Try It Free! Feature Tour

FAQs


GENERAL | SETUP & SCAN | SECURITYCLOUDLOCK VAULTSEARCH | EXPOSURE SUMMARY FOR END USERS | SITES | SUPPORT | KNOWN ISSUES

GENERAL

Q – What is CloudLock for Google Apps?

CloudLock for Google Apps is a Google Apps Marketplace application built on Google App Engine that provides full control & visibility of all users and all documents in the domain. CloudLock adds enterprise class access controls, audits, governance, compliance, e-Discovery, and records retention. It allows organization using Google Apps to:
  • Find & protect exposed data by content / attribute
  • Perform detailed audit, governance & compliance reports
  • Apply sophisticated monitoring and alerts for end-users

Q – How do I sign up for CloudLock for Google Apps?

You can register for CloudLock for Google Apps here or directly on the Google Apps Marketplace.
Then follow the setup wizard to enable the service on your domain.

Q – Can I use CloudLock with a Google Apps account and my private Gmail Account?

CloudLock for Google Apps supports Google Apps accounts only.
All Google Apps versions are supported (Business Edition, Government, Non profit and Education).

Q – Do you offer a FREE version of CloudLock for Google Apps?

The FREE version is available for domains that have up to 10 Google Apps user accounts.
A FREE trial is also available with no upfront commitment.
We offer discounts for Government, Education and Non-Profit organizations.
For more details see CloudLock pricing

Q – What functionality is included in the FREE version?

The FREE version of CloudLock lets you view all the documents and sites in your domain. This includes all exposure and risk classification for Google Docs and Sites.
Performing the following actions: changing permissions, transferring ownership, viewing documents, etc. are only available in the paid product (and the 7 day trial).

Q – Can I fix permissions with CloudLock

CloudLock for Google Apps enables you to identify exposed content and revoke unwanted sharing permissions. Email notifications can be quickly sent to the end-user to notify of exposed documents. All the changes and actions done via CloudLock are recorded in a Audit log.

____________________________________________________________________________

SETUP & SCAN

Q – How do I setup CloudLock for Google Apps?

CloudLock for Google Apps is a Google Apps Marketplace application, and adding CloudLock for Google Apps to your organization’s Google Apps domain is fast and easy. There is no need to install anything in your corporate domain. Simply follow the step-by-step wizard to gain access to the service and configuration settings.
During the set up process you will be asked for:
  • Google Apps Domain
  • Your contact info

Q – Who can install and use CloudLock for Google Apps?

To set up CloudLock for Google Apps you need to be an administrator for your Google Apps domain.
Once CloudLock is enabled for your domain, the domain admin can designated business users or department managers as CloudLock users. They will be able to gain visibility into departmental usage, access rights and enforce sharing policies.

Q – How do I login to CloudLock for Google Apps?

CloudLock for Google Apps is a Google Apps Marketplace Application that is built on Google App Engine. It supports OPENID for single sign-on. This means that once you are logged into your Google Apps account you can simply launch CloudLock from either:
1. Your administrator dashboard or
2. The universal navigation

Q – Can I control the scan scope?

There are currently two options for defining your scan scope:

  • Primary domain users (default option) – This option will only scan users within your primary domain. Subdomain users will not be scanned.
  • Primary and subdomain users – This option will scan all users in your domain. Any user that is in the primary domain or the subdomain will be scanned. All the subdomains will be included in the CloudLock scan. Administrator credentials are required to use this scan scope.
Use: ‘Settings’ – ‘Scan Settings’ to set scan scope for your organization.
For more information on Google Apps for multi domain

Q – What account do I need to specify in order to scan subdomains?

You need to use a ‘Super Admin’ account to scan all subdomains. Make sure the account is has been activated, meaning you have logged in using this account.

____________________________________________________________________________

SECURITY

Q – What type of data does CloudLock collect from my Google Apps domain?

CloudLock collects the following metadata from your domain:
1. Document, Folder, File & Site metadata

  • Name
  • Owner
  • Collaborators (List of people who can access the document and their access rights)
  • General Attributes (type, last modification time, create time, etc..)

2. Organization and Sub-domain name
3. User names

Q – Are my domain credentials sent to cloudlock.com?

NO. CloudLock uses Single Sign-on (Open ID) to ensure that your are logged in when using the application. You will be logging in to your domain but not through CloudLock.

Q – Can I delete all collected metadata after it is sent to CloudLock?

YES. If at any time you chose to delete your metadata, contact CloudLock and we will remove it promptly. It’s your metadata.

____________________________________________________________________________

CLOUDLOCK VAULT

Q – What is CloudLock Vault?

CloudLock Vault™ is a secure area in your Google Docs environment where documents are stored and cannot be deleted or modified. Users create or upload files into their CloudLock Deposit Box™ and CloudLock Vault automatically sweeps them into a special account where they are protected.
These are the main Vault Components:

  • CloudLock Vault – A secured collection in Google Docs where documents are stored where end users cannot delete or modify them
  • Vault Deposit Box – this is a private or public Google Docs collection. This folder is accessible to end users for the purpose submitting files and documents into the vault. Files that are created/uploaded/copied into this location are picked up by CloudLock and entered into the vault.
  • Vault Folder – A collection that is accessible to end users for the purpose of viewing files/documents in the vault.

Q – Are the documents placed in the Vault protected?

Documents placed in the Vault cannot be deleted by end users.If end users have editing access, any modifications will be tracked as document revisions. Data in the vault can only be deleted if an administrator logs in as one of the vault accounts.  All changes to document settings or deletions by the Vault account will be audited in a tamper proof log.

Q – Where do the Vaulted documents go? Do they leave Google Docs

The vaulted documents always remain in the your google apps domain. The documents in the vault are secured in your Google Apps domain under specific user accounts that you control.

Q – Can end users access documents in the Vault?

All users who had access rights to a vaulted documents can still access it (read only). Vaulted documents cannot be updated or modified.

Q – Can a domain administrator access the Vault?

Domain administrators will be able to use CloudLock to list/ find the documents secured in the Vault.

Q – What auditing does the Vault provide?

All Vault activities are audited and recorded in a tamper proof log. This includes the following:
  • Vault transfer of ownership operation – once the documents are placed in the Vault document ownership is changed to the Vault account
  • All Vault settings and changes to settings
  • All changes to the document settings (changes in permissions or deletes by the Vault administrator)

Q – What happens once I discontinue the Vault?

The vaulted documents always remain in your Google Apps domain. This means that if you no longer subscribe to CloudLock, your documents remain in your Google Apps domain with your full ownership.

____________________________________________________________________________

SEARCH

Q – Can I search for documents I’m not shared on?

Yes. CloudLock provides you with robust search capabilities letting you search through ALL documents in your organization’s domain including those you are not shared on.

Q – Can I search for document content?

Content search is available for all Google Docs native documents (this includes: Documents, Presentation, Spreadsheets etc.), MS Office files and PDFs. Meta data search is available for ALL the documents. both native and non-native.

Q – Can I search based on multiple criteria?

The advanced search (click on ‘Show search options’) gives you extended search options where you can specify multiple search criteria. This includes:
  • Document name
  • Owner
  • Shared with
  • Edited and opened dates
  • Type

Q – How does it work?

All the information we provide in the search interface is derived from Google APIs that are accessible to any domain administrator. CloudLock does not index or copy any customer data.
Any subsequent action from the search results (view, change permissions, etc) will be audited as usual and is available in the document log and the admin audit log

Q – Do I need to rescan my domain to get the most accurate search results?

No. The search is performed on your domain in real-time and does not require you to rescan.

____________________________________________________________________________

EXPOSURE SUMMARY FOR END USERS

Q – Data owners can now easily view and manage external sharing and collaboration. Why is this important?

Enabling CloudLock’s “End User Enablement” lets you delegate security to the data owners, letting IT and users share the security burden collaboratively.
With CloudLock’s End User Enablement features, end-users get the visibility they need to see which documents might be improperly shared, and the IT/Security team gets the controls necessary to maintain overall security for the entire domain.

Q – How does this work? Where do users need to go to see the exposure summary?

Users see their exposure classification for documents they own directly in Google Docs. The documents are tagged and classified into the following 4 categories:

  1. Public Exposure – Documents that are exposed to everyone on the Internet
  2. External Exposure – Documents that are exposed outside the domain
  3. Internal Exposure – Documents that are shared with everyone in the domain
  4. New Exposure – Includes all newly exposed documents in the last 7 days

The classification is shown natively in the user’s Google Documents.

Q – Can I enable this exposure classification to selected users in my domain?

Yes. You can specify individual users or enable exposure classification to all users in the domain.

Q – How often is the exposure classification updated for end users?

Exposure classification is updated each time CloudLock completes a scan of your domain. Setting the scan frequency is available in the “Settings” section in CloudLock.

Q – Is it possible to see just new exposures and not all?

The “New Exposure” collection is designed to tag just newly exposed documents. All documents that have become exposed in the past 7 days will be tagged in this collection.

Q – Is it possible to receive an email alert for new exposures?

Yes. You can choose this option when you set up end user enablement or you can add it later. Once email alerts are turned on, data owners will get an email alert each time a document they own becomes exposed (whether exposed by the data owner or by a collaborator).

____________________________________________________________________________

SITES

Q – How do I enable CloudLock support for Google Sites?

CloudLock for Google Sites is included in CloudLock Security for Google Apps and also available in all trials. To access this feature, click the “Sites” link in the left navigation menu.

Q – What is included in CloudLock for Google Sites?

Support for Google Sites brings many of the benefits of CloudLock to customers including:

  1. Exposure classification for all Sites in the domain
  2. Access rights and permissions management for Google Sites to change permissions and secure sites that are mistakenly exposed
  3. Comprehensive user auditing with the ability to audit all Documents and Sites for each user in the domain

Q – How do I remove exposures in Google Sites?

To remove unwanted public or external exposure from Google Sites please follow the How To guide on: How To Remove Public Exposure in Google Sites

Q – Can I see external Sites that are shared with our domain?

Externally created Sites are not yet supported by Google’s APIs.

____________________________________________________________________________

SUPPORT

Q – If I have a question or a problem how do I get support?

We want to make you successful, any question or problems you encounter can be answered by either sending an email to support@cloudlock.com, calling us at 781-996-4332 (x-116) or using the live chat support on our website.

____________________________________________________________________________

KNOWN ISSUES

Scan didn’t complete for all users

There are a few cases where a scan will not complete for all the users in a domain:

  1. Trial account are limited to 200 Google Apps accounts. CloudLock for Google Apps will stop scanning after 200 users and will show data relevant to the users scanned. To resolve this issue you will have to upgrade to a paid account.
  2. Support for suspended users – we have limited ability to report on documents suspended users own or can access. In order get an accurate report, we recommend you unsuspend the user, scan and re-suspend the user. We are working with Google to improve this behavior.

Internal server error

If you see this in your browser it is most likely caused by a momentary load on our system.
You shouldn’t experience this, but if you do, refresh your browser and please let us know at support@cloudlock.com
Powered by Olark