Google Drive Security

Cloud Cybersecurity: The Extended Perimeter - Third-Party Apps


Who’s Responsible for Securing Your Files Anyway?

There’s no denying it: the business benefits of Google Drive are incredible. Drive makes it easy to create, access, and distribute information, including the sensitive data you would like to keep an eye on. And there are security implications to it all, ones that Google, the platform, cannot be held accountable for. Keeping track of the sensitive information stored in Drive, who has access to it, and any 3rd party app connections that could become risky is entirely in your control.

First Thing’s First - Secure Your Data

A good place to start is with keeping your data secure. Although Drive (and particularly Drive for Work!) comes with fantastic built in security capabilities, such as encryption at rest and in transit, your organization is still responsible for the behavioral side – including what data users put in the cloud. Is PCI data allowed in the environment? How about anything containing intellectual property information? Could one group (take marketing, for example) be allowed different criteria from others? Make sure you have defined acceptable use policies that are actionable, as well as processes to remediate any issues that rise against them.

Don’t Forget About, Well, Collaboration

A collaboration platform is only as good as its adoption within the organization. To encourage usage, make sure to not let security interrupt collaboration and productivity. Inform users of any incidents their behaviors may trigger, help them fix them, and most importantly, make security choices easy so they can go on with their day and get their work done.

Consider 3rd Party Apps Too

The extensive access scopes of some 3rd party apps may introduce security concerns to the domain if, say, they were hacked or designed to be malicious. Still, the power stemming from the extensive network of 3rd party Google Drive applications should be harnessed, not feared. Start by discovering all shadow applications operating in your environment, focusing on their access scopes - some will be riskier than other. Then make intelligent permission decisions to keep your users efficient, while cutting unnecessary risk.

Other Resources on the Topic

Experience a Live Demo

See Cisco Cloudlock in action from one of our cloud security experts

Browser Not Supported

Your browser version is outdated.

We would recommend you upgrade to a recent version to ensure that you have a good experience on the CloudLock site. Outdated browsers also increase your security risk. So please update your browser and come back later!

Click on the icon below to download the latest version of your browser