Enhancing Google Workspace File Security: A Guide To Managing ‘Files Shared In’

Navigating the complexities of ‘Files Shared In’ is a crucial aspect of Google Workspace File Security. For Google admins, the challenge lies in ensuring that files entering the domain from external sources do not compromise the integrity and safety of their workspace.

Each file shared into your domain, whether it’s a document, spreadsheet, or any other format, carries with it the potential for security risks. 

This guide is specifically crafted to address these concerns, focusing on equipping Google admins like you, with the knowledge and tools necessary to effectively manage the influx of external files. 

​​Understanding ‘Files Shared In’ 

‘Files Shared In’ is a key focus area in Google Workspace File Security. These are documents or files shared into your domain from outside sources, including Google Docs, Sheets, or files transferred via email or sharing links. 

The complexity of ‘Files Shared In’ lies in its dual nature: while essential for collaboration and productivity, it also presents a unique set of security challenges. 

These files can come from various external partners, clients, or even personal accounts, and each source carries a different level of trust and risk. 

For instance, files from unknown or less trusted external entities pose a higher risk of containing harmful content, such as:

• Malware and Viruses: These are malicious programs hidden within files that, upon opening, can infect your systems, leading to data corruption, loss, or unauthorized access to sensitive information.

• Data Breaches: Often, files may contain scripts or links that lead to unauthorized data access, potentially exposing confidential information and violating privacy laws.

• Compliance Issues: Files from external sources can sometimes contain content or data that is not compliant with industry regulations or corporate policies, putting your organization at risk of legal and regulatory penalties.

• Advanced Persistent Threats (APTs): These are sophisticated, multi-stage attacks often hidden in seemingly innocuous files, designed to establish a long-term presence in your network for espionage or data exfiltration purposes.

Furthermore, these security risks are compounded by the diverse range of file types and the varying levels of technical savvy among users in your domain. 

Note: There is no way you can block external Google users from sharing files with you. If they have your domain email address, then they can share with you from any gmail account. After an attempt to share, individual domain users can block external users on a one-by-one basis. See here to find out how.

Now the (mostly) Good News

Google Drive scans for files that may contain malware. However, Google Drive does not automatically delete files that are detected as malware. Instead, Google Drive will notify you that a file has been detected as malware and give you the option to delete it or keep it. The same rigorous anti-virus protections that keep Gmail safe also apply to Google Drive. Most Google Drive files undergo a real-time scan prior to any download or public sharing. Google Drive stores files in a non-executable format, which prevents ransomware from propagating within Drive.

While scanning and notification is a good thing, it is at the user level. Domain Admins still have no overall view of the files shared into their domain. There are other Admin concerns also. Google does not scan any file larger than 100 MB, nor does it scan all file types (it deliberately does not publish a list of unscanned file types). For this reason, Admins need to actively monitor the files being shared into their domains.

Best Practices for Managing ‘Files Shared In’:

Enhancing Google Workspace File Security against ‘Files Shared In’ requires a multifaceted approach. 

Implementing these best practices will significantly enhance your defenses:

• Implement Screening Processes: Develop and enforce policies for screening and verifying the safety of incoming files. This could involve manual checks for files from certain sources or automated scans for specific file types. GAT+ distinguishes itself in the marketplace with its unique capability to perform domain-wide scans for files shared in, a feature uncommon in other tools.

• Utilize Advanced Security Tools: Leverage tools that offer automatic scanning, flagging, and blocking of potentially harmful files. These tools should be capable of analyzing file content for known malware signatures and abnormal behaviors.

• Access Control and File Quarantine: Implement strict access controls to ensure that files shared into your domain are accessible only to those who need them. Consider quarantining files from less trusted sources until they have been thoroughly vetted.

• Regular Audits and Updates: Conduct regular audits of file-sharing practices and update your security protocols in response to emerging threats and evolving best practices.

Preventing Dangers in ‘Files Shared In’ with GAT+

A crucial question for Google Workspace Admins is: How does ‘bad stuff’ get into your domain? Often, the answer lies in files shared into your domain. 

This can include email attachments, files uploaded from PCs, Chromebooks, phones, or even USB keys, and of course ‘files shared in’. Understanding and managing all these external file sources is key to maintaining a secure domain.

GAT+ offers comprehensive auditing and reporting on files shared into your domain.

1. Drive Audit with Sharing Flags: GAT+ allows admins to audit files shared into the domain. By applying the ‘Sharing flags’ filter for ‘Shared In’ within the Drive audit area, you can easily identify and review files from external sources.

2. Weekly GAT Activity Report: Each week, GAT+ delivers a GAT Activity Report to admins, summarizing major events within their domain. The report specifically includes the count of files shared into the domain in the previous week.

3. Detailed File Analysis: For files that appear suspicious, such as binary or zip files, GAT+ offers a detailed analysis.

This includes a general view of the file details and an ‘Events’ view. The latter shows who in your domain opened or downloaded the file and when.

These exclusive features of GAT+ provide a robust layer of security for Google Workspace domains. They ensure that admins have the necessary tools and information. This enables them to prevent and respond to potential threats from files shared into their domain.

With GAT+, you have a powerful ally in maintaining the safety and integrity of your workspace.

Closing Thoughts

Remember, the security of your Google Workspace domain is an ongoing journey. It demands continuous attention and adaptation. The use of sophisticated tools like GAT+ is essential to navigate the complexities of digital file sharing.

Stay informed and stay prepared. Leverage the best resources at your disposal. This ensures your domain remains a safe and productive environment for all users.