Secure Google Drive
In a recent Gartner research article entitled “How to Control File Synchronization Services and Prevent Corporate Data Leakage”, analysts Jay Heiser and Lawrence Pingree noted the imminent threat of data leakage when employees can synchronize and share files automatically, saying:
“Consumer-grade personal file synchronization services are creating huge potential for data leakage, version conflicts and compliance gaps. End-user demand to support home PCs and personal tablets is forcing CIOs into one of three decisions: allow users to do whatever they want, provide an approved and controlled service, or totally forbid the use of such services.”
Jay Heiser, Lawrence Pingree
“How to Control File Synchronization Services and Prevent Corporate Data Leakage”
The launch of Google’s new file synchronization service, Google Drive, will cause companies using Google Apps to add more sensitive data to their cloud file server (namely Google Drive). The purpose of this page is to show how companies can take advantage of the file sharing and collaboration benefits of Google Drive while keeping their data secure.
What is Google Drive?
Google Drive is Google’s new file synchronization service, allowing users to sync documents between computers, tablets, and mobile devices. Each Google Drive account gives the user 5 gigabytes of storage with an option to purchase additional storage space. Making a change to a file in one location automatically makes the change everywhere.
What Will Google Drive Mean to Companies Using Google Apps?
Google Drive is the onramp to using Google Docs as a Cloud File Server. By creating an automatic bridge between users’ desktops and the corporate Google account, we will see:
- More Corporate Data in Google Apps = More Sensitive Data in the Cloud – When making files available anywhere is as easy as placing them in a folder on the desktop, more data will end up in Google Docs. It’s only logical that this influx of data will include sensitive data containing PII, financial records, and IP. Companies will need the visibility and control to make sure that sensitive information is shared correctly, and in compliance with corporate and industry standards.
- Google’s Enterprise Storage Grab - Google Docs has a storage limit of 1 Gigabyte per user when it comes to uploading files (the limit is not applied to documents created in Google Docs), and the introduction of Google Drive will cause frequent uploaders to hit their storage limit, making businesses purchase additional storage space. While an inexpensive add-on, this will cause more businesses to purchase additional Google Docs storage.
- More Collaboration – With more files in Google Docs, coupled with the ease of sharing, businesses will see more collaboration on formerly stagnant files buried in the local file system.
How To Secure Google Drive Data With CloudLock
With CloudLock, companies using Google Docs are able to secure data uploaded via Google Drive as well as files created from within Google Apps.
Step One: Understand Who Has Access- With CloudLock, it’s easy to understand who has access to your sensitive data, and what is accessible to whom, both inside and outside the domain.
Step Two: Fix Data Exposures- Once you’ve identified data exposures, use CloudLock to set effective permissions on Google Docs and Sites.
Step Three: Monitor For Future Issues- Use CloudLock for Google Apps reporting features to track changes to permissions in your data environment.
Creating A Security Policy for Google Drive Content
In addition to the remediation steps above, CloudLock’s Security Policy Engine lets Google Apps customers put their document security on autopilot. Follow the steps below to implement a content-aware policy for data in Google Drive:
Step #1 – Give the New Policy a Meaningful Name
Give the policy a meaningful name to track items that violate the policy. Policies are active by default, and when policies are active, all relevant documents and/or sites will be flagged every time CloudLock completes a scan.
Step #2 – Define the Data that the Policy Applies to
- Specify whether it applies to Google Documents, Google Sites or both.
- Specify if the policy applies to all users in the domain or a subset of users. If only a subset of users should be selected for the policy you can either specify:
- Users by email addresses
- Organizational Units
- Define the sharing violations for the policy. Each policy can flag any combination of the following sharing exposures:
- Public Exposure – sharing with anyone on the public Internet
- External Exposure – sharing with users outside your domain
- Internal Exposure – sharing with ALL the users domain (Everyone)
- Specified users – flag specified Google Apps users outside the domain
Optional: White List Exceptions
Optional: Content-Aware Policies
Step #3 – Define the Action for the Policy
Define the action each policy should take for the data that meets the criteria
Step #4 – Save
Click save, and the policy will be executed during the next CloudLock scan.
Try CloudLock for Google Apps
Using CloudLock for Google Apps, you’ll be able to quickly detect vulnerabilities to apply effective permissions, giving you control over data in Google Drive and reducing risk of data breaches and data leaks.
Sign up today, and get a free trial of CloudLock for Google Apps.