📖 3 mins read

 

File Management – Changing ownership or file access rights

 

GAT Unlock is tightly integrated with the powerful search and filter options available in GAT+. This means you only have to do things once.

In this example we are going to find all the spreadsheets owned by the group ‘sales’ that are shared externally, then we will remove the external sharing and change the ownership (on all the selected files at once).

TIP: Always narrow the file request with a search first – saves time and makes approval simpler.

Step 1: Click on the ‘Apply custom filter’ button in Drive Audit.

 

Step 2: Select the following option:

  • For the filter Type select User/Group/OU search,
  • Enter the ‘Sales’ group in this field ‘Local User/Group’, make sure to enter the full email address.
  • Select Ownership equals to Owned.  
    • This will show all the files owned by the ‘Sales’ group. Otherwise, it would show all of the files associated with the ‘Sales’ group, were Sales shows up as Owner, Editor or Reader.
  • Select the parameter Type equal to Spreadsheets and ‘Sharing flags’ contains ‘Shared out’.
    • Selecting shared out will only focus on files leaving your domain.  

You can quickly check how many files you are dealing with, by selecting ‘Show stats for the current filter‘ once the result is displayed.

 

Step 3: Next click on the files you want to audit individually ( 1 ) or click the check-mark beside the ‘Title’  ( 2) to select all files from the search.

Note: You can not perform actions on a ‘Suspended’ accounts.

 

Step 4: Once the files are selected – click on the ‘File operation’  button and then select the ‘File Management’ option.

Step 5: Change the ownership of the selected files by adding the email of the new owner.

Note: When changing the ownership, the previous owner is set up as editors of the files by default.
Access can be denied, files which are trashed can be un-trashed, and custom path for the when the ownership happens can also be set.

Step 6: To remove the external access to the spreadsheets tick in the checkmarks for removing the external permissions

 

Step 7. When all option is selected Send a request to the Security officer for approval.

 

If the request is approved, the action will take place and the owner will be changed, you will be notified as below

 

 

 

If permission is not granted by the security officer, you will also be notified and no actions will be taken.

You can check the actions in the Admin log. The changes can be undone by clicking Revert changes.

 

 

Access Permissions Granted – How to silently copy or view files

We are going to use a powerful search feature inside of the GAT+ Drive audit to identify the contents of documents we’re going to investigate.

This feature is called the ‘File content text search’, it allows admins/delegated auditor to use a word or sentence to search through all of the files across the domain and to return documents which contain them.

Step 1: Click on the ‘Apply custom filter’ button.

 

Step 2: Enter the word or sentence to return files that contain them. Select the user’s account you want to search through you can leave this field blank to search your entire domain’s Drive or enter a user, Google Group or Org Unit to search through them only.

 

You can also use multiple rules in the definition section of the Apply custom filter. I used the Updated search parameter. Once you click on the Apply button the search will begin.

It will take a few minutes depending on how many files you have across your domain.

Step 3: Select the files you are interested in, remember that these files contain the sentence “private and confidential”.

 

Step 4: Click on the ‘Files operation’ button and then select ‘Access permissions granted’.

 

Step 5: Next we will select a date in the future, we will have access to these files until this date. You have an option to write to your security officer explaining why you need access to these files.

 

Send the request to the Security Officer(s) for approval.

The following email will be sent to the Security Officer.

 

The Security Officer can click on the link in the email and will be taken to the approval area(Grant) in GAT+.

 

When the Security Officer grants access an email will be sent to the requesting Administrator/delegated auditor informing them.

The Administrator from the ‘Access permission granted’ menu can see the full list of their access requests along with the time left for each request to remain valid.

 

When the ‘Apply grant’ button is selected, the list of the files will be displayed, with an extra field called ‘Actions’ where you will have an option to ‘Download’ and ‘Show file’.



When you click ‘Show file’ you will be redirected to a carbon copy of the file itself, where you can examine the content. It will not be the actual file itself.

 

You can also use File content search to find sensitive data and take action using Unlock.