For example, a marketing department may have a legitimate use case for sharing documents publicly, and be permitted to do so, whereas finance department users are restricted to internal sharing only. This added granularity better accommodates organizations with distinct business units and user roles. However, an Unlimited subscription allows administrators to define sharing permissions at the organizational unit level, rather than making changes that impact the entire organization. Google Apps Unlimitedīoth Google Apps for Work (GfW) and Google Apps Unlimited (GAU) feature the administrative controls described below. Below we will review each available setting as well as any potential implications. The Google Apps admin controls offer a wide range of options for configuring default sharing settings for Google Drive. However, viewers can be prevented from downloading or printing individual files in non-Google Docs formats via the details pane on the Google Drive home screen (). One area of concern for admins is that shared Google Drive files can be downloaded by either viewers or editors. For sensitive data, invite-based sharing either individually or by Group should be encouraged in lieu of link-based sharing options. Google Groups can be leveraged for invite-based sharing to expedite the process when a large number of individuals need access to a specific file or folder. This method is far more secure than link-based sharing, since collaborators are forced to authenticate themselves with a Google sign-in in order to view or edit the file. Invite-Based SharingĪs an alternative to broader, link-based sharing, Google Drive content can also be shared with specific individuals based on their email address. It is worth noting that editors can re-share a file without receiving permission from the original owner of the file. When sharing links, users can elect to share with or without edit rights. Obviously, the latter is the most dangerous in terms of accidental data exposure, since the file will be available to anyone on the internet. Users can also choose to share files externally, either to “anyone with the link,” or at a “public” setting. Choosing the “get shareable link” option will result in the file being shared to anyone inside the organization with the link.
In Google Drive, end users can share file links in several ways.
It’s also important to note that link-based sharing can result in unintentional sharing of confidential information internally, such as human resources files. Consequently, link-based sharing also poses the highest risk to data if misunderstood or misused. Link-based sharing is the most convenient way to disseminate information stored in Google Drive. First, let’s take a closer look at how sharing works in Google Drive and which practices represent a data loss threat.
This is certainly not a risk unique to the Google Drive platform, and fortunately Google provides native reporting features which help admins keep tabs on externally shared data. Google Document Sharingĭue to the open and collaborative nature of Google Drive, data loss via incorrect sharing practices is an inherent and persistent threat. Google Drive data is most likely to be lost via end user negligence/malice or compromised endpoints, and a proper evaluation of Google Drive’s security functionality should focus on these vulnerabilities.
0 kommentar(er)
