Best Practices for Protecting Intellectual Property in Google Drive
With Google Drive out, organizations are now able to offer a legitimate, enterprise, Cloud-based file sharing alternative to what are considered to be “rogue” forms of collaborations (box.net, dropbox etc). Google Drive lets users drive more content more easily and securely into Google Docs.
Intended Audience: This Google Docs Best Practices page is intended to address the needs of C-level security, collaboration, and trust professionals at companies using or considering the Google Apps productivity suite.
- Define the list of keywords that identify intellectual property that might be stored in Google Docs or otherwise in files uploaded by Google Drive users. Here’s a sample list: trade secret, patent, trademark, confidential, formulas, client lists, private or secret processes.
- Upload the list to a content and context-aware security policy engine for Google Docs and Google Sites.
a. Context Aware – Who are the owners and potential collaborators for this specific Google Doc policy?
b. Content Aware – What are the set of keywords relevant to this policy?
- Audit Google Docs for policy violations that are both context and content-aware.
- Notify relevant stakeholders entrusted with protecting intellectual property:
a. Trust Officer
b. Legal department
c. Owner of the violating documents
- Take action when a document containing a reference to IP is shared the wrong way (e.g with untrusted external organizations). The administrator can:
a. Revoke excessive access rights for Google Docs and or Sites
b. Copy the infringing documents and keep archived copies under a system account
c. Transfer ownership of the infringing documents to a system account, in effect preventing the document from being deleted
d. All of the above
See Also: Secure Google Drive