Google Drive file sharing has gained a permanent position in the structure of many organisations’ daily functionalities of Google Workspace. Never before has file sharing been so fast, easy and… secure?
Wait a minute, are you sure, Google Workspace Admin, that your organization’s Drive is completely safe and that no file has ever been accessed by an unauthorized person?
Let’s see if these stories sound familiar to you…
We had a massive issue with this. The company has about 100 users and they use drive extensively. Loads of sensitive employment information were able to be found by anyone using the search function in drive. I had to get everyone to go through all their folders and subfolders changing the share permission to restricted (…) It was a very stressful time, a couple of staff left after finding out what their colleagues were being paid. (trickstar007)
This past week I kept getting obviously porn bots trying to get me to accept obvious malware files through Google Drive and it’s really starting to irritate me. The weird thing is that only one device is getting the notifications when my other devices have Google Drive on them too. (Xayners 11)
I accidentally uploaded a sensitive file to my work email’s Google Drive. Not shared it with anyone else and immediately deleted but freaking out in case the organization might have caught it. (yeeperson)
If you have never experienced any of these cases, you’re lucky! But I assure you that going through this article about auditing shared files on your Google Drive would be handy for you as well. Whether you can agree with this or not for now:
Sharing is not always caring.
Ask yourself the following questions to audit your Google Drive and prevent sensitive data breaches.
1. Which internal users have access to files on your Drive?
Your users, working in different departments, probably need different permissions to access specific information stored on Google Drive. For some sectors which handle sensitive data, such as health care or insurance services, it is crucial to limit access even between their employees.
With GAT+, you can check the permissions of all users to your Google Drive files and folders. If you realize that an unauthorized user inside the organization is reaching too much information, you can set up a workflow to remove their access as Viewer, Commenter, Editor, Manager, and Content Manager.
Watch the video on how to manage shared Drives directly in GAT+.
2. What externally owned files can your users access?
Don’t forget that your users may have access to some files stored on external drives. Perhaps a customer shared with them a description of the service they order saved on their Drive, or an employee himself added to his Google Drive some useful file found on the web. Your role is also to manage files of external ownership outside the Google Workspace domain shared with your users.
You can identify shared-in files using GAT+. Analyzing them can prevent data leaks and allows you to identify the type of organizations collaborating with your business. It can also help external organizations audit files that their members shared out if you decide to contact them.
3. What files from your Drive are shared out publicly?
It’s quite common to find websites with free files, such as reports or forms saved on Google Drive for internet users to download. Half the trouble is if the author submitted there the file intentionally. Sometimes, however, a user may unconsciously make publicly available some more sensitive files or folders that can be visible to everyone on the internet.
Luckily, any Google Workspace admin will find all public shares and proactively remove them using GAT+. There is also a possibility to exclude all files that are shared into your domain.
4. What files have been shared outside of the organization with external users?
And now it’s time for the highlight. Ladies and gentlemen, your Google Drive file sharing with external users.
Uncontrolled possession and sharing of Google Drive files can lead to severe data leakage. The average data breach cost in the United States is $9.44M, which ranks it first among countries worldwide.
Manage Externally Shared Google Drive Files
Find all Drive files your users have ever shared with any specific user outside the domain and take any action, such as removing their permissions or removing them as a viewer or a contributor, etc. GAT+ makes this process easier and more intuitive:
- View externally shared files
- Filter all externally shared files
- Add additional filters if needed
- Select and take action on external shares
The tool will always display all types of shares from your Google Drive (see the screenshot below) and allow you to take action on any of them.
See how to find this listing, including all files shared with external users outside the domain and shared from external users into your domain in GAT+.
Prefer to watch instead of read? Check out this video to learn how to remove sharing permissions for Google Drive:
DLP Alert on the Number of Drive Files Shared Externally
Another important point is to prevent too much sharing. Google Workspace Admin can receive alerts about the number of external shares of a document. When file sharing exceeds the number in a given period you set in the Alert Rule, you will get a notification to protect your domain from data leakage.
Drive file sharing is the primary concern of many Google Workspace Admins. They usually dream about tidying all files on their Drive and controlling all users’ file-sharing permissions.
After answering those four questions about managing Drive sharing from this article you can prevent possible data leaks in your domain. Plan to audit file sharing permissions of your users regularly across the year to avoid a lot of mess in your organization.
Check this post if you are interested in how to secure file sharing in Google Drive.
On our blog, you can also learn how to choose the best Google shared Drive structure and how to manage Google shared Drives.
Stay in the loop
Sign up to our newsletter to get notified whenever a freshly baked blog post is out of our content oven.