rest of the lab group will be given read only permissions to all the other personal folders.
A folder where everyone has read/write and another folder where everyone has read only access.
A folder for each “project”. Depending on how much overlap there is between the people working on different projects, you may want to ask us to create more groups for you to manage the permissions in each project. Often within a project folder there might be separate read/write and read only areas.