Go to GAT Labs for Education solutions here

Enhancing Google Workspace File Security: A Guide To Managing ‘Files Shared In’

Files Shared in Google Drive

See GAT Labs
in action

Table of Contents

Navigating the complexities of ‘Files Shared In’ is a crucial aspect of Google Workspace File Security. For Google admins, the challenge lies in ensuring that files entering the domain from external sources do not compromise the integrity and safety of their workspace.

Each file shared into your domain, whether it’s a document, spreadsheet, or any other format, carries with it the potential for security risks. 

This guide is specifically crafted to address these concerns, focusing on equipping Google admins like you, with the knowledge and tools necessary to effectively manage the influx of external files. 

‘What Are ‘Files Shared In’?

Files Shared In are documents, spreadsheets, and other files shared from outside your domain into Google Drive. These can come from:

  • Business partners or clients
  • Contractors and vendors
  • Employees using personal Gmail accounts

Collaboration depends on external file sharing. But each file carries a different level of trust and risk.

Risks of External Files in Google Workspace

Allowing files into your domain creates blind spots. Common risks include:

  • Malware or viruses hidden in files that can compromise devices or accounts
  • Data breaches caused by links or embedded scripts granting access to confidential data
  • Compliance violations if files contain unregulated or restricted data
  • Advanced Persistent Threats (APTs) designed to establish long-term access through harmless-looking files

Compounding the issue, Admins cannot block external Google users from sharing files with their domain. If someone has your user’s email, they can share files in.

Why Google’s Built-in Protections Fall Short

Google Drive does provide malware scanning, but with limitations:

  • Files over 100 MB are not scanned
  • Google does not scan all file types and does not publish which ones are excluded
  • Alerts happen at the user level, not the Admin level

This means Admins do not have a domain-wide view of what is being shared in. Without additional auditing tools, suspicious files can slip through unnoticed.

Google Drive Guide

Best Practices for Managing ‘Files Shared In’:

Enhancing Google Workspace File Security against ‘Files Shared In’ requires a multifaceted approach. 

Implementing these best practices will significantly enhance your defenses:

  • Implement Screening Processes: Develop and enforce policies for screening and verifying the safety of incoming files. This could involve manual checks for files from certain sources or automated scans for specific file types. GAT+ distinguishes itself in the marketplace with its unique capability to perform domain-wide scans for files shared in, a feature uncommon in other tools.
  • Utilize Advanced Security Tools: Leverage tools that offer automatic scanning, flagging, and blocking of potentially harmful files. These tools should be capable of analyzing file content for known malware signatures and abnormal behaviors.
  • Access Control and File Quarantine: Implement strict access controls to ensure that files shared into your domain are accessible only to those who need them. Consider quarantining files from less trusted sources until they have been thoroughly vetted.
  • Regular Audits and Updates: Conduct regular audits of file-sharing practices and update your security protocols in response to emerging threats and evolving best practices.

Preventing Dangers in ‘Files Shared In’ with GAT+

A crucial question for Google Workspace Admins is: How does ‘bad stuff’ get into your domain? Often, the answer lies in files shared into your domain. 

This can include email attachments, files uploaded from PCs, Chromebooks, phones, or even USB keys, and of course ‘files shared in’. Understanding and managing all these external file sources is key to maintaining a secure domain.

GAT+ offers comprehensive auditing and reporting on files shared into your domain.

  1. Drive Audit with Sharing Flags: GAT+ allows admins to audit files shared into the domain. By applying the ‘Sharing flags’ filter for ‘Shared In’ within the Drive audit area, you can easily identify and review files from external sources.
GAT Unlock
  1. Weekly GAT Activity Report: Each week, GAT+ delivers a GAT Activity Report to admins, summarizing major events within their domain. The report specifically includes the count of files shared in the domain in the previous week.
  1. Detailed File Analysis: For files that appear suspicious, such as binary or zip files, GAT+ offers a detailed analysis.

This includes a general view of the file details and an ‘Events’ view. The latter shows who in your domain opened or downloaded the file and when.

GAT+ Drive File Audit

These exclusive features of GAT+ provide a robust layer of security for Google Workspace domains. They ensure that admins have the necessary tools and information. This enables them to prevent and respond to potential threats from files shared into their domain.

With GAT+, you have a powerful ally in maintaining the safety and integrity of your workspace.

Closing Thoughts

Remember, the security of your Google Workspace domain is an ongoing journey. It demands continuous attention and adaptation. The use of sophisticated tools like GAT+ is essential to navigate the complexities of digital file sharing.

Stay informed and stay prepared. Leverage the best resources at your disposal. This ensures your domain remains a safe and productive environment for all users.

Insights That Matter. In Your Inbox.

Join our newsletter for practical tips on managing, securing, and getting the most out of Google Workspace, designed with Admins and IT teams in mind.

Subscribe to GAT Labs Newsletter