The First Church of Christ, Scientist

Data Governance and Data Loss Prevention for Google Docs and Sites

The First Church of Christ, Scientist Chooses CloudLock to Comply with Data Governance Practices and Prevent Data Loss

Founded by Mary Baker Eddy in 1879, The First Church of Christ, Scientist, in Boston, Massachusetts, USA is also known as The Mother Church and is the world’s headquarters for the Church of Christ, Scientist. Church members come from more than 130 countries and all walks of life.

Business Problem

The First Church of Christ, Scientist moved to Google Apps at the end of 2010 to take advantage of the suite’s cost savings and enhanced collaboration features. The Church has organized its Google Apps users within a primary domain and a dozen subdomains to align with its different divisions and organizations.

As the adoption of Google spread through the organization and more documents and sites were created, the security team felt the need for a solution that would provide the Church with visibility, control, and security for all Google Documents and Sites.

“We need to know how many documents we have, where they are, who owns them, and if any sensitive data is being exposed,” said Linda Zanoni, IT Infrastructure Manager at The First Church of Christ, Scientist.

Compliance for Google Docs and Sites

Adhering to regulations like HIPAA, SOX, and PCI does not stop with the migration to Google Apps. Data that is created in the cloud is also subject to the same regulations as data created and stored in on-premise file servers.

“CloudLock enables us to achieve compliance for the data we store in Google Apps. With CloudLock we can safely enjoy the collaboration features of Google Apps while still complying with HIPAA, SOX, and PCI,” said Zanoni.

The following CloudLock features help organizations comply with various regulations:

• Centrally Manage All Corporate Data in Subdomains – CloudLock has the option of defining a “scan scope” to include all subdomains in the organization. This approach allows companies to view, manage and control all users and documents from a single dashboard.
• Search – CloudLock enables users to search the entire domain for documents by document name, owners, dates, and content. Content search is available for all Google Docs native documents (Documents, Presentations and Spreadsheets), MS Office files, and PDFs.
• Ongoing Monitoring and Alerting - Oversee the entire domain with email alerts on newly exposed documents and changes in permissions for existing documents.

Visibility, Control and Operational Efficiency

“We feel that with CloudLock we are no longer operating blindly. CloudLock gives us visibility into exposed documents and sites, and provides us the tools we need to effectively manage and prevent risky exposures that otherwise could lead to data loss,” said Eliz Crowley, Google Apps administrator.

Both the IT and Helpdesk teams use CloudLock to:

• Gain access to a consolidated dashboard that provides an overview of users, documents, sites, and exposure classification for the entire domain
• Search or drill down to view all documents and sites in the domain, see their sharing settings and who can access what (internally and externally)
• Fully control permissions and access rights to enforce access controls by adding or removing collaborators, changing ownership, and changing collaborator access rights on all documents and sites in the domain
• Get a complete audit trail of all activities and changes performed. CloudLock provides a tamper-proof audit trail for changes and searches done via the application as well as a full audit trail for all user permission changes.

CloudLock enables the IT and Helpdesk teams to proactively monitor Google Documents and Sites and stay on-top of potential issues, and provides the operational tools they need to effectively respond to user calls.